debops.ifupdown default variables
Sections
APT packages
- ifupdown__base_packages
List of base APT packages to install.
ifupdown__base_packages:
- [ 'ifupdown', 'bsdutils', 'rsync' ]
- '{{ []
if ("/usr/sbin/NetworkManager" in ansible_local.ifupdown.known_managers|d([]))
else "rdnssd" }}'
- ifupdown__dynamic_packages
List of APT packages to install based on the requirements of the interface types that are configured by the role (support for bridges, bonding, VLANs, depends on the presence of a given interface type).
ifupdown__dynamic_packages: '{{ lookup("template", "lookup/ifupdown__dynamic_packages.j2", convert_data=False) | from_yaml }}'
- ifupdown__packages
List of additional APT packages to install with the role.
ifupdown__packages: []
- ifupdown__purge_packages
List of APT packages which will be purged when this role is
enabled, to stop them from interfering with ifupdown
.
ifupdown__purge_packages: [ 'netplan.io', 'nplan' ]
General role configuration
- ifupdown__interface_weight_map
This is a YAML dictionary which maps the interface type to a number which is prepended to the configuration file names to ensure correct order of the network interfaces. It also defines the order the interfaces are brought down and up.
You shouldn't change the map after the ifupdown configuration is deployed, otherwise the role will lose track of the configuration files and duplicate configuration might be created.
ifupdown__interface_weight_map:
'mapping': '00'
'bonding': '10'
'ether': '20'
'slip': '30'
'wlan': '30'
'wwan': '30'
'vlan': '40'
'bridge': '60'
'6to4': '80'
'tunnel': '80'
'default': '80'
- ifupdown__reconfigure_auto
If True
, the role will reconfigure interfaces automatically after changes
are detected by Ansible. If False
, role will install the reconfiguration
script on the remote host so that the user can run it to apply the changes by
hand.
ifupdown__reconfigure_auto: True
- ifupdown__reconfigure_script_path
Path where the reconfiguration script will be installed if automatic reconfiguration is disabled.
ifupdown__reconfigure_script_path: '{{ (ansible_local.fhs.lib | d("/usr/local/lib"))
+ "/ifupdown-reconfigure-interfaces" }}'
- ifupdown__reconfigure_init_file
Path where the original /etc/network/interfaces
file will be copied
to on the first role run to allow for reconfiguration of existing interfaces.
ifupdown__reconfigure_init_file: '/etc/network/interfaces.d/old-interfaces'
- ifupdown__default_nat_masquerade
By default, when IPv4 NAT is enabled on a bridge interface, the role will configure a SNAT firewall rule using the primary IP address of the default gateway interface. This is good for hosts in a static environment, where the host's IP address doesn't change.
If your host is used in a dynamic environment or switches between different
environments, you can set this variable to True
and the role will use the
MASQUERADE firewall rule instead to modify packets on the fly with current
outgoing IPv4 address. This can be changed on the interface level as well.
ifupdown__default_nat_masquerade: False
Default network interface layout
- ifupdown__external_interface
Name of the physical network interface which is assumed by the role to be an "external" interface. This is usually the default network interface.
ifupdown__external_interface: '{{ ansible_local.ifupdown.external_interface|d(lookup("template", "lookup/ifupdown__external_interface.j2", convert_data=False) | from_yaml) }}'
- ifupdown__internal_interface
Name of the physical network interface which is assumed by the role to be an "internal" interface. This will be one of the non-default network interfaces, chosen in alphabetical order.
ifupdown__internal_interface: '{{ ansible_local.ifupdown.internal_interface|d(lookup("template", "lookup/ifupdown__internal_interface.j2", convert_data=False) | from_yaml) }}'
- ifupdown__interface_layout
Name of the "network interface layout" defined in the
ifupdown__default_interfaces_map
which will be used to configure
initial state of the network interfaces. This name is used in the
ifupdown__default_interfaces
variable to select a network layout.
ifupdown__interface_layout: '{{ "dynamic"
if (ansible_virtualization_type in [ "lxc","openvz" ] and
ansible_virtualization_role == "guest")
else "bridge" }}'
- ifupdown__default_interfaces_map
A YAML dictionary with different network interface configurations:
static
One Ethernet primary interface with static configuration taken from Ansible facts.
dynamic
One or two Ethernet interfaces with DHCP configuration.
bridge
One or two Ethernet interfaces with bridges attached to them, each bridge uses DHCP configuration.
manual
Do not use any network interface layout and do not configure any interface.
The default interface configuration can be modified by other
ifupdown__*_interfaces
variables if necessary.
