From 9b75b3339d8168442ba91e30471b5112a7b67a57 Mon Sep 17 00:00:00 2001 From: Aleksandr Malyavin Date: Tue, 3 Sep 2024 23:36:03 +0300 Subject: [PATCH] ff --- roles/configure/tasks/mail.yaml | 170 ++++++++++++++++++ .../tasks/{main.yaml => main.yaml_old} | 2 +- 2 files changed, 171 insertions(+), 1 deletion(-) create mode 100644 roles/configure/tasks/mail.yaml rename roles/configure/tasks/{main.yaml => main.yaml_old} (99%) diff --git a/roles/configure/tasks/mail.yaml b/roles/configure/tasks/mail.yaml new file mode 100644 index 0000000..101e002 --- /dev/null +++ b/roles/configure/tasks/mail.yaml @@ -0,0 +1,170 @@ +--- +- name: Set disable_ipv6 parameters in the sysctl configuration file + ansible.posix.sysctl: + name: "{{ item }}" + value: "1" + reload: false + loop: + - net.ipv6.conf.all.disable_ipv6 + - net.ipv6.conf.default.disable_ipv6 + - net.ipv6.conf.lo.disable_ipv6 + - net.ipv4.ip_forward + notify: Reload the sysctl configuration + +- name: Enable NetworkManager + service: + name: NetworkManager + state: started + enabled: true + +- name: Enable ModemManager + service: + name: ModemManager + state: started + enabled: true + +- name: Start enable iptables + service: + name: iptables + state: started + enabled: true + +- name: Disable dnsmasq + service: + name: dnsmasq + state: stopped +# Отключаем dnsmasq. NetworkManager запускает экземпляр dnsmasq + enabled: false + tags: dnsmasq + +- name: Get physical interfaces without LTE modem interface + command: find /sys/class/net -type l -not -lname '*virtual*' -not -name '*wwp*' -printf '%f\n' + register: without_lte + changed_when: false + check_mode: false + tags: + - dnsmasq + - iptables + + +- name: Get physical interfaces names WIFI modems + command: find /sys/class/net -type l -lname '*wlp*' -printf '%f\n' + register: wifi_int + changed_when: false + check_mode: false + +- name: Get physical interfaces names LTE modems + command: find /sys/class/net -type l -lname '*wwp*' -printf '%f\n' + register: lte_int + changed_when: false + check_mode: false + +- name: Configure dnsmasq + template: + src: dnsmasq.conf.j2 + dest: /etc/dnsmasq.conf + tags: dnsmasq + +- name: Configure NetworkManager + template: + src: NetworkManager.conf.j2 + dest: /etc/NetworkManager/NetworkManager.conf + notify: Reload NetworkManager + +- name: Run nmcli to check if wifi access point connection has already been added + shell: /usr/bin/nmcli c | grep {{ wifi_ssid }} + register: nmcli_result + ignore_errors: True + +- name: Check result nmcli + set_fact: + nmcli_failed: "{{ nmcli_result.rc != 0 }}" + +- name: Run nmcli to add a connection with the specified parameters as a wifi access point if above check has failed + command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} type wifi ssid {{ wifi_ssid }} mode ap ip4 {{ wifi_int_ip }} + when: nmcli_failed + +- name: Run nmcli to add a connection LTE + command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ LTE_con_name }} ifname cdc-wdm0 type gsm apn "internet" + tags: br +- name: Configure bridge + command: /usr/bin/nmcli c add type bridge ifname br0 autoconnect yes save yes con-name bridge + tags: br +- name: Configure bridge1 + command: /usr/bin/nmcli c add type bridge-slave ifname {{ int_name }} master br0 + loop: + - wlp88s0 + - enp90s0 + loop_control: + loop_var: int_name + tags: br +- name: set ip for bridge + command: /usr/bin/nmcli c mod bridge ipv4.addr {{ wifi_int_ip }}/24 ipv4.method manual + tags: br + +- name: set ip for bridge + command: /usr/bin/nmcli c up bridge + tags: br + +- name: Run nmcli to add WPA-PSK security to the wifi connection + command: /usr/bin/nmcli c mod {{ wifi_ssid }} \ + 802-11-wireless.band bg \ + 802-11-wireless.channel 1 \ + 802-11-wireless-security.key-mgmt wpa-psk \ + 802-11-wireless-security.proto rsn \ + 802-11-wireless-security.group ccmp \ + 802-11-wireless-security.pairwise ccmp \ + 802-11-wireless-security.psk {{ wifi_psk }} \ + ipv4.method shared + +- name: Run nmcli to activate wifi access point connection + command: /usr/bin/nmcli c up {{ wifi_ssid }} + +- name: Run nmcli to activate LTE access point connection + command: /usr/bin/nmcli c up {{ LTE_con_name }} + +- name: Apply tags to tasks within included file + include_tasks: iptables.yaml + args: + apply: + tags: + - iptables + tags: + - iptables + - flush + + + +# - name: Configure {{ wifi_int.stdout_lines | first }} interface +# template: +# src: 25-wireless.network.j2 +# dest: /etc/systemd/network/25-wireless.network +# notify: Restart systemd-networkd + +# - name: Configure NetworkManager +# template: +# src: unmanaged.conf.j2 +# dest: /etc/NetworkManager/conf.d/unmanaged.conf +# notify: Restart NetworkManager + +# - name: Configure hostapd +# template: +# src: hostapd.conf.j2 +# dest: /etc/hostapd/hostapd.conf +# notify: Restart hostapd + +# - name: Configure hostapd +# template: +# src: dhcpd.conf.j2 +# dest: /etc/dhcpd.conf +# # notify: Restart dhcpd + +# - name: Enable services +# service: "{{ app }}" +# enabled: yes +# loop: "{{ apps }}" +# loop_control: +# loop_var: "app" +# - name: Force all notified handlers to run at this point +# ansible.builtin.meta: flush_handlers + diff --git a/roles/configure/tasks/main.yaml b/roles/configure/tasks/main.yaml_old similarity index 99% rename from roles/configure/tasks/main.yaml rename to roles/configure/tasks/main.yaml_old index 2448e0d..b33d2e8 100644 --- a/roles/configure/tasks/main.yaml +++ b/roles/configure/tasks/main.yaml_old @@ -115,7 +115,7 @@ # when: phy1_failed - name: Configure physical interface {{ phy_int2_name }} - command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ phy_int2_name }} ifname {{ phy2_iface_name }} type ethernet ipv4.method shared ipv4.address {{ phy_int2 }} + command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ phy_int2_name }} ifname {{ phy2_iface_name }} type ethernet ipv4.method shared when: phy2_failed - name: Run nmcli to add a connection LTE