Merge pull request #1336 from jvonau/netplan

Netplan - WIP
2025-03-09 15:40:17 +00:00 · 2019-01-02 01:01:45 -05:00 · 2019-01-02 01:01:45 -05:00 · 7cf6e9c479
commit 7cf6e9c479
parent 6d0edb0728 346ad4cde6
9 changed files with 158 additions and 91 deletions
--- a/roles/network/tasks/dnsmasq.yml
+++ b/roles/network/tasks/dnsmasq.yml
@ -3,30 +3,18 @@
    name: dnsmasq
    state: present

- name: Install /etc/dnsmasq.d/dnsmasq-iiab, allowing systemd-resolved AND dnsmasq to work (#1306)
+- name: Install /etc/dnsmasq.d/dnsmasq-iiab, allowing systemd-resolved AND dnsmasq to work (#1306) and custom unit file
  template:
-    src: roles/network/templates/network/dnsmasq-iiab
-    dest: /etc/dnsmasq.d/dnsmasq-iiab
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    owner: root
+    group: root
+    mode: "{{ item.mode }}"
+  with_items:
+   - { src: 'roles/network/templates/network/dnsmasq.service.u18', dest: '/etc/systemd/system/iiab-dnsmasq.service', mode: '0644' }
+   - { src: 'roles/network/templates/network/dnsmasq-iiab', dest: '/etc/dnsmasq.d/dnsmasq-iiab', mode: '644' }

-#- name: Stop dnsmasq
-#  service:
-#    name: dnsmasq
-#    state: stopped
-
-#- name: Configure dnsmasq
-#  template:
-#    src: "{{ item.src }}"
-#    dest: "{{ item.dest }}"
-#    owner: root
-#    group: root
-#    mode: "{{ item.mode }}"
-#  with_items:
-##   - { src: 'network/dnsmasq.service.rh', dest: '/etc/systemd/system/dnsmasq.service', mode: '0644' }
-#   - { src: 'roles/network/templates/network/dnsmasq.conf.j2', dest: '/etc/dnsmasq.conf', mode: '644' }
-
-#- name: Start dnsmasq
-#  systemd:
-#    name: dnsmasq
-#    state: restarted
-#    enabled: yes
-#    daemon_reload: yes
+- name: Don't use stock dnsmasq systemd unit file during boot
+  systemd:
+    name: dnsmasq
+    enabled: no
--- a/roles/network/tasks/enable_services.yml
+++ b/roles/network/tasks/enable_services.yml
@ -47,24 +47,24 @@
    enabled: no
  when: not named_enabled and named_install

- name: Disable dnsmasq, if not dnsmasq_enabled
-  systemd:
-    name: dnsmasq
-    enabled: no
-  when: not dnsmasq_enabled and dnsmasq_install
-
 - name: Install /etc/dnsmasq.conf from template, if dnsmasq_enabled
  template:
    src: network/dnsmasq.conf.j2
    dest: /etc/dnsmasq.conf
  when: dnsmasq_enabled and dnsmasq_install

- name: Enable dnsmasq systemd service, if dnsmasq_enabled
+- name: Enable iiab-dnsmasq systemd service, if dnsmasq_enabled
  systemd:
-    name: dnsmasq
+    name: iiab-dnsmasq
    enabled: yes
  when: dnsmasq_enabled and dnsmasq_install

+- name: Disable iiab-dnsmasq, if not dnsmasq_enabled
+  systemd:
+    name: iiab-dnsmasq
+    enabled: no
+  when: not dnsmasq_enabled and dnsmasq_install
+
 - name: Enable DansGuardian systemd service, if dansguardian_enabled
  systemd:
    name: dansguardian
--- a/roles/network/tasks/main.yml
+++ b/roles/network/tasks/main.yml
@ -104,9 +104,16 @@
  tags:
    - network

