From a1cd1db13586c438239b8dc523c92c991aaca9dd Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Fri, 14 Oct 2022 01:29:40 -0400 Subject: [PATCH] Add a FreeBSD network role. --- .../environments/home/host_vars/homeserver | 1 + .../network/files/homeserver_network.conf | 3 ++ ansible/roles/network/tasks/common.yaml | 14 +++++++ ansible/roles/network/tasks/freebsd.yaml | 37 +++++++++++++++++++ ansible/roles/network/tasks/linux.yaml | 6 +++ ansible/roles/network/tasks/main.yaml | 2 + ansible/roles/network/tasks/peruser.yaml | 29 +++++++++++++++ .../roles/network/tasks/peruser_freebsd.yaml | 0 .../roles/network/tasks/peruser_linux.yaml | 0 9 files changed, 92 insertions(+) create mode 100644 ansible/roles/network/files/homeserver_network.conf create mode 100644 ansible/roles/network/tasks/common.yaml create mode 100644 ansible/roles/network/tasks/freebsd.yaml create mode 100644 ansible/roles/network/tasks/linux.yaml create mode 100644 ansible/roles/network/tasks/main.yaml create mode 100644 ansible/roles/network/tasks/peruser.yaml create mode 100644 ansible/roles/network/tasks/peruser_freebsd.yaml create mode 100644 ansible/roles/network/tasks/peruser_linux.yaml diff --git a/ansible/environments/home/host_vars/homeserver b/ansible/environments/home/host_vars/homeserver index d13c4a6..290af65 100644 --- a/ansible/environments/home/host_vars/homeserver +++ b/ansible/environments/home/host_vars/homeserver @@ -7,3 +7,4 @@ pf_config: "homeserver_pf.conf" pflog_conf: - name: 0 dev: pflog0 +network_rc: "homeserver_network.conf" diff --git a/ansible/roles/network/files/homeserver_network.conf b/ansible/roles/network/files/homeserver_network.conf new file mode 100644 index 0000000..88469c6 --- /dev/null +++ b/ansible/roles/network/files/homeserver_network.conf @@ -0,0 +1,3 @@ +wlans_run0="wlan0" +ifconfig_wlan0="WPA DHCP" +ifconfig_wlan0_ipv6="inet6 accept_rtadv" diff --git a/ansible/roles/network/tasks/common.yaml b/ansible/roles/network/tasks/common.yaml new file mode 100644 index 0000000..d7c1735 --- /dev/null +++ b/ansible/roles/network/tasks/common.yaml @@ -0,0 +1,14 @@ +- import_tasks: tasks/freebsd.yaml + when: 'os_flavor == "freebsd"' + +- import_tasks: tasks/linux.yaml + when: 'os_flavor == "linux"' + +- include_tasks: + file: tasks/peruser.yaml + apply: + become: yes + become_user: "{{ initialize_user }}" + loop: "{{ users | dict2items | community.general.json_query('[?value.initialize==`true`].key') }}" + loop_control: + loop_var: initialize_user diff --git a/ansible/roles/network/tasks/freebsd.yaml b/ansible/roles/network/tasks/freebsd.yaml new file mode 100644 index 0000000..6bc4e2e --- /dev/null +++ b/ansible/roles/network/tasks/freebsd.yaml @@ -0,0 +1,37 @@ +- name: Install configuration + copy: + src: "files/{{ item.src }}" + dest: "{{ item.dest }}" + mode: 0644 + owner: root + group: wheel + when: network_rc is defined + loop: + - src: "{{ network_rc }}" + dest: /etc/rc.conf.d/network + +- name: Install configuration + copy: + src: "files/{{ item.src }}" + dest: "{{ item.dest }}" + mode: 0644 + owner: root + group: wheel + when: rtsold_rc is defined + loop: + - src: "{{ rtsold_rc }}" + dest: /etc/rc.conf.d/rtsold + +- name: Configure sysctls + sysctl: + name: "{{ item.name }}" + value: "{{ item.value }}" + state: present + sysctl_file: "/etc/sysctl.conf.local" + loop: + [] + # - name: net.inet6.ip6.accept_rtadv # Enable stateless autoconfiguration (SLAAC) + # value: "1" + # - name: net.inet6.ip6.use_tempaddr # Enable privacy addresses + # value: "1" + # - name: net.inet6.ip6.prefer_tempaddr # Prefer privacy addresses diff --git a/ansible/roles/network/tasks/linux.yaml b/ansible/roles/network/tasks/linux.yaml new file mode 100644 index 0000000..e1835f0 --- /dev/null +++ b/ansible/roles/network/tasks/linux.yaml @@ -0,0 +1,6 @@ +# - name: Install packages +# pacman: +# name: +# - foo +# state: present +# update_cache: true diff --git a/ansible/roles/network/tasks/main.yaml b/ansible/roles/network/tasks/main.yaml new file mode 100644 index 0000000..c7a170c --- /dev/null +++ b/ansible/roles/network/tasks/main.yaml @@ -0,0 +1,2 @@ +- import_tasks: tasks/common.yaml + when: foo is defined diff --git a/ansible/roles/network/tasks/peruser.yaml b/ansible/roles/network/tasks/peruser.yaml new file mode 100644 index 0000000..111e886 --- /dev/null +++ b/ansible/roles/network/tasks/peruser.yaml @@ -0,0 +1,29 @@ +- include_role: + name: per_user + +# - name: Create directories +# file: +# name: "{{ account_homedir.stdout }}/{{ item }}" +# state: directory +# mode: 0700 +# owner: "{{ account_name.stdout }}" +# group: "{{ group_name.stdout }}" +# loop: +# - ".config/foo" + +# - name: Copy files +# copy: +# src: "files/{{ item.src }}" +# dest: "{{ account_homedir.stdout }}/{{ item.dest }}" +# mode: 0600 +# owner: "{{ account_name.stdout }}" +# group: "{{ group_name.stdout }}" +# loop: +# - src: foo.conf +# dest: .config/foo/foo.conf + +- import_tasks: tasks/peruser_freebsd.yaml + when: 'os_flavor == "freebsd"' + +- import_tasks: tasks/peruser_linux.yaml + when: 'os_flavor == "linux"' diff --git a/ansible/roles/network/tasks/peruser_freebsd.yaml b/ansible/roles/network/tasks/peruser_freebsd.yaml new file mode 100644 index 0000000..e69de29 diff --git a/ansible/roles/network/tasks/peruser_linux.yaml b/ansible/roles/network/tasks/peruser_linux.yaml new file mode 100644 index 0000000..e69de29