See the ifupdown__interfaces documentation for more details.
ifupdown__default_interfaces_map:
'static':
'external':
iface: '{{ ansible_default_ipv4.interface|d("") }}'
inet: 'static'
inet6: 'auto'
address: '{{ (ansible_default_ipv4.address|d("") + "/" +
ansible_default_ipv4.netmask|d("")) }}'
gateway: '{{ ansible_default_ipv4.gateway|d("") }}'
dns_nameservers: '{{ ansible_dns.nameservers|d(False) }}'
dns_search: '{{ ansible_dns.search|d(False) }}'
'dynamic':
'external':
iface: '{{ ifupdown__external_interface }}'
inet: 'dhcp'
inet6: 'auto'
state: '{{ "present"
if ifupdown__external_interface in ansible_interfaces
else "ignore" }}'
'internal':
iface: '{{ ifupdown__internal_interface }}'
inet: 'dhcp'
inet6: 'auto'
state: '{{ "present"
if ifupdown__internal_interface in ansible_interfaces
else "ignore" }}'
'br0':
state: '{{ "absent"
if (ansible_local.ifupdown.interface_layout|d() == "bridge")
else "ignore" }}'
'br1':
state: '{{ "absent"
if (ansible_local.ifupdown.interface_layout|d() == "bridge")
else "ignore" }}'
'bridge':
'external':
iface: '{{ ifupdown__external_interface }}'
inet: 'manual'
inet6: False
state: '{{ "present"
if ifupdown__external_interface in ansible_interfaces
else "ignore" }}'
'internal':
iface: '{{ ifupdown__internal_interface }}'
inet: 'manual'
inet6: False
state: '{{ "present"
if ifupdown__internal_interface in ansible_interfaces
else "ignore" }}'
'br0':
inet: 'dhcp'
inet6: 'auto'
type: 'bridge'
forward: True
bridge_ports: '{{ ifupdown__external_interface }}'
state: '{{ "present"
if ifupdown__external_interface in ansible_interfaces
else "ignore" }}'
'br1':
inet: 'dhcp'
inet6: 'auto'
type: 'bridge'
forward: True
bridge_ports: '{{ ifupdown__internal_interface }}'
state: '{{ "present"
if ifupdown__internal_interface in ansible_interfaces
else "ignore" }}'
'manual': {}
Network interface configuration
These variables are YAML dictionaries with network interface definitions. See ifupdown__interfaces documentation for more details.
- ifupdown__ethernet_interfaces
YAML dictionary which holds the basic information about the Ethernet interfaces detected by the role.
ifupdown__ethernet_interfaces: '{{ lookup("template", "lookup/ifupdown__ethernet_interfaces.j2", convert_data=False) | from_yaml }}'
- ifupdown__default_interfaces
YAML dictionary which holds the default configuration applied to the network interfaces, depending on the selected interface layout.
ifupdown__default_interfaces: '{{ ifupdown__default_interfaces_map[ifupdown__interface_layout] | d({}) }}'
- ifupdown__interfaces
YAML dictionary which holds the configuration of network interfaces for all hosts in the Ansible inventory.
ifupdown__interfaces: {}
- ifupdown__group_interfaces
YAML dictionary which holds the configuration of network interfaces for hosts in a specific Ansible inventory group.
ifupdown__group_interfaces: {}
- ifupdown__host_interfaces
YAML dictionary which holds the configuration of network interfaces for specific hosts in the Ansible inventory.
ifupdown__host_interfaces: {}
- ifupdown__dependent_interfaces
YAML dictionary which holds the configuration of network interfaces defined by other Ansible roles via dependent variables.
ifupdown__dependent_interfaces: {}
- ifupdown__combined_interfaces
YAML dictionary which combines all of the other network interface configuration variables and is used in the role tasks and templates to generate the configuration.
ifupdown__combined_interfaces: '{{ lookup("template", "lookup/ifupdown__combined_interfaces.j2", convert_data=False) | from_yaml }}'
Custom ifupdown hooks
- ifupdown__custom_hooks
List of custom hooks created by the debops.ifupdown
role. See
Custom ifupdown hooks for more details.
ifupdown__custom_hooks:
- name: 'filter-dhcp-options'
hook: 'etc/dhcp/dhclient-enter-hooks.d/filter-dhcp-options'
mode: '0644'
state: 'present'
Custom configuration files
You can create custom configuration files on remote hosts if needed to further configure the network interfaces. See ifupdown__custom_files for more details.
- ifupdown__custom_files
Manage custom files on all hosts in Ansible inventory.
ifupdown__custom_files: []
- ifupdown__custom_group_files
Manage custom files on hosts in specific Ansible inventory group.
ifupdown__custom_group_files: []
- ifupdown__custom_host_files
Manage custom files on specific hosts in Ansible