2024-09-01 20:56:12 +03:00
|
|
|
---
|
2024-09-08 15:18:34 +03:00
|
|
|
# - name: Set disable_ipv6 parameters in the sysctl configuration file
|
|
|
|
|
# ansible.posix.sysctl:
|
|
|
|
|
# name: "{{ item }}"
|
|
|
|
|
# value: "1"
|
|
|
|
|
# reload: false
|
|
|
|
|
# loop:
|
|
|
|
|
# - net.ipv6.conf.all.disable_ipv6
|
|
|
|
|
# - net.ipv6.conf.default.disable_ipv6
|
|
|
|
|
# - net.ipv6.conf.lo.disable_ipv6
|
|
|
|
|
# - net.ipv4.ip_forward
|
|
|
|
|
# notify: Reload the sysctl configuration
|
2024-09-01 20:56:12 +03:00
|
|
|
|
2024-09-08 15:17:36 +03:00
|
|
|
- name: Sysctl configuration file
|
2024-09-08 15:18:34 +03:00
|
|
|
lineinfile:
|
2024-09-08 15:19:42 +03:00
|
|
|
path: /etc/sysctl.d/99-sysctl.conf
|
2024-09-08 15:17:36 +03:00
|
|
|
state: present
|
|
|
|
|
line: net.ipv4.ip_forward=1
|
|
|
|
|
notify: Reload the sysctl configuration
|
2024-09-08 15:19:42 +03:00
|
|
|
|
2024-09-01 21:07:16 +03:00
|
|
|
- name: Enable NetworkManager
|
|
|
|
|
service:
|
|
|
|
|
name: NetworkManager
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
2024-09-01 20:59:01 +03:00
|
|
|
|
2024-09-01 21:18:34 +03:00
|
|
|
- name: Enable ModemManager
|
|
|
|
|
service:
|
|
|
|
|
name: ModemManager
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
|
|
|
|
|
|
|
|
|
- name: Start enable iptables
|
|
|
|
|
service:
|
|
|
|
|
name: iptables
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
|
|
|
|
|
2024-09-07 09:30:00 +03:00
|
|
|
- name: Enable dnsmasq
|
2024-09-01 21:18:34 +03:00
|
|
|
service:
|
|
|
|
|
name: dnsmasq
|
2024-09-07 09:30:00 +03:00
|
|
|
state: started
|
|
|
|
|
enabled: true
|
2024-09-03 19:13:07 +03:00
|
|
|
tags: dnsmasq
|
|
|
|
|
|
|
|
|
|
- name: Get physical interfaces without LTE modem interface
|
2024-10-12 19:26:42 +03:00
|
|
|
command: find /sys/class/net -type l -not -lname '*virtual*' -not -name '*wwp*' -not -name '*wlp*' -printf '%f\n'
|
2024-09-03 19:13:07 +03:00
|
|
|
register: without_lte
|
|
|
|
|
changed_when: false
|
|
|
|
|
check_mode: false
|
|
|
|
|
tags:
|
|
|
|
|
- dnsmasq
|
|
|
|
|
- iptables
|
2024-10-12 19:26:42 +03:00
|
|
|
- test
|
|
|
|
|
- name: find interface facts
|
|
|
|
|
debug:
|
|
|
|
|
msg: "{{ hostvars[inventory_hostname]['ansible_%s' | format(item)]['ipv4']['address'] | default('No ipv4 address')}} "
|
|
|
|
|
loop: "{{ ansible_interfaces }}"
|
|
|
|
|
tags: test
|
2024-09-03 19:13:07 +03:00
|
|
|
|
2024-09-01 22:27:07 +03:00
|
|
|
- name: Get physical interfaces names WIFI modems
|
2024-09-01 20:56:12 +03:00
|
|
|
command: find /sys/class/net -type l -lname '*wlp*' -printf '%f\n'
|
|
|
|
|
register: wifi_int
|
|
|
|
|
changed_when: false
|
|
|
|
|
check_mode: false
|
|
|
|
|
|
2024-09-01 22:27:07 +03:00
