machine_setup/ansible/roles/network/tasks/freebsd.yaml
2024-07-12 19:58:50 -04:00

76 lines
1.6 KiB
YAML

# MANUAL: I had to run `sudo service local_unbound setup`
- name: Install configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
owner: root
group: wheel
when: network_rc is defined
loop:
- src: "{{ network_rc }}"
dest: /etc/rc.conf.d/network
- name: Install configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
owner: root
group: wheel
when: routing_rc is defined
loop:
- src: "{{ routing_rc }}"
dest: /etc/rc.conf.d/routing
- name: Install configuration
copy:
src: "files/{{ item.src }}"
dest: "{{ item.dest }}"
mode: 0644
owner: root
group: wheel
when: rtsold_rc is defined
loop:
- src: "{{ rtsold_rc }}"
dest: /etc/rc.conf.d/rtsold
- name: Configure sysctls
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
sysctl_file: "/etc/sysctl.conf.local"
loop:
- name: net.inet6.ip6.use_tempaddr # Enable privacy addresses
value: "1"
- name: net.inet6.ip6.prefer_tempaddr # Prefer privacy addresses
value: "1"
- name: Install service configuration
copy:
src: "files/{{ item }}_rc.conf"
dest: "/etc/rc.conf.d/{{ item }}"
mode: 0644
owner: root
group: wheel
loop:
- local_unbound
- name: Prefer ipv6
when: prefer_ipv6
sysctl:
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
sysctl_file: "/etc/rc.conf.d/ip6addrctl"
loop:
- name: ip6addrctl_policy
value: "ipv6_prefer"
- name: Don't Prefer ipv6
when: not prefer_ipv6
file:
path: "/etc/rc.conf.d/ip6addrctl"
state: absent