evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 32 Wiki Activity
ansible-roles/vrrpd/tasks/main.yml

76 lines
2 KiB
YAML
Raw Permalink Blame History

---
- name: Install Evolix public repositry
ansible.builtin.include_role:
name: evolix/apt
tasks_from: evolix_public.yml
tags:
- vrrpd
- name: Install vrrpd packages
ansible.builtin.apt:
name: vrrpd=1.0-2.evolix
allow_unauthenticated: yes
state: present
tags:
- vrrpd
- name: install custom switch script
ansible.builtin.copy:
src: vrrp_switch.sh
dest: /etc/vrrpd/vrrp_switch
mode: "0700"
owner: "root"
group: "root"
force: "{{ vrrp_force_update_switch_script | bool | ternary('yes','no') }}"
- name: Adjust sysctl config (except rp_filter)
ansible.posix.sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
sysctl_file: /etc/sysctl.d/vrrpd.conf
sysctl_set: yes
state: present
loop:
- { name: 'net.ipv4.conf.all.arp_ignore', value: 1 }
- { name: 'net.ipv4.conf.all.arp_announce', value: 2 }
- { name: 'net.ipv4.ip_nonlocal_bind', value: 1 }
tags:
- vrrpd
- name: look if rp_filter is managed by minifirewall
ansible.builtin.command:
cmd: grep "SYSCTL_RP_FILTER=" /etc/default/minifirewall
failed_when: False
changed_when: False
check_mode: no
register: grep_sysctl_rp_filter_minifirewall
- name: Configure SYSCTL_RP_FILTER in minifirewall
ansible.builtin.lineinfile:
dest: "/etc/default/minifirewall"
line: "SYSCTL_RP_FILTER='0'"
regexp: "SYSCTL_RP_FILTER=('|\").*('|\")"
create: no
when: grep_sysctl_rp_filter_minifirewall.rc == 0
- name: Adjust sysctl config (only rp_filter)
ansible.posix.sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
sysctl_file: /etc/sysctl.d/vrrpd.conf
sysctl_set: yes
state: present
loop:
- { name: 'net.ipv4.conf.default.rp_filter', value: 0 }
- { name: 'net.ipv4.conf.all.rp_filter', value: 0 }
when: grep_sysctl_rp_filter_minifirewall.rc != 0
tags:
- vrrpd
- name: Create VRRP address
ansible.builtin.include: ip.yml
loop: "{{ vrrp_addresses }}"
loop_control:
loop_var: "vrrp_address"
Reference in a new issue View git blame Copy permalink