|
|
|
- name: Get physical interfaces names LTE modems
|
|
|
|
|
command: find /sys/class/net -type l -lname '*wwp*' -printf '%f\n'
|
|
|
|
|
register: lte_int
|
|
|
|
|
changed_when: false
|
|
|
|
|
check_mode: false
|
|
|
|
|
|
2024-09-01 22:28:34 +03:00
|
|
|
- name: Configure dnsmasq
|
|
|
|
|
template:
|
|
|
|
|
src: dnsmasq.conf.j2
|
2024-09-08 13:16:07 +03:00
|
|
|
dest: /etc/dnsmasq.conf
|
2024-09-08 13:12:17 +03:00
|
|
|
|
|
|
|
|
- name: Configure udiskie
|
|
|
|
|
template:
|
|
|
|
|
src: udisks2.conf.j2
|
2024-09-08 13:16:07 +03:00
|
|
|
dest: /etc/udisks2/udisks2.conf
|
2024-09-03 19:13:07 +03:00
|
|
|
tags: dnsmasq
|
|
|
|
|
|
2024-09-08 13:12:17 +03:00
|
|
|
- name: Configure udiskie service
|
|
|
|
|
template:
|
|
|
|
|
src: udiskie.service.j2
|
|
|
|
|
dest: /etc/systemd/system/udiskie.service
|
|
|
|
|
notify: daemon-reload
|
2024-09-08 13:16:07 +03:00
|
|
|
|
2024-09-08 13:12:17 +03:00
|
|
|
- name: Enable udiskie
|
|
|
|
|
service:
|
|
|
|
|
name: udiskie
|
|
|
|
|
state: started
|
|
|
|
|
enabled: true
|
|
|
|
|
|
2024-09-01 20:56:12 +03:00
|
|
|
- name: Run nmcli to check if wifi access point connection has already been added
|
|
|
|
|
shell: /usr/bin/nmcli c | grep {{ wifi_ssid }}
|
|
|
|
|
register: nmcli_result
|
|
|
|
|
ignore_errors: True
|
|
|
|
|
|
2024-09-03 23:36:03 +03:00
|
|
|
- name: Check result nmcli
|
2024-09-01 20:56:12 +03:00
|
|
|
set_fact:
|
|
|
|
|
nmcli_failed: "{{ nmcli_result.rc != 0 }}"
|
|
|
|
|
|
2024-09-08 12:39:23 +03:00
|
|
|
- name: Run nmcli to check if Ethernet connection has already been added
|
2024-10-12 19:30:20 +03:00
|
|
|
shell: /usr/bin/nmcli c | grep 'Ethernet-{{ int_name }}'
|
2024-10-12 20:00:06 +03:00
|
|
|
set_fact:
|
|
|
|
|
nmcli_result_eth_{{ int_name }}
|
2024-09-08 12:39:23 +03:00
|
|
|
ignore_errors: True
|
2024-10-12 19:32:01 +03:00
|
|
|
loop: "{{ phy_ints }}"
|
|
|
|
|
loop_control:
|
|
|
|
|
loop_var: int_name
|
2024-10-12 20:00:06 +03:00
|
|
|
tags: check
|
2024-10-12 19:47:53 +03:00
|
|
|
|
2024-09-08 12:39:23 +03:00
|
|
|
- name: Check result nmcli eth
|
|
|
|
|
set_fact:
|
2024-10-12 20:00:06 +03:00
|
|
|
"nmcli_eth_failed_{{ int_name }}: {{ nmcli_result_eth-{{ int_name }}.rc != 0 }}"
|
2024-10-12 19:47:53 +03:00
|
|
|
loop: "{{ nmcli_result_eth }}"
|
2024-10-12 19:34:56 +03:00
|
|
|
loop_control:
|
|
|
|
|
loop_var: int_name
|
2024-10-12 20:00:06 +03:00
|
|
|
tags: check
|
2024-09-08 12:39:23 +03:00
|
|
|
- name: Run nmcli to check if Ethernet connection has already been added
|
|
|
|
|
shell: /usr/bin/nmcli c | grep 'LTE'
|
|
|
|
|
register: nmcli_result_lte
|
|
|
|
|
ignore_errors: True
|
|
|
|
|
|
|
|
|
|
- name: Check result nmcli lte
|
|
|
|
|
set_fact:
|
|
|
|
|
nmcli_lte_failed: "{{ nmcli_result_lte.rc != 0 }}"
|
|
|
|
|
|
|
|
|
|
- name: Run nmcli to check if bridge connection has already been added
|
|
|
|
|
shell: /usr/bin/nmcli c | grep 'bridge'
|
|
|
|
|
register: nmcli_result_bridge
|
|
|
|
|
ignore_errors: True
|
|
|
|
|
|
|
|
|
|
- name: Check result nmcli lte
|
|
|
|
|
set_fact:
|
|
|
|
|
nmcli_bridge_failed: "{{ nmcli_result_bridge.rc != 0 }}"
|
2024-09-03 20:28:01 +03:00
|
|
|
|
2024-09-07 09:43:15 +03:00
|
|
|
- name: Run nmcli to add a connection LTE
|
2024-09-08 13:02:46 +03:00
|
|
|
command: /usr/bin/nmcli c add ipv6.method disabled autoconnect yes save yes con-name {{ LTE_con_name }} ifname cdc-wdm0 type gsm apn "internet"
|
2024-09-08 12:39:23 +03:00
|
|
|
when: nmcli_lte_failed
|
2024-09-04 20:51:30 +03:00
|
|
|
|
2024-09-03 23:36:03 +03:00
|
|
|
- name: Configure bridge
|
2024-09-09 21:04:15 +03:00
|
|
|
command: /usr/bin/nmcli c add type bridge ifname br0 autoconnect yes save yes con-name bridge stp no ipv6.method disabled ipv4.method manual ipv4.addr {{ wifi_int_ip }}/24
|
2024-09-08 12:39:23 +03:00
|
|
|
when: nmcli_bridge_failed
|
2024-09-09 21:04:15 +03:00
|
|
|
|
2024-09-03 23:36:03 +03:00
|
|
|
- name: Configure bridge1
|
2024-10-12 19:26:42 +03:00
|
|
|
command: /usr/bin/nmcli c add ipv6.method disabled type bridge-slave con-name 'Ethernet-{{ int_name }}' ifname {{ int_name }} master br0 autoconnect yes save yes
|
2024-09-11 23:22:36 +03:00
|
|
|
loop: "{{ phy_ints }}"
|
2024-09-04 20:51:30 +03:00
|
|
|
loop_control:
|
2024-09-03 23:36:03 +03:00
|
|
|
loop_var: int_name
|
2024-09-08 12:39:23 +03:00
|
|
|
when: nmcli_eth_failed
|
|
|
|
|
|
2024-09-04 20:51:30 +03:00
|
|
|
- name: Run nmcli to add a connection with the specified parameters as a wifi access point if above check has failed
|
2024-09-08 13:48:39 +03:00
|
|
|
command: /usr/bin/nmcli c add ipv4.method shared autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} \
|
|
|
|
|
type wifi \
|
|
|
|
|
slave-type bridge \
|
|
|
|
|
master br0 \
|
|
|
|
|
wifi.ssid {{ wifi_ssid }} \
|
2024-09-08 14:44:30 +03:00
|
|
|
wifi.band a \
|
2024-09-08 15:20:41 +03:00
|
|
|
wifi.channel 36 \
|
2024-09-08 12:39:23 +03:00
|
|
|
wifi.mode ap \
|
|
|
|
|
wifi-sec.proto rsn \
|
|
|
|
|
wifi-sec.pairwise ccmp \
|
|
|
|
|
wifi-sec.psk {{ wifi_psk }} \
|
2024-09-08 12:43:31 +03:00
|
|
|
wifi-sec.key-mgmt wpa-psk
|
2024-09-08 13:48:39 +03:00
|
|
|
when: nmcli_failed
|
|
|
|
|
|
2024-09-07 09:43:15 +03:00
|
|
|
- name: Apply tags to tasks within included file
|
|
|
|
|
include_tasks: iptables.yaml
|
|
|
|
|
args:
|
|
|
|
|
apply:
|
|
|
|
|
tags:
|
|
|
|
|
- iptables
|
|
|
|
|
tags:
|
|
|
|
|
- iptables
|
|
|
|
|
- flush
|