- name: NetworkManager in use (if ubuntu-18 and network_manager_active)
+- name: Netplan in use on ubuntu 18
+  include_tasks: netplan.yml
+  when: is_ubuntu_18
+#and not installing
+  tags:
+    - network
+
+- name: NetworkManager in use
  include_tasks: NM-debian.yml
-  when: is_ubuntu_18 and network_manager_active
+  when: is_debuntu and network_manager_active
 #and not installing
  tags:
    - network
--- a/roles/network/tasks/netplan.yml
+++ b/roles/network/tasks/netplan.yml
@ -0,0 +1,70 @@
+# netplan.yml
+- name: Figure out netplan file name on Ubuntu 18
+  shell: ls /etc/netplan
+  register: netplan
+
+- name: Disable cloud-init the easy way
+  shell: touch /etc/cloud/cloud-init.disabled
+  when: ("item" == "50-cloud-init.yaml")
+  with_items:
+    - "{{ netplan.stdout_lines }}"
+
+- name: Remove stock netplan template
+  file:
+    state: absent
+    dest: /etc/netplan/{{ item }}
+  with_items:
+    - "{{ netplan.stdout_lines }}"
+  when: netplan.stdout.find("yaml") != -1
+
+- name: Cheap way to do systemd unmask
+  file:
+    state: absent
+    dest: /etc/systemd/system/systemd-networkd-wait-online.service
+
+- name: Ensure systemd-networkd-wait-online is enabled
+  systemd:
+    name: "{{ item }}"
+    enabled: yes
+  with_items:
+    - systemd-networkd-wait-online
+  when: systemd_networkd_active
+
+# ICO will always set gui_static_wan_ip away from the default of 'unset' while
+# gui_static_wan turns dhcp on/off through wan_ip in computed_network and
+# overrides gui_static_wan_ip that is present. Changing wan_ip in local_vars
+# is a oneway street to static.
+- name: Static IP computing CIDR
+  shell: netmask {{ wan_ip }}/{{ wan_netmask }} | awk -F "/" '{print $2}'
+  register: CIDR
+  when: wan_ip != "dhcp"
+
+- name: Static IP setting CIDR
+  set_fact:
+    wan_cidr: "{{ CIDR.stdout }}"
+  when: wan_ip != "dhcp"
+
+- name: Supply netplan template
+  template:
+    dest: /etc/netplan/01-iiab-config.yaml
+    src: network/netplan.j2
+    backup: no
+
+# should blow up here if we messed up the yml file
+#- name: Generate netplan config
+#  shell: netplan generate --debug
+
+#- name: Stopping services
+#  include_tasks: down-debian.yml
+
+# wants a controlling terminal for the ENTER key, so it fails
+#- name: Test netplan config
+#  shell: netplan try --debug --timeout=2
+#  register: test-netplan
+#  ignore_errors: True
+
+# and does not apply the generated config until rebooted
+# or ignore the above test - on the fence atm...
+#- name: Reload netplan
+#  shell: netplan apply
+#  when: not no_net_restart and test-netplan == "Configuration accepted"
--- a/roles/network/tasks/sysd-netd-debian.yml
+++ b/roles/network/tasks/sysd-netd-debian.yml
@ -17,16 +17,11 @@
    src: network/systemd-br0-slave.j2
  when: iiab_wired_lan_iface is defined and iiab_lan_iface == "br0"

- name: Stopping services
-  include_tasks: down-debian.yml
-
- name: Disable and mask systemd-networkd-wait-online
-  systemd:
-    name: systemd-networkd-wait-online
-    enabled: no
-    masked: yes
-    state: stopped
-  when: is_ubuntu_18
+- name: Remove static WAN template
+  file:
+    state: absent
+    dest: /etc/systemd/network/IIAB-Static.network
+  when: wan_ip == "dhcp"

 - name: Static IP computing CIDR
  shell: netmask {{ wan_ip }}/{{ wan_netmask }} | awk -F "/" '{print $2}'
@ -38,34 +33,15 @@
    wan_cidr: "{{ CIDR.stdout }}"
  when: wan_ip != "dhcp"

