--- # - name: Set disable_ipv6 parameters in the sysctl configuration file # ansible.posix.sysctl: # name: "{{ item }}" # value: "1" # reload: false # loop: # - net.ipv6.conf.all.disable_ipv6 # - net.ipv6.conf.default.disable_ipv6 # - net.ipv6.conf.lo.disable_ipv6 # - net.ipv4.ip_forward # notify: Reload the sysctl configuration - name: Sysctl configuration file lineinfile: path: /etc/sysctl.d/99-sysctl.conf state: present line: net.ipv4.ip_forward=1 notify: Reload the sysctl configuration - name: Enable NetworkManager service: name: NetworkManager state: started enabled: true - name: Enable ModemManager service: name: ModemManager state: started enabled: true - name: Start enable iptables service: name: iptables state: started enabled: true - name: Enable dnsmasq service: name: dnsmasq state: started enabled: true tags: dnsmasq - name: Get physical interfaces without LTE modem interface command: find /sys/class/net -type l -not -lname '*virtual*' -not -name '*wwp*' -printf '%f\n' register: without_lte changed_when: false check_mode: false tags: - dnsmasq - iptables - name: Get physical interfaces names WIFI modems command: find /sys/class/net -type l -lname '*wlp*' -printf '%f\n' register: wifi_int changed_when: false check_mode: false - name: Get physical interfaces names LTE modems command: find /sys/class/net -type l -lname '*wwp*' -printf '%f\n' register: lte_int changed_when: false check_mode: false - name: Configure dnsmasq template: src: dnsmasq.conf.j2 dest: /etc/dnsmasq.conf - name: Configure udiskie template: src: udisks2.conf.j2 dest: /etc/udisks2/udisks2.conf tags: dnsmasq - name: Configure udiskie service template: src: udiskie.service.j2 dest: /etc/systemd/system/udiskie.service notify: daemon-reload - name: Enable udiskie service: name: udiskie state: started enabled: true - name: Run nmcli to check if wifi access point connection has already been added shell: /usr/bin/nmcli c | grep {{ wifi_ssid }} register: nmcli_result ignore_errors: True - name: Check result nmcli set_fact: nmcli_failed: "{{ nmcli_result.rc != 0 }}" - name: Run nmcli to check if Ethernet connection has already been added shell: /usr/bin/nmcli c | grep 'Ethernet' register: nmcli_result_eth ignore_errors: True - name: Check result nmcli eth set_fact: nmcli_eth_failed: "{{ nmcli_result_eth.rc != 0 }}" - name: Run nmcli to check if Ethernet connection has already been added shell: /usr/bin/nmcli c | grep 'LTE' register: nmcli_result_lte ignore_errors: True - name: Check result nmcli lte set_fact: nmcli_lte_failed: "{{ nmcli_result_lte.rc != 0 }}" - name: Run nmcli to check if bridge connection has already been added shell: /usr/bin/nmcli c | grep 'bridge' register: nmcli_result_bridge ignore_errors: True - name: Check result nmcli lte set_fact: nmcli_bridge_failed: "{{ nmcli_result_bridge.rc != 0 }}" - name: Run nmcli to add a connection LTE command: /usr/bin/nmcli c add ipv6.method disabled autoconnect yes save yes con-name {{ LTE_con_name }} ifname cdc-wdm0 type gsm apn "internet" when: nmcli_lte_failed - name: Configure bridge command: /usr/bin/nmcli c add type bridge ifname br0 autoconnect yes save yes con-name bridge stp no ipv6.method disabled ipv4.method manual ipv4.addr {{ wifi_int_ip }}/24 when: nmcli_bridge_failed - name: Configure bridge1 command: /usr/bin/nmcli c add ipv6.method disabled type bridge-slave con-name 'Ethernet' ifname {{ int_name }} master br0 autoconnect yes save yes loop: "{{ phy_ints }}" loop_control: loop_var: int_name when: nmcli_eth_failed - name: Run nmcli to add a connection with the specified parameters as a wifi access point if above check has failed command: /usr/bin/nmcli c add ipv4.method shared autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} \ type wifi \ slave-type bridge \ master br0 \ wifi.ssid {{ wifi_ssid }} \ wifi.band a \ wifi.channel 36 \ wifi.mode ap \ wifi-sec.proto rsn \ wifi-sec.pairwise ccmp \ wifi-sec.psk {{ wifi_psk }} \ wifi-sec.key-mgmt wpa-psk when: nmcli_failed - name: Apply tags to tasks within included file include_tasks: iptables.yaml args: apply: tags: - iptables tags: - iptables - flush