Empty commit message

aybarsm · Jun 27, 2024 · 3a2753c · 3a2753c
1 parent f0ce069
commit 3a2753c
Show file tree

Hide file tree

Showing 15 changed files with 161 additions and 65 deletions.
diff --git a/roles/network_interfaces/defaults/main.yml b/roles/network_interfaces/defaults/main.yml
@@ -1,43 +1,104 @@
 ---
 linux_manage_network_interfaces: false
+
+# Leave empty not to apply changes
+linux_network_interfaces_change_strategy: ''
+
+# Example for apply changes via command strategy:
+# linux_network_interfaces_change_strategy: command
+# linux_network_interfaces_change:
+#   - cmd: ifreload -a
+
+# Example for apply changes via service strategy:
+# linux_network_interfaces_change_strategy: service
+# linux_network_interfaces_change:
+#   - name: networking
+#     state: restarted
+
 linux_network_interfaces_dir: /etc/network
 linux_network_interfaces_file: interfaces
+linux_network_interfaces_file_destination: "{{ linux_network_interfaces_dir + '/' + linux_network_interfaces_file }}"
 
+# Keep the lo interface in the file
 linux_network_interfaces_file_keep_lo: true
+# The location of the source line in the file (controversial topic)
 linux_network_interfaces_file_source_position: bottom
-
-# Seggrate network interfaces into separate files i.e. /etc/network/interfaces.d/eth0
-# This has not been implemented yet
-# TODO: Implement this feature
-linux_network_interfaces_segregate: false
-linux_network_interfaces_seggregate_dir: "{{ linux_network_interfaces_dir }}/interfaces.d"
 linux_network_interfaces_source_line: "source {{ linux_network_interfaces_seggregate_dir }}/*"
 
-linux_network_interfaces_backup_files: true
+linux_network_interfaces_backup: true
 linux_network_interfaces_template: network_interfaces.j2
-# This has not been implemented yet
-# TODO: Implement this feature
-linux_network_interfaces_iface_template: network_interfaces.iface.j2
-
-linux_network_interfaces_apply_changes: false
 
-# TODO: Implement this feature
-linux_systemd_network_responsible_services:
-  - networking
-linux_systemd_network_responsible_commands:
-  - ifreload -a
-
-linux_network_interfaces_ifaces_static_excludes: []
-linux_network_interfaces_ifaces_dhcp_excludes: [
+linux_network_interfaces_static_excludes: []
+linux_network_interfaces_dhcp_excludes: [
   'address', 'netmask', 'gateway', 'broadcast', 'network', 'dns-nameservers', 'dns-search',
   'dns-domain', 'dns-domain-search', 'dns-options', 'dns-sortlist', 'dns-opts']
 
-linux_network_interfaces_ifaces_default: []
-linux_network_interfaces_ifaces_group: []
-linux_network_interfaces_ifaces_host: []
-linux_network_interfaces_ifaces_all: "{{
-  [linux_interfaces_file_ifaces_default, linux_interfaces_file_ifaces_group, linux_interfaces_file_ifaces_host] |
+linux_network_interfaces_default: []
+linux_network_interfaces_group: []
+linux_network_interfaces_host: []
+
+# The combination strategy below is highly nested hierarchy compliant and recommended (Example provided below)
+# linux_network_interfaces_host > linux_network_interfaces_group > linux_network_interfaces_default
+linux_network_interfaces_all: "{{
+  [linux_network_interfaces_default, linux_network_interfaces_group, linux_network_interfaces_host] |
   community.general.lists_mergeby('name', recursive=true, list_merge='prepend') |
-  unique_recursive(attribute='name', recurse='inet') | unique_recursive(attribute='name', recurse='inet6') }}"
+  aybarsm.helper.unique_recursive(attribute='name', recurse='inet') | aybarsm.helper.unique_recursive(attribute='name', recurse='inet6') }}"
+
+# linux_network_interfaces_default:
+#   - name: enp0s6
+#     mount: auto
+#   - name: vmbr0
+#     inet:
+#       - name: bridge-ports
+#         value: enp0s6
+#       - name: bridge-stp
+#         value: "on"
+
+# linux_network_interfaces_group:
+#   - name: vmbr0
+#     mount: auto
+#     inet:
+#       - name: method
+#         value: dhcp
+#       - name: bridge-stp
+#         value: "off"
+#       - name: bridge-fd
+#         value: 0
+
+# linux_network_interfaces_host:
+#   - name: enp0s6
+#     mount: None
+#   - name: vmbr0
+#     inet:
+#       - name: method
+#         value: static
+#       - name: address
+#         value: 10.255.255.2/24
+#     inet6:
+#       - name: method
+#         value: static
+#       - name: address
+#         value: fdff::1/64
 
