Compare commits
No commits in common. "f9f899fb2e79b74fb124013863141065b563e9e0" and "cbd3f1a7eaa5408f404df04d0359aa174b948466" have entirely different histories.
f9f899fb2e
...
cbd3f1a7ea
3 changed files with 3 additions and 45 deletions
|
|
@ -1,21 +0,0 @@
|
||||||
#!/usr/bin/python
|
|
||||||
|
|
||||||
class FilterModule(object):
|
|
||||||
'''Helper filters to make Ansible less unpleasant'''
|
|
||||||
def filters(self):
|
|
||||||
return {
|
|
||||||
'defaultattr': self.defaultattr,
|
|
||||||
'list2dict': self.list2dict,
|
|
||||||
}
|
|
||||||
|
|
||||||
def defaultattr(self, objects, attr, val=None):
|
|
||||||
'''
|
|
||||||
Set a default value if the given attribute is not defined for an object.
|
|
||||||
'''
|
|
||||||
yield from (obj | { attr: obj.get(attr, val) } for obj in objects)
|
|
||||||
|
|
||||||
def list2dict(self, items, key):
|
|
||||||
'''
|
|
||||||
Like items2dict but keep entire dictionaries as values.
|
|
||||||
'''
|
|
||||||
return {item[key]: item for item in items}
|
|
||||||
|
|
@ -1,21 +1,9 @@
|
||||||
{# Loopback interface must be present so define it here if none exists. #}
|
|
||||||
{% if interfaces | rejectattr("name", "==", "lo") %}
|
|
||||||
auto lo
|
auto lo
|
||||||
iface lo inet loopback
|
iface lo inet loopback
|
||||||
|
|
||||||
{% endif -%}
|
{% for iface in interfaces | selectattr('enabled') %}
|
||||||
|
|
||||||
{# Skip disabled and OOB management interfaces. #}
|
|
||||||
{# For VMs we have to set the attribute manually (to false) so rejectattr works. #}
|
|
||||||
{% for iface in interfaces
|
|
||||||
| defaultattr('mgmt_only')
|
|
||||||
| rejectattr('mgmt_only')
|
|
||||||
| selectattr('enabled') %}
|
|
||||||
auto {{ iface.name }}
|
auto {{ iface.name }}
|
||||||
iface {{ iface.name }} inet {% if iface.name == "lo" %}loopback{% else %}static{% endif +%}
|
iface {{ iface.name }} inet static
|
||||||
{% if iface.mtu %}
|
|
||||||
mtu {{ iface.mtu }}
|
|
||||||
{% endif %}
|
|
||||||
{% for address in iface.ip_addresses %}
|
{% for address in iface.ip_addresses %}
|
||||||
address {{ address.address }}
|
address {{ address.address }}
|
||||||
{% if address.family.value == 4 %}
|
{% if address.family.value == 4 %}
|
||||||
|
|
@ -33,6 +21,4 @@ iface {{ iface.name }} inet {% if iface.name == "lo" %}loopback{% else %}static{
|
||||||
pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
|
pre-up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/autoconf
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% endfor -%}
|
{% endfor %}
|
||||||
|
|
||||||
source-directory /etc/network/interfaces.d
|
|
||||||
|
|
|
||||||
|
|
@ -16,13 +16,6 @@
|
||||||
- certbot
|
- certbot
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: Don’t enable old TLS versions
|
|
||||||
lineinfile:
|
|
||||||
path: /etc/nginx/nginx.conf
|
|
||||||
regex: '(\s+ssl_protocols\s.*)'
|
|
||||||
backrefs: yes
|
|
||||||
line: '#\1'
|
|
||||||
|
|
||||||
- name: Create HTTP server directories
|
- name: Create HTTP server directories
|
||||||
file:
|
file:
|
||||||
path: /srv/http/.well-known
|
path: /srv/http/.well-known
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue