nm/roles/configure/tasks/main.yaml

---
- name: Set disable_ipv6 parameters in the sysctl configuration file
  ansible.posix.sysctl:
    name: "{{ item }}"
    value: "1"
    reload: false
  loop:
    - net.ipv6.conf.all.disable_ipv6
    - net.ipv6.conf.default.disable_ipv6
    - net.ipv6.conf.lo.disable_ipv6
    - net.ipv4.ip_forward
  notify: Reload the sysctl configuration

- name: Enable NetworkManager
  service: 
    name: NetworkManager
    state: started
    enabled: true

- name: Enable ModemManager
  service: 
    name: ModemManager
    state: started
    enabled: true

- name: Start enable iptables
  service: 
    name: iptables
    state: started
    enabled: true

- name: Disable dnsmasq
  service: 
    name: dnsmasq
    state: stopped
# Отключаем dnsmasq. NetworkManager запускает экземпляр dnsmasq
    enabled: false 
  tags: dnsmasq

- name: Get physical interfaces without LTE modem interface
  command: find /sys/class/net -type l -not -lname '*virtual*' -not -name '*wwp*' -printf '%f\n' 
  register: without_lte
  changed_when: false
  check_mode: false
  tags: 
  - dnsmasq
  - iptables


- name: Get physical interfaces names WIFI modems
  command: find /sys/class/net -type l -lname '*wlp*' -printf '%f\n' 
  register: wifi_int
  changed_when: false
  check_mode: false

- name: Get physical interfaces names LTE modems
  command: find /sys/class/net -type l -lname '*wwp*' -printf '%f\n' 
  register: lte_int
  changed_when: false
  check_mode: false

- name: Configure dnsmasq
  template:
    src: dnsmasq.conf.j2
    dest: /etc/dnsmasq.conf
  tags: dnsmasq

# - name: Configure NetworkManager
#   template:
#     src: NetworkManager.conf.j2
#     dest: /etc/NetworkManager/NetworkManager.conf
#   notify: Reload NetworkManager

- name: Run nmcli to check if wifi access point connection has already been added
  shell: /usr/bin/nmcli c | grep {{ wifi_ssid }}
  register: nmcli_result
  ignore_errors: True

- name: Check result nmcli {{ wifi_ssid }}
  set_fact:
    nmcli_failed: "{{ nmcli_result.rc != 0 }}"

- name: Run nmcli to check if LTE access point connection has already been added
  shell: /usr/bin/nmcli c | grep {{ LTE_con_name }}
  register: lte_result
  ignore_errors: True

- name: Check result nmcli {{ wifi_ssid }}
  set_fact:
    lte_failed: "{{ lte_result.rc != 0 }}"
# - name: Run nmcli to check if phy1 connection has already been added
#   shell: /usr/bin/nmcli c | grep {{ phy_int1_name }}
#   register: phy1_result
#   ignore_errors: True

# - name: Check result nmcli {{ phy_int1_name }}
#   set_fact:
#     phy1_failed: "{{ phy1_result.rc != 0 }}"

- name: Run nmcli to check if phy2 connection has already been added
  shell: /usr/bin/nmcli c | grep {{ phy_int2_name }}
  register: phy2_result
  ignore_errors: True

- name: Check result nmcli {{ phy_int2_name }}
  set_fact:
    phy2_failed: "{{ phy2_result.rc != 0 }}"

- name: Run nmcli to add a connection with the specified parameters as a wifi access point if above check has failed
  command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ wifi_ssid }} ifname {{ wifi_int.stdout }} type wifi ssid {{ wifi_ssid }} mode ap ip4 {{ wifi_int_ip }}
  when: nmcli_failed

# - name: Configure physical interface {{ phy_int1_name }}
#   command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ phy_int1_name }} ifname {{ phy1_iface_name }} type ethernet ipv4.method shared ipv4.address {{ phy_int1 }}
#   when: phy1_failed

- name: Configure physical interface {{ phy_int2_name }}
  command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ phy_int2_name }} ifname {{ phy2_iface_name }} type ethernet ipv4.method shared ipv4.address {{ phy_int2 }}
  when: phy2_failed

- name: Run nmcli to add a connection LTE
  command: /usr/bin/nmcli c add autoconnect yes save yes con-name {{ LTE_con_name }} ifname cdc-wdm0 type gsm apn "internet"
  when: lte_failed

- name: Run nmcli to add WPA-PSK security to the wifi connection
  command: /usr/bin/nmcli c mod {{ wifi_ssid }} \
    802-11-wireless.band bg \
    802-11-wireless.channel 1 \
    802-11-wireless-security.key-mgmt wpa-psk \
    802-11-wireless-security.proto rsn \
    802-11-wireless-security.group ccmp \
    802-11-wireless-security.pairwise ccmp \
    802-11-wireless-security.psk {{ wifi_psk }} \
    ipv4.method shared \
    ipv4.addr {{ wifi_int_ip }}/24


- name: Run nmcli to activate wifi access point connection
  command: /usr/bin/nmcli c up {{ wifi_ssid }}

- name: Run nmcli to activate {{ LTE_con_name }}
  command: /usr/bin/nmcli c up {{ LTE_con_name }}

- name: Run nmcli to activate {{ phy_int1_name }}
  command: /usr/bin/nmcli c up {{ LTE_con_name }}

- name: Run nmcli to activate {{ phy_int2_name }}
  command: /usr/bin/nmcli c up {{ LTE_con_name }}
  
- name: Apply tags to tasks within included file
  include_tasks: iptables.yaml
  args:
    apply:
      tags:
        - iptables
  tags:
    - iptables
    - flush



# - name: Configure {{ wifi_int.stdout_lines | first }} interface
#   template:
#     src: 25-wireless.network.j2
#     dest: /etc/systemd/network/25-wireless.network
#   notify: Restart systemd-networkd

# - name: Configure NetworkManager
#   template:
#     src: unmanaged.conf.j2
#     dest: /etc/NetworkManager/conf.d/unmanaged.conf
#   notify: Restart NetworkManager

# - name: Configure hostapd
#   template:
#     src: hostapd.conf.j2
#     dest: /etc/hostapd/hostapd.conf
#   notify: Restart hostapd

# - name: Configure hostapd
#   template:
#     src: dhcpd.conf.j2
#     dest: /etc/dhcpd.conf
# #  notify: Restart dhcpd

# - name: Enable services
#   service: "{{ app }}"
#   enabled: yes
#   loop: "{{ apps }}"
#   loop_control:
#     loop_var: "app"
# - name: Force all notified handlers to run at this point
#   ansible.builtin.meta: flush_handlers