-__linux_network_interfaces_file_destination: "{{ linux_network_interfaces_dir + '/' + linux_network_interfaces_file }}"
+# !!!!! RESULT: !!!!!
+# linux_network_interfaces_all:
+#   - name: enp0s6
+#     mount: None # Replaced from default by host
+#   - name: vmbr0
+#     mount: auto # Merged from group
+#     inet:
+#       - name: method # Replaced from group by host
+#         value: static
+#       - name: address # Replaced from group by host
+#         value: 10.255.255.2/24
+#       - name: bridge-ports # Merged from default by group
+#         value: enp0s6
+#       - name: bridge-stp # Replaced from default by group
+#         value: "off"
+#       - name: bridge-fd # Merged from group
+#         value: 0
+#     inet6:
+#       - name: method # Merged from host
+#         value: static
+#       - name: address # Merged from host
+#         value: fdff::1/64
diff --git a/roles/network_interfaces/handlers/command.yml b/roles/network_interfaces/handlers/command.yml
@@ -0,0 +1,19 @@
+---
+- name: Apply command(s) for linux_network_interfaces changes
+  become: true
+  ansible.builtin.command:
+    argv: "{{ item.argv | default(omit) }}"
+    chdir: "{{ item.chdir | default(omit) }}"
+    cmd: "{{ item.cmd }}"
+    creates: "{{ item.creates | default(omit) }}"
+    expand_argument_vars: "{{ item.expand_argument_vars | default(omit) }}"
+    free_form: "{{ item.free_form | default(omit) }}"
+    removes: "{{ item.removes | default(omit) }}"
+    stdin: "{{ item.stdin | default(omit) }}"
+    stdin_add_newline: "{{ item.stdin_add_newline | default(omit) }}"
+    strip_empty_ends: "{{ item.strip_empty_ends | default(omit) }}"
+  loop: "{{ linux_network_interfaces_change | selectattr('cmd', 'defined') }}"
+  register: linux_network_interfaces_apply_changes_command
+  when:
+    - linux_network_interfaces_change | type_debug == 'list'
+    - linux_network_interfaces_change | selectattr('cmd', 'defined') | length > 0
diff --git a/roles/network_interfaces/handlers/main.yml b/roles/network_interfaces/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Apply linux_network_interfaces changes
+  ansible.builtin.import_tasks:
+    file: "{{ linux_network_interfaces_change_strategy }}.yml"
+  listen: "linux_network_interfaces_apply_changes"
+  when: linux_network_interfaces_change_strategy | default('') | in ['command', 'service']
diff --git a/roles/network_interfaces/handlers/service.yml b/roles/network_interfaces/handlers/service.yml
@@ -0,0 +1,17 @@
+---
+- name: Effect service(s) for linux_network_interfaces changes
+  become: true
+  ansible.builtin.service:
+    arguments: "{{ item.arguments | default(omit) }}"
+    enabled: "{{ item.enabled | default(omit) }}"
+    name: "{{ item.name }}"
+    pattern: "{{ item.pattern | default(omit) }}"
+    runlevel: "{{ item.runlevel | default(omit) }}"
+    sleep: "{{ item.sleep | default(omit) }}"
+    state: "{{ item.state | default(omit) }}"
+    use: "{{ item.use | default(omit) }}"
+  loop: "{{ linux_network_interfaces_change | selectattr('name', 'defined') }}"
+  register: linux_network_interfaces_apply_changes_service
+  when:
+    - linux_network_interfaces_change | type_debug == 'list'
+    - linux_network_interfaces_change | selectattr('name', 'defined') | length > 0
diff --git a/roles/network_interfaces/tasks/network_interfaces.yml b/roles/network_interfaces/tasks/network_interfaces.yml
@@ -3,11 +3,11 @@
   become: true
   ansible.builtin.template:
     src: "{{ linux_network_interfaces_template }}"
-    dest: "{{ __linux_network_interfaces_file_destination }}"
-    backup: "{{ linux_network_interfaces_backup_files | default(omit) | bool }}"
+    dest: "{{ linux_network_interfaces_file_destination }}"
+    backup: "{{ linux_network_interfaces_backup | default(omit) | bool }}"
     mode: "0644"
   when:
     - linux_network_interfaces_ifaces_all | type_debug == 'list'
     - linux_network_interfaces_ifaces_all | length > 0
-  register: linux_network_interfaces_deploy_files
-  notify: linux_network_interfaces_update
+  register: linux_network_interfaces_deploy_file
+  notify: linux_network_interfaces_apply_changes
diff --git a/roles/network_interfaces/templates/network_interfaces.j2 b/roles/network_interfaces/templates/network_interfaces.j2
@@ -19,7 +19,7 @@ iface lo inet loopback
 {%          set ifaceMethod = iface[addr_family] | selectattr('name', 'equalto', 'method') | map(attribute='value') | first | default('') %}
 {%          if ifaceMethod in ['static', 'dhcp'] %}
 iface {{ iface.name }} {{ addr_family }} {{ ifaceMethod }}
-{%              set ifaceParamsExclude = linux_network_interfaces_ifaces_dhcp_excludes if ifaceMethod == 'dhcp' else linux_network_interfaces_ifaces_static_excludes %}
+{%              set ifaceParamsExclude = linux_network_interfaces_dhcp_excludes | default([]) if ifaceMethod == 'dhcp' else linux_network_interfaces_static_excludes | default([]) %}
 {%              set ifaceParamsExclude = ifaceParamsExclude + ['method'] %}
 {%              set ifaceParams = iface[addr_family] | rejectattr('name', 'in', ifaceParamsExclude) %}
 {%              if ifaceParams | length > 0 %}

diff --git a/roles/posix/handlers/.gitkeep b/roles/posix/handlers/.gitkeep
diff --git a/roles/posix/tasks/sysctl.yml b/roles/posix/tasks/sysctl.yml
@@ -1,14 +1,14 @@
 ---
-- name: Manage sysctl settings
+- name: Deploy posix sysctl settings
   ansible.posix.sysctl:
     name: "{{ item.name }}"
     value: "{{ item.value }}"
     ignoreerrors: "{{ item.ignoreerrors | default(omit) | bool }}"
     reload: "{{ item.reload | default(omit) | bool }}"
-    state: "{{ item.state | default('present') }}"
+    state: "{{ item.state | default(omit) }}"
     sysctl_file: "{{ item.sysctl_file | default(omit) }}"
     sysctl_set: "{{ item.sysctl_set | default(omit) | bool }}"
   when:
-    - linux_posix_sysctl_conf | linux_type_debug == 'list'
-    - linux_posix_sysctl_conf | length > 0
-  loop: "{{ linux_posix_sysctl_conf }}"
+    - linux_posix_sysctl_all | linux_type_debug == 'list'
+    - linux_posix_sysctl_all | length > 0
+  loop: "{{ linux_posix_sysctl_all }}"
diff --git a/roles/posix/templates/.gitkeep b/roles/posix/templates/.gitkeep
diff --git a/roles/posix/vars/.gitkeep b/roles/posix/vars/.gitkeep
diff --git a/roles/systemd/defaults/network.yml b/roles/systemd/defaults/network.yml
@@ -1,11 +1,7 @@
 ---
 linux_manage_systemd_network: false
 
-linux_systemd_network_apply_changes: []
-# linux_systemd_network_apply_changes:
-#   - service: systemd-networkd
-#     state: restarted
-#   - command: "systemctl daemon-reload"
+linux_systemd_network_apply_changes: false
 
 linux_systemd_network_backup: true
 linux_systemd_network_cleanup: false

diff --git a/roles/systemd/handlers/main.yml b/roles/systemd/handlers/main.yml
@@ -1,11 +1,8 @@
 ---
-- name: Restart designated service(s) for systemd network changes
+- name: Restart systemd-networkd service for linux_systemd_network changes
   become: true
   ansible.builtin.service:
-    name: "{{ item }}"
+    name: "systemd-networkd"
     state: restarted
-  listen: "linux_systemd_network_restart"
-  loop: "{{ linux_systemd_network_responsible_services }}"
-  when:
-    - linux_systemd_network_apply_changes | type_debug == 'list'
-    - linux_systemd_network_apply_changes | length > 0
+  listen: "linux_systemd_networkd_restart"
+  when: linux_systemd_network_apply_changes | bool
diff --git a/roles/systemd/tasks/network.yml b/roles/systemd/tasks/network.yml
@@ -1,35 +1,35 @@
 ---
-- name: Find unexpected systemd-network unit files
+- name: Find unexpected systemd-network files
   become: true
   ansible.builtin.find:
-    paths: "{{ linux_systemd_network_unit_dir }}"
+    paths: "{{ linux_systemd_network_dir }}"
     patterns: "{{ linux_systemd_network_cleanup_patterns }}"
     use_regex: "{{ linux_systemd_network_cleanup_patterns_use_regex | bool }}"
-  when: linux_systemd_network_cleanup_units | bool
+  when: linux_systemd_network_cleanup | bool
   register: linux_systemd_network_find_cleanup_files
 
-- name: Remove unexpected systemd-network unit files
+- name: Remove unexpected systemd-network files
   become: true
   ansible.builtin.file:
     path: "{{ item }}"
     state: absent
   loop: "{{ linux_systemd_network_find_cleanup_files.files | map(attribute='path') }}"
   when:
-    - linux_systemd_network_cleanup_units | bool
+    - linux_systemd_network_cleanup | bool
     - linux_systemd_network_find_cleanup_files.files | length > 0
-  register: linux_systemd_network_cleanup_unit_files
-  notify: linux_systemd_network_restart
+  register: linux_systemd_network_cleanup_files
+  notify: linux_systemd_networkd_restart
 
-- name: Deploy systemd-network unit files
+- name: Deploy systemd-network files
   become: true
   ansible.builtin.template:
-    src: "{{ linux_systemd_network_unit_template }}"
-    dest: "{{ linux_systemd_network_unit_dir }}/{{ item.name }}"
-    backup: "{{ linux_systemd_network_backup_units | default(omit) | bool }}"
+    src: "{{ linux_systemd_network_template }}"
+    dest: "{{ linux_systemd_network_dir }}/{{ item.name }}"
+    backup: "{{ linux_systemd_network_backup | default(omit) | bool }}"
     mode: "0644"
-  loop: "{{ linux_systemd_network_units_all }}"
+  loop: "{{ linux_systemd_network_all }}"
   when:
-    - linux_systemd_network_units_all | type_debug == 'list'
-    - linux_systemd_network_units_all | length > 0
-  register: linux_systemd_network_deploy_unit_files
-  notify: linux_systemd_network_restart
+    - linux_systemd_network_all | type_debug == 'list'
+    - linux_systemd_network_all | length > 0
+  register: linux_systemd_network_deploy_files
+  notify: linux_systemd_networkd_restart
diff --git a/roles/systemd/templates/network_unit.j2 → roles/systemd/templates/network.j2 b/roles/systemd/templates/network_unit.j2 → roles/systemd/templates/network.j2
diff --git a/roles/systemd/vars/.gitkeep b/roles/systemd/vars/.gitkeep