diff --git a/roles/network/tasks/computed_services.yml b/roles/network/tasks/computed_services.yml index 5b5bac4da..1ba1283d7 100644 --- a/roles/network/tasks/computed_services.yml +++ b/roles/network/tasks/computed_services.yml @@ -2,16 +2,12 @@ set_fact: dansguardian_enabled: False squid_enabled: False - named_enabled: True - dhcpd_enabled: False wondershaper_enabled: False iiab_network_mode: "Appliance" when: iiab_lan_iface == "none" or user_lan_iface == "none" - name: LAN configured - 'LanController' mode set_fact: - named_enabled: True - dhcpd_enabled: True dansguardian_enabled: False squid_enabled: False wondershaper_enabled: False @@ -20,11 +16,32 @@ - name: LAN configured - 'Gateway' mode set_fact: - named_enabled: True - dhcpd_enabled: True iiab_network_mode: "Gateway" when: 'iiab_lan_iface != "none" and iiab_wan_iface != "none"' +- name: No LAN configured - non-dnsmasq + set_fact: + named_enabled: True + dhcpd_enabled: False + dns_service2: "{{ dns_service }}" + when: iiab_lan_iface == "none" or user_lan_iface == "none" and dns_service!= "dnsmasq" +# when: iiab_lan_iface == "none" or user_lan_iface == "none" and not dnsmasq_enabled" + +- name: LAN configured - non-dnsmasq + set_fact: + named_enabled: True + dhcpd_enabled: True + dns_service2: "{{ dns_service }}" + when: dns_service != "dnsmasq" and iiab_network_mode != "Appliance" +# when: not dnsmasq_enabled and iiab_network_mode != "Appliance" + +#- name: LAN configured - dnsmasq +# set_fact: +# named_enabled: False +# dhcpd_enabled: False +# dns_service2: dnsmasq +# when: dnsmasq_enabled and iiab_network_mode != "Appliance" + - name: Add location section to config file ini_file: dest='{{ iiab_config_file }}' section=network diff --git a/roles/network/tasks/debian.yml b/roles/network/tasks/debian.yml index 8be1ec8f6..97346ac07 100644 --- a/roles/network/tasks/debian.yml +++ b/roles/network/tasks/debian.yml @@ -25,11 +25,6 @@ state=absent when: iiab_lan_iface != "br0" and wan_ip == "dhcp" -- name: Default to 'lan_controller' - set_fact: - gui_desired_network_role: "lan_controller" - when: not gui_desired_network_role is defined - - name: Supply resolvconf.conf template: dest=/etc/resolvconf.conf src=network/resolvconf.j2 @@ -45,26 +40,33 @@ register: interface when: iiab_lan_iface == "br0" or wan_ip != "dhcp" -- name: Start up the dhcpcd service - service: name=dhcpcd - enabled=True - state=started - - name: If this was a change, things need to shift service: name=hostapd state=stopped when: interface.changed -- name: dhcpd may be affected - service: name=bind9 state=stopped +#- name: dhcpcd may be affected +# service: name=dhcpcd state=stopped +# when: interface.changed and dhcpcd_result == "enabled" + +- name: dns may be affected + service: name={{ dns_service2 }} state=stopped when: interface.changed -- name: Restart the networking service +- name: reload systemd + shell: systemctl daemon-reload + +# now pick up denyinterfaces +- name: restart dhcpcd + service: name=dhcpcd state=restarted + when: interface.changed and dhcpcd_result == "enabled" + +- name: restart the networking service service: name=networking state=restarted when: interface.changed - -- name: start up dhcpcd again - service: name=dhcpcd state=started - when: interface.changed and dhcpcd_result == "enabled" + +- name: dns may be affected + service: name={{ dns_service2 }} state=started + when: interface.changed #create lan br0 if lan_controller or gateway #create wan br0 if appliance diff --git a/roles/network/tasks/enable_services.yml b/roles/network/tasks/enable_services.yml index dd968341a..e6e47cd48 100644 --- a/roles/network/tasks/enable_services.yml +++ b/roles/network/tasks/enable_services.yml @@ -39,7 +39,23 @@ enabled=no when: not named_enabled -- name: Enable DansGuardian +#- name: Enable dnsmasq +# service: name=dnsmasq +# enabled=no +# when: dnsmasq_enabled + +# copy config file +#- name: Supply dnsmasq.conf +# template: dest= +# src= +# when: dnsmasq_enabled + +#- name: Enable dnsmasq +# service: name=dnsmasq +# enabled=yes +# when: dnsmasq_enabled + +- name: Enable dansguardian service: name=dansguardian enabled=yes when: dansguardian_enabled and dansguardian_install diff --git a/roles/network/tasks/ifcfg_mods.yml b/roles/network/tasks/ifcfg_mods.yml index b98c9a019..89b03a922 100644 --- a/roles/network/tasks/ifcfg_mods.yml +++ b/roles/network/tasks/ifcfg_mods.yml @@ -67,6 +67,10 @@ - include: enable_wan.yml when: not installing and not iiab_demo_mode +- name: ask systemd to reread the unit files, picks up changes done + shell: systemctl daemon-reload + when: not installing + # monitor-connection-files defaults to no with F21, F18-F20 defaults to yes - name: Re-read network config files shell: nmcli con reload diff --git a/roles/network/tasks/main.yml b/roles/network/tasks/main.yml index 0d8b2b8cc..9bb1763f2 100644 --- a/roles/network/tasks/main.yml +++ b/roles/network/tasks/main.yml @@ -40,7 +40,6 @@ - network - domain - ##### Start static ip address info for first run ##### #- include: static.yml # when: 'iiab_wan_iface != "none" and wan_ip != "dhcp"' @@ -50,6 +49,9 @@ tags: - network +##### end hostname setup +##### start install portion +# only needs to be done once - include: named.yml tags: - named @@ -80,9 +82,20 @@ tags: - network -- name: Ask systemd to reread the unit files, picks up changes done - shell: systemctl daemon-reload +#### end install portion +#### start network layout +# setting installing would skip configuring network +# but would configure but not start services +- include: computed_network.yml when: not installing + tags: + - network + - network-discover + +# templates needed from above install section live here +- include: enable_services.yml + tags: + - network - include: ifcfg_mods.yml tags: @@ -99,6 +112,11 @@ - network when: is_debuntu and is_rpi and not installing +- include: hostapd.yml + when: not installing + tags: + - network + - name: Create IIAB network flags template: src=network/{{ item }}.j2 dest=/etc/sysconfig/{{ item }} @@ -109,21 +127,15 @@ when: not installing tags: - network +#### end network layout +#### start services - include: computed_services.yml tags: - network -- include: enable_services.yml - tags: - - network - - include: restart.yml when: not installing tags: - network - -- include: hostapd.yml - when: not installing - tags: - - network +#### end services diff --git a/roles/network/tasks/restart.yml b/roles/network/tasks/restart.yml index 61833144b..4de5c37c4 100644 --- a/roles/network/tasks/restart.yml +++ b/roles/network/tasks/restart.yml @@ -15,12 +15,14 @@ state=stopped when: not named_enabled +#- name: Stop dnsmasq service +# service: name=dnsmasq +# state=stopped +# when: not dnsmasq_enabled + - name: Start named service - service: name={{ dns_service }} + service: name={{ dns_service2 }} state=started - ignore_errors: True - when: named_enabled - register: dns_started - name: Stop DansGuardian service: name=dansguardian diff --git a/roles/network/tasks/rpi_debian.yml b/roles/network/tasks/rpi_debian.yml index 2f4219aff..b26cd84f4 100644 --- a/roles/network/tasks/rpi_debian.yml +++ b/roles/network/tasks/rpi_debian.yml @@ -47,8 +47,8 @@ service: name=hostapd state=stopped when: interface.changed -- name: dhcpd may be affected - service: name=bind9 state=stopped +- name: dhcpcd may be affected + service: name=dhcpcd state=stopped when: interface.changed - name: Tear down any bridge and start fresh @@ -69,6 +69,10 @@ - name: start up dhcpcd again service: name=dhcpcd state=started +# now pick up denyinterfaces +- name: restart dhcpcd + service: name=dhcpcd state=restarted + - name: restart the networking service service: name=networking state=restarted diff --git a/roles/network/templates/network/systemd.j2 b/roles/network/templates/network/systemd.j2 index fb2e3a28f..58260354b 100644 --- a/roles/network/templates/network/systemd.j2 +++ b/roles/network/templates/network/systemd.j2 @@ -3,9 +3,9 @@ {% if iiab_network_mode == "Appliance" %} ################# APPLIANCE ######################### -{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet dhcp +iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set iface {{ iiab_wan_iface }} inet manual {% endif %} {# end of dhcp_wan #} @@ -29,9 +29,9 @@ iface br0 inet static address {{ lan_ip }} netmask {{ lan_netmask }} dns-nameservers {{ lan_ip }} -{% if dhcpcd_result != "enabled" or wan_in_interfaces == "false" %} +{% if dhcpcd_result == "enabled" and wan_in_interfaces == "false" %} auto {{ iiab_wan_iface }} -iface {{ iiab_wan_iface }} inet dhcp +iface {{ iiab_wan_iface }} inet manual {% else %} # gui_static_wan_ip is set iface {{ iiab_wan_iface }} inet manual {% endif %} {# end of dhcp_wan #}