98 lines
2 KiB
YAML
98 lines
2 KiB
YAML
|
- name: Set hostname
|
||
|
hostname:
|
||
|
name: "{{ inventory_hostname }}"
|
||
|
|
||
|
- name: Set hostname in /etc/hosts
|
||
|
lineinfile:
|
||
|
path: /etc/hosts
|
||
|
regexp: '^127.0.1.1\s+'
|
||
|
line: "127.0.1.1 {{ inventory_hostname }}"
|
||
|
|
||
|
- name: Disable unneeded services
|
||
|
service:
|
||
|
name: '{{ item }}'
|
||
|
enabled: false
|
||
|
state: stopped
|
||
|
loop:
|
||
|
- nvued
|
||
|
- netqd@mgmt
|
||
|
|
||
|
- name: Set up ports
|
||
|
template:
|
||
|
dest: /etc/cumulus/ports.conf
|
||
|
src: ports.conf.j2
|
||
|
notify: reload switchd
|
||
|
|
||
|
- name: Set up management VRF and interface
|
||
|
template:
|
||
|
dest: /etc/network/interfaces
|
||
|
src: interfaces.j2
|
||
|
mode: 0644
|
||
|
notify: reload interfaces
|
||
|
|
||
|
- name: Set up loopback and switch interfaces
|
||
|
template:
|
||
|
dest: "/etc/network/interfaces.d/{{ item }}.intf"
|
||
|
src: "{{ item }}.intf.j2"
|
||
|
mode: 0644
|
||
|
notify: reload interfaces
|
||
|
loop:
|
||
|
- loopback
|
||
|
- switch
|
||
|
|
||
|
- name: Set up peerlink
|
||
|
template:
|
||
|
dest: "/etc/network/interfaces.d/bond.intf"
|
||
|
src: "bond.intf.j2"
|
||
|
mode: 0644
|
||
|
notify: reload interfaces
|
||
|
when: "peer is defined"
|
||
|
|
||
|
- name: Set up bridge
|
||
|
template:
|
||
|
dest: "/etc/network/interfaces.d/bridge.intf"
|
||
|
src: "bridge.intf.j2"
|
||
|
mode: 0644
|
||
|
notify: reload interfaces
|
||
|
when: "'bridge' in interfaces | map(attribute='name')"
|
||
|
|
||
|
- name: Set up bonds
|
||
|
template:
|
||
|
dest: "/etc/network/interfaces.d/bond.intf"
|
||
|
src: "bond.intf.j2"
|
||
|
mode: 0644
|
||
|
notify: reload interfaces
|
||
|
when: "'lag' in interfaces | map(attribute='type.value')"
|
||
|
|
||
|
- name: Set nameservers for mgmt VRF
|
||
|
template:
|
||
|
dest: /etc/resolv.conf
|
||
|
src: resolv.conf.j2
|
||
|
mode: 0644
|
||
|
notify: reload interfaces
|
||
|
|
||
|
- name: Disable SSH in default VRF
|
||
|
service:
|
||
|
name: ssh
|
||
|
enabled: no
|
||
|
state: stopped
|
||
|
|
||
|
- name: Listen for SSH only in mgmt VRF
|
||
|
service:
|
||
|
name: ssh@mgmt
|
||
|
enabled: yes
|
||
|
state: started
|
||
|
|
||
|
- name: Enable BGP for FRR
|
||
|
lineinfile:
|
||
|
path: /etc/frr/daemons
|
||
|
regexp: '^bgpd='
|
||
|
line: 'bgpd=yes'
|
||
|
notify: restart frr
|
||
|
|
||
|
- name: Enable FRR
|
||
|
service:
|
||
|
name: frr
|
||
|
enabled: yes
|
||
|
state: started
|