- name: Figure out netplan file name on Ubuntu 18
-  shell: ls /etc/netplan
-  register: netplan
-  when: is_ubuntu_18
-
-# ICO will always set gui_static_wan_ip away from the default of 'unset' while
-# gui_static_wan turns dhcp on/off through wan_ip in computed_network and
-# overrides gui_static_wan_ip that is present. Changing wan_ip in local_vars
-# is a oneway street to static.
- name: Supply static template
-  template:
-    dest:  /etc/netplan/{{ netplan.stdout }}
-    src: network/cloud-init.j2
-    backup: no
-  when: (wan_ip != "dhcp" or gui_static_wan_ip == "undefined") and is_ubuntu_18
-
- name: Remove static WAN template
-  file:
-    state: absent
-    dest: /etc/systemd/network/IIAB-Static.network
-  when: wan_ip == "dhcp" and not is_ubuntu_18
-
 - name: Supply static WAN template
  template:
    dest: /etc/systemd/network/IIAB-Static.network
    src: network/systemd-static-net.j2
  when: wan_ip != "dhcp" and not is_ubuntu_18

+- name: Stopping services
+  include_tasks: down-debian.yml
+
 - name: Reload systemd
  systemd:
    daemon_reload: yes
--- a/roles/network/templates/hostapd/hostapd.service.j2
+++ b/roles/network/templates/hostapd/hostapd.service.j2
@ -1,6 +1,7 @@
 [Unit]
 Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
-After=network-online.target
+Before=network.target
+Wants=network-pre.target

 [Service]
 Type=idle
--- a/roles/network/templates/network/cloud-init.j2
+++ b/roles/network/templates/network/cloud-init.j2
@ -1,23 +0,0 @@
-{% if wan_ip != "dhcp" %}
-network:
-    ethernets:
-        {{ iiab_wan_iface }}:
-            addresses:
-            - {{ wan_ip }}/{{ wan_cidr }}
-            gateway4: {{ wan_gateway }}
-            nameservers:
-               addresses:
-               - {{ wan_nameserver }}
-               search:
-               - {{ iiab_domain }}
-            optional: true
-    version: 2
-{% else %}
-network:
-    ethernets:
-        {{ iiab_wan_iface }}:
-            addresses: []
-            dhcp4: true
-            optional: true
-    version: 2
-{% endif %}
--- a/roles/network/templates/network/dnsmasq.service.u18
+++ b/roles/network/templates/network/dnsmasq.service.u18
@ -0,0 +1,11 @@
+[Unit]
+Description=Network iiab-dnsmasq
+After=network-online.target
+Requires=network-online.target
+
+[Service]
+Type=oneshot
+ExecStart=/bin/systemctl start dnsmasq
+
+[Install]
+WantedBy=multi-user.target
--- a/roles/network/templates/network/netplan.j2
+++ b/roles/network/templates/network/netplan.j2
@ -0,0 +1,37 @@
+network:
+  version: 2
+{% if network_manager_active %}
+  renderer: NetworkManager
+{% else  %}
+  renderer: networkd
+{% endif %}
+  ethernets:
+    {{ iiab_wan_iface }}:
+{% if wan_ip != "dhcp" %}
+      addresses:
+      - {{ wan_ip }}/{{ wan_cidr }}
+      gateway4: {{ wan_gateway }}
+      nameservers:
+        addresses:
+        - {{ wan_nameserver }}
+      search:
+      - {{ iiab_domain }}
+{% else %}
+      dhcp4: yes
+{% endif %}
+#{% if iiab_lan_iface == "br0" %}
+#    bridges:
+#      # the key name is the name for virtual (created) interfaces
+#        br0:
+#        # IDs of the components; switchports expands into multiple interfaces
+#        # interfaces: [switchports]
+#            # should really compute the netmask like the wan side
+#            addresses: [ {{ lan_ip }}/19]
+#            # there should really not be a gateway present testing to prove
+#            gateway4: {{ lan_ip }}
+#            nameservers:
+#                addresses: [{{ lan_ip }}]
+#            parameters:
+#                forward-delay: 0
+#                stp: false
+#{% endif %}