2024-09-01 20:56:12 +03:00
|
|
|
---
|
|
|
|
|
- name: Set disable_ipv6 parameters in the sysctl configuration file
|
|
|
|
|
ansible.posix.sysctl:
|
|
|
|
|
name: "{{ item }}"
|
|
|
|
|
value: "1"
|
|
|
|
|
reload: false
|
|
|
|
|
loop:
|
|
|
|
|
- net.ipv6.conf.all.disable_ipv6
|
|
|
|
|
- net.ipv6.conf.default.disable_ipv6
|
|
|
|
|
- net.ipv6.conf.lo.disable_ipv6
|
|
|
|
|
- net.ipv4.ip_forward
|
|
|
|
|
notify: Reload the sysctl configuration
|
|
|
|
|
|
2024-09-01 21:07:16 +03:00
|
|
|
- name: Enable NetworkManager
|
|
|
|
|
service:
|
|
|
|
|
name: NetworkManager
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
2024-09-01 20:59:01 +03:00
|
|
|
|
2024-09-01 21:18:34 +03:00
|
|
|
- name: Enable ModemManager
|
|
|
|
|
service:
|
|
|
|
|
name: ModemManager
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
|
|
- name: Start enable iptables
|
|
|
|
|
service:
|
|
|
|
|
name: iptables
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
|
|
- name: Disable dnsmasq
|
|
|
|
|
service:
|
|
|
|
|
name: dnsmasq
|
|
|
|
|
state: stopped
|
|
|
|
|
enabled: false
|
2024-09-01 20:56:12 +03:00
|
|
|
|
2024-09-01 22:27:07 +03:00
|
|
|
- name: Get physical interfaces names WIFI modems
|
2024-09-01 20:56:12 +03:00
|
|
|
command: find /sys/class/net -type l -lname '*wlp*' -printf '%f\n'
|
|
|
|
|
register: wifi_int
|
|
|
|
|
changed_when: false
|
|
|
|
|
check_mode: false
|
|
|
|
|
|
2024-09-01 22:27:07 +03:00
|
|
|
- name: Get physical interfaces names LTE modems
|
|
|
|
|
command: find /sys/class/net -type l -lname '*wwp*' -printf '%f\n'
|
|
|
|
|
register: lte_int
|
|
|
|
|
changed_when: false
|
|
|
|
|
check_mode: false
|
|
|
|
|
|
2024-09-01 22:28:34 +03:00
|
|
|
- name: Configure dnsmasq
|
|
|
|
|
template:
|
|
|
|
|
src: dnsmasq.conf.j2
|
|
|
|
|
dest: /etc/dnsmasq.conf
|
|
|
|
|
- name: Configure NetworkManager
|
|
|
|
|
template:
|
|
|
|
|
src: NetworkManager.conf.j2
|
|
|
|
|
dest: /etc/NetworkManager/NetworkManager.conf
|
|
|
|
|
notify: Reload NetworkManager
|
|
|
|
|
|
2024-09-01 20:56:12 +03:00
|
|
|
- name: Run nmcli to check if wifi access point connection has already been added
|
|
|
|
|
shell: /usr/bin/nmcli c | grep {{ wifi_ssid }}
|
|
|
|
|
register: nmcli_result
|
|
|
|
|
ignore_errors: True
|
|
|
|
|
|
|
|
|
|
- name: Check result nmcli
|
|
|
|
|
set_fact:
|
|
|
|
|
nmcli_failed: "{{ nmcli_result.rc != 0 }}"
|
|
|
|
|
|
|
|
|
|
- name: Run nmcli to add a connection with the specified parameters as a wifi access point if above check has failed
|
|
|
|
|
command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} type wifi ssid {{ wifi_ssid }} mode ap ip4 {{ wifi_int_ip }}
|
|
|
|
|
when: nmcli_failed
|
|
|
|
|
|
2024-09-01 22:27:07 +03:00
|
|
|
- name: Run nmcli to add a connection LTE
|
2024-09-01 22:32:03 +03:00
|
|
|
command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ LTE_con_name }} ifname cdc-wdm0 type gsm apn "internet"
|
2024-09-01 22:27:07 +03:00
|
|
|
|
2024-09-01 20:56:12 +03:00
|
|
|
- name: Run nmcli to add WPA-PSK security to the wifi connection
|
|
|
|
|
command: /usr/bin/nmcli c mod {{ wifi_ssid }} \
|
|
|
|
|
802-11-wireless.band bg \
|
|
|
|
|
802-11-wireless.channel 1 \
|
|
|
|
|
802-11-wireless-security.key-mgmt wpa-psk \
|
|
|
|
|
802-11-wireless-security.proto rsn \
|
|
|
|
|
802-11-wireless-security.group ccmp \
|
|
|
|
|
802-11-wireless-security.pairwise ccmp \
|
|
|
|
|
802-11-wireless-security.psk {{ wifi_psk }} \
|
|
|
|
|
ipv4.method shared \
|
|
|
|
|
ipv4.addr {{ wifi_int_ip }}/24
|
|
|
|
|
|
|
|
|
|
- name: Run nmcli to activate wifi access point connection
|
|
|
|
|
command: /usr/bin/nmcli c up {{ wifi_ssid }}
|
|
|
|
|
|
2024-09-01 22:34:15 +03:00
|
|
|
- name: Run nmcli to activate LTE access point connection
|
2024-09-01 22:36:24 +03:00
|
|
|
command: /usr/bin/nmcli c up {{ LTE_con_name }}
|
2024-09-01 22:47:35 +03:00
|
|
|
|
|
|
|
|
- name: Allow traffic from {{ wifi_int.stdout }} to {{ lte_int.stdout }}
|
|
|
|
|
iptables:
|
|
|
|
|
chain: FORWARD
|
|
|
|
|
in_interface: "{{ wifi_int.stdout }}"
|
|
|
|
|
out_interface: "{{ lte_int.stdout }}"
|
|
|
|
|
jump: ACCEPT
|
|
|
|
|
|
2024-09-01 22:50:53 +03:00
|
|
|
- name: Enable masquerading for {{ lte_int.stdout }}
|
2024-09-01 22:47:35 +03:00
|
|
|
iptables:
|
|
|
|
|
chain: POSTROUTING
|
|
|
|
|
jump: MASQUERADE
|
2024-09-01 22:50:53 +03:00
|
|
|
table: nat
|
2024-09-01 22:47:35 +03:00
|
|
|
out_interface: "{{ lte_int.stdout }}"
|
2024-09-01 22:50:53 +03:00
|
|
|
|
|
|
|
|
- name: Save iptables rules
|
|
|
|
|
command: iptables-save -f /etc/iptables/iptables.rules
|
2024-09-01 20:56:12 +03:00
|
|
|
# - name: Configure {{ wifi_int.stdout_lines | first }} interface
|
|
|
|
|
# template:
|
|
|
|
|
# src: 25-wireless.network.j2
|
|
|
|
|
# dest: /etc/systemd/network/25-wireless.network
|
|
|
|
|
# notify: Restart systemd-networkd
|
|
|
|
|
|
|
|
|
|
# - name: Configure NetworkManager
|
|
|
|
|
# template:
|
|
|
|
|
# src: unmanaged.conf.j2
|
|
|
|
|
# dest: /etc/NetworkManager/conf.d/unmanaged.conf
|
|
|
|
|
# notify: Restart NetworkManager
|
|
|
|
|
|
|
|
|
|
# - name: Configure hostapd
|
|
|
|
|
# template:
|
|
|
|
|
# src: hostapd.conf.j2
|
|
|
|
|
# dest: /etc/hostapd/hostapd.conf
|
|
|
|
|
# notify: Restart hostapd
|
|
|
|
|
|
|
|
|
|
# - name: Configure hostapd
|
|
|
|
|
# template:
|
|
|
|
|
# src: dhcpd.conf.j2
|
|
|
|
|
# dest: /etc/dhcpd.conf
|
|
|
|
|
# # notify: Restart dhcpd
|
|
|
|
|
|
|
|
|
|
# - name: Enable services
|
|
|
|
|
# service: "{{ app }}"
|
|
|
|
|
# enabled: yes
|
|
|
|
|
# loop: "{{ apps }}"
|
|
|
|
|
# loop_control:
|
|
|
|
|
# loop_var: "app"
|
|
|
|
|
# - name: Force all notified handlers to run at this point
|
|
|
|
|
# ansible.builtin.meta: flush_handlers
|
|
|
|
|
|
