diff options
| author | uvok cheetah | 2024-03-24 19:13:09 +0100 |
|---|---|---|
| committer | uvok cheetah | 2024-03-24 19:13:09 +0100 |
| commit | 46cafb2f9ae259906affb14767d2f853dadd22be (patch) | |
| tree | b16a0b027683ebeaf56b3ead89812f47cd06539d | |
| parent | 52363df735a0d8cd547d396695f75924496cf909 (diff) | |
Fixup tinc role
- add handler to restart
- add variables
- add IP addresses
| -rw-r--r-- | host_vars/firstroot | 4 | ||||
| -rw-r--r-- | host_vars/hetzner | 8 | ||||
| -rw-r--r-- | host_vars/netcup | 7 | ||||
| -rw-r--r-- | roles/tinc/defaults/main.yml | 1 | ||||
| -rw-r--r-- | roles/tinc/handlers/main.yml | 7 | ||||
| -rw-r--r-- | roles/tinc/tasks/tinc.yml | 11 | ||||
| -rwxr-xr-x | roles/tinc/templates/tinc-up.j2 | 4 |
7 files changed, 39 insertions, 3 deletions
diff --git a/host_vars/firstroot b/host_vars/firstroot index 2c6b7b7..7bec76d 100644 --- a/host_vars/firstroot +++ b/host_vars/firstroot @@ -2,7 +2,9 @@ tinc: configure: true name: firstroot connections: [hetzner] - address: fe80::10/64 + address: + - fe80::10/64 + - 10.2.0.10/24 listen_on: any extra_up: - sysctl -w net.ipv4.conf.${INTERFACE}.forwarding=1 diff --git a/host_vars/hetzner b/host_vars/hetzner new file mode 100644 index 0000000..02b9c22 --- /dev/null +++ b/host_vars/hetzner @@ -0,0 +1,8 @@ +tinc: + configure: true + name: hetzner + connections: [netcup] + address: + - fe80::1/64 + - 10.2.0.1/24 + listen_on: any diff --git a/host_vars/netcup b/host_vars/netcup new file mode 100644 index 0000000..9d49382 --- /dev/null +++ b/host_vars/netcup @@ -0,0 +1,7 @@ +tinc: + configure: true + name: netcup + connections: [hetzner] + address: + - fe80::2/64 + listen_on: any diff --git a/roles/tinc/defaults/main.yml b/roles/tinc/defaults/main.yml new file mode 100644 index 0000000..41ec8a3 --- /dev/null +++ b/roles/tinc/defaults/main.yml @@ -0,0 +1 @@ +tinc_netname: tn_int diff --git a/roles/tinc/handlers/main.yml b/roles/tinc/handlers/main.yml new file mode 100644 index 0000000..fadb8d5 --- /dev/null +++ b/roles/tinc/handlers/main.yml @@ -0,0 +1,7 @@ +--- +# handlers file for uvok_tinc +- name: Apply Tinc config + listen: configure tinc + service: + name: "tinc@{{ tinc_netname }}" + state: restarted diff --git a/roles/tinc/tasks/tinc.yml b/roles/tinc/tasks/tinc.yml index 2673a59..a76ad8e 100644 --- a/roles/tinc/tasks/tinc.yml +++ b/roles/tinc/tasks/tinc.yml @@ -8,14 +8,16 @@ template: src: tinc.conf.j2 dest: /etc/tinc/tn_int/tinc.conf - mode: '0750' + mode: '0640' tags: - tconfig + notify: configure bird - name: Install tinc-up template template: src: tinc-up.j2 dest: /etc/tinc/tn_int/tinc-up mode: '0740' + notify: configure bird tags: - tconfig - name: Copy remaining files @@ -25,6 +27,7 @@ archive: false recursive: true times: true + notify: configure bird - name: Make scripts executable file: path: "/etc/tinc/tn_int/{{ item }}" @@ -33,3 +36,9 @@ - tinc-down tags: - exec +- name: Ensure tinc is enabled + service: + name: "tinc@{{ tinc_netname }}" + daemon_reload: true + enabled: true + when: ansible_os_family != "OpenWrt" diff --git a/roles/tinc/templates/tinc-up.j2 b/roles/tinc/templates/tinc-up.j2 index 8c26aa9..92aa782 100755 --- a/roles/tinc/templates/tinc-up.j2 +++ b/roles/tinc/templates/tinc-up.j2 @@ -1,7 +1,9 @@ #!/bin/sh ip link set $INTERFACE up ip -6 addr flush dev $INTERFACE -ip addr add {{ tinc.address }} dev $INTERFACE +{% for addr in tinc.address %} +ip addr add {{ addr }} dev $INTERFACE +{% endfor %} {% if tinc.extra_up is defined %} {% for cmd in tinc.extra_up %} {{ cmd }} |