cd0208f3fc
I never remember the incantation, and its slightly different between FreeBSD and Linux so I am adding this script essentially as a note.
89 lines
1.9 KiB
YAML
89 lines
1.9 KiB
YAML
# MANUAL: I had to run `sudo service local_unbound setup`
|
|
- name: Install configuration
|
|
copy:
|
|
src: "files/{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
mode: 0644
|
|
owner: root
|
|
group: wheel
|
|
when: network_rc is defined
|
|
loop:
|
|
- src: "{{ network_rc }}"
|
|
dest: /etc/rc.conf.d/network
|
|
|
|
- name: Install configuration
|
|
copy:
|
|
src: "files/{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
mode: 0644
|
|
owner: root
|
|
group: wheel
|
|
when: routing_rc is defined
|
|
loop:
|
|
- src: "{{ routing_rc }}"
|
|
dest: /etc/rc.conf.d/routing
|
|
|
|
- name: Install configuration
|
|
copy:
|
|
src: "files/{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
mode: 0644
|
|
owner: root
|
|
group: wheel
|
|
when: rtsold_rc is defined
|
|
loop:
|
|
- src: "{{ rtsold_rc }}"
|
|
dest: /etc/rc.conf.d/rtsold
|
|
|
|
- name: Configure sysctls
|
|
sysctl:
|
|
name: "{{ item.name }}"
|
|
value: "{{ item.value }}"
|
|
state: present
|
|
reload: false
|
|
sysctl_file: "/etc/sysctl.conf.local"
|
|
loop:
|
|
- name: net.inet6.ip6.use_tempaddr # Enable privacy addresses
|
|
value: "1"
|
|
- name: net.inet6.ip6.prefer_tempaddr # Prefer privacy addresses
|
|
value: "1"
|
|
|
|
- name: Install service configuration
|
|
copy:
|
|
src: "files/{{ item }}_rc.conf"
|
|
dest: "/etc/rc.conf.d/{{ item }}"
|
|
mode: 0644
|
|
owner: root
|
|
group: wheel
|
|
loop:
|
|
- local_unbound
|
|
|
|
- name: Prefer ipv6
|
|
when: prefer_ipv6
|
|
blockinfile:
|
|
path: "/etc/rc.conf.d/ip6addrctl"
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK"
|
|
create: true
|
|
mode: 0600
|
|
owner: root
|
|
group: wheel
|
|
block: |
|
|
ip6addrctl_policy="ipv6_prefer"
|
|
|
|
- name: Don't Prefer ipv6
|
|
when: not prefer_ipv6
|
|
file:
|
|
path: "/etc/rc.conf.d/ip6addrctl"
|
|
state: absent
|
|
|
|
- name: Install scripts
|
|
copy:
|
|
src: "files/{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
mode: 0755
|
|
owner: root
|
|
group: wheel
|
|
loop:
|
|
- src: next_hop_freebsd.bash
|
|
dest: /usr/local/bin/next_hop
|