Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.package
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
14
Merge Requests
14
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
nexedi
slapos.package
Commits
e4f41c3c
Commit
e4f41c3c
authored
Sep 11, 2023
by
Joanne Hugé
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
playbook/ors: use systemd-networkd instead of ifupdown
parent
7ced67af
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
133 additions
and
23 deletions
+133
-23
playbook/roles/ors-image-backports/tasks/main.yml
playbook/roles/ors-image-backports/tasks/main.yml
+107
-0
playbook/roles/ors/files/interfaces
playbook/roles/ors/files/interfaces
+0
-20
playbook/roles/ors/files/systemd-dhcp-network
playbook/roles/ors/files/systemd-dhcp-network
+5
-0
playbook/roles/ors/files/systemd-wait-online-override
playbook/roles/ors/files/systemd-wait-online-override
+3
-0
playbook/roles/ors/tasks/main.yml
playbook/roles/ors/tasks/main.yml
+17
-2
playbook/sha256sum
playbook/sha256sum
+1
-1
No files found.
playbook/roles/ors-image-backports/tasks/main.yml
0 → 100644
View file @
e4f41c3c
---
# Set cron to repeat ors-image-backports in case someone unplugs the ORS while this playbook is running
-
name
:
Set Cron to repeat until success
cron
:
name="Repeat ors-image-backports until success" minute="*/4" hour="*" job="flock -n /opt/upgrader/ansible.lock -c \"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin ansible-playbook ors-image-backports.yml -i hosts 2>>/opt/upgrader/ors_image_backports.log >> /opt/upgrader/ors_image_backports.log\""
-
name
:
Remove obsolete cron
cron
:
name="Launch Upgrader with ansible" state=absent
-
name
:
Remove obsolete cron
cron
:
name="Launch Startup with ansible" state=absent
-
name
:
Remove obsolete cron
cron
:
name="Launch ors playbook periodically" state=absent
-
name
:
Remove obsolete cron
cron
:
name="Launch ors playbook at reboot" state=absent
-
name
:
Remove obsolete cron
cron
:
name="Launch ors playbook every 3 hours" state=absent
-
name
:
Check if Service Exists
stat
:
path=/etc/init.d/init-sdr
register
:
init_sdr_service
-
name
:
Reload daemon
systemd
:
daemon_reload=yes
when
:
init_sdr_service.stat.exists
-
name
:
Disable old init-sdr service
systemd
:
name=init-sdr enabled=no
when
:
init_sdr_service.stat.exists
-
name
:
Fix apt
shell
:
'
DEBIAN_FRONTEND=noninteractive
apt
install
-y'
ignore_errors
:
yes
register
:
apt_install
-
name
:
Get SSD disk path
shell
:
"
debconf-show
grub-efi-amd64
|
grep
install_devices_disks_changed
|
awk
'{
print
$NF
}'"
ignore_errors
:
yes
register
:
ssd_disk
when
:
apt_install.rc !=
0
-
name
:
Fix grub install
shell
:
"
echo
'grub-efi
grub-efi/install_devices
string
{{
ssd_disk.stdout
}}'
|
debconf-set-selections
&&
DEBIAN_FRONTEND=noninteractive
apt
install
-y"
when
:
ssd_disk.rc == 0 and apt_install.rc !=
0
ignore_errors
:
yes
# Configure systemd-networkd
-
name
:
Configure /etc/systemd/network/dhcp.network
copy
:
src=systemd-dhcp-network dest=/etc/systemd/network/dhcp.network owner=root mode=644
-
name
:
Create a directory if it does not exist
file
:
path=/etc/systemd/system/systemd-networkd-wait-online.service.d state=directory mode=0755
-
name
:
Configure /etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf
copy
:
src=systemd-wait-online-override dest=/etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf owner=root mode=644
-
name
:
Enable and stop systemd-networkd
systemd
:
name=systemd-networkd.service enabled=yes state=stopped
-
name
:
Remove ifupdown
shell
:
'
DEBIAN_FRONTEND="noninteractive"
apt
remove
--purge
-y
ifupdown'
-
name
:
Start systemd-networkd
systemd
:
name=systemd-networkd.service enabled=yes state=started
# Configure DHCP timeout
-
name
:
Configure dhcp timeout
lineinfile
:
dest=/etc/dhcp/dhclient.conf regexp="^timeout (.*)" line="timeout 15" state=present
# Configure DNS
-
name
:
Disable dnsmasq service
systemd
:
name=dnsmasq.service enabled=no state=stopped
ignore_errors
:
yes
-
name
:
Disable DNS stub resolver
lineinfile
:
dest=/etc/systemd/resolved.conf regexp="(.*)DNSStubListener=(.*)" line="DNSStubListener=no" state=present
register
:
disable_dns_stub
-
name
:
Create resolv symbolic link
file
:
src
:
/run/systemd/resolve/resolv.conf
dest
:
/etc/resolv.conf
state
:
link
force
:
true
register
:
create_resolv_link
-
name
:
Configure default nameservers
lineinfile
:
dest=/etc/systemd/resolved.conf regexp="^DNS=(.*)" line="DNS=1.1.1.1 8.8.8.8" state=present
register
:
configure_default_nameservers
-
name
:
Restart systemd-resolved.service if necessary
systemd
:
name=systemd-resolved.service enabled=yes state=restarted
when
:
(disable_dns_stub.changed) or (create_resolv_link.changed) or (configure_default_nameservers.changed)
-
name
:
Enable and start systemd-resolved.service
systemd
:
name=systemd-resolved.service enabled=yes state=started
-
name
:
Remove cron after successful run
cron
:
name="Repeat ors-image-backports until success" state=absent
playbook/roles/ors/files/interfaces
deleted
100644 → 0
View file @
7ced67af
auto lo
iface lo inet loopback
auto enp2s0
iface enp2s0 inet dhcp
post-up echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
post-up iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
post-up iptables -t nat -A POSTROUTING -p udp -m udp --sport 5353 -j SNAT --to-source :53
post-up iptables -t nat -A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination :5353
post-up ip6tables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
auto enp0s31f6
iface enp0s31f6 inet dhcp
post-up echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
post-up iptables -t nat -A POSTROUTING -o enp0s31f6 -j MASQUERADE
post-up iptables -t nat -A POSTROUTING -p udp -m udp --sport 5353 -j SNAT --to-source :53
post-up iptables -t nat -A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination :5353
post-up ip6tables -t nat -A POSTROUTING -o enp0s31f6 -j MASQUERADE
source /etc/network/interfaces.d/*
playbook/roles/ors/files/systemd-dhcp-network
0 → 100644
View file @
e4f41c3c
[Match]
Name=en*
[Network]
DHCP=yes
playbook/roles/ors/files/systemd-wait-online-override
0 → 100644
View file @
e4f41c3c
[Service]
ExecStart=
ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any
playbook/roles/ors/tasks/main.yml
View file @
e4f41c3c
...
...
@@ -95,8 +95,23 @@
# Network
-
name
:
Configure /etc/network/interfaces
copy
:
src=interfaces dest=/etc/network/interfaces owner=root mode=644
-
name
:
Configure /etc/systemd/network/dhcp.network
copy
:
src=systemd-dhcp-network dest=/etc/systemd/network/dhcp.network owner=root mode=644
-
name
:
Create a directory if it does not exist
file
:
path=/etc/systemd/system/systemd-networkd-wait-online.service.d state=directory mode=0755
-
name
:
Configure /etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf
copy
:
src=systemd-wait-online-override dest=/etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf owner=root mode=644
-
name
:
Enable and stop systemd-networkd
systemd
:
name=systemd-networkd.service enabled=yes state=stopped
-
name
:
Remove ifupdown
shell
:
'
DEBIAN_FRONTEND="noninteractive"
apt
remove
--purge
-y
ifupdown'
-
name
:
Start systemd-networkd
systemd
:
name=systemd-networkd.service enabled=yes state=started
-
name
:
Configure dhcp timeout
lineinfile
:
dest=/etc/dhcp/dhclient.conf regexp="^timeout (.*)" line="timeout 15" state=present
...
...
playbook/sha256sum
View file @
e4f41c3c
55ce33d3e89f0093de552d8de66e306b6c142c06a4aa3e36e03954785f720047
-
956c7348e0e5264fd18a9bffadf143b43f1f8ea8a1bd426c5ef63d5296b75fc8
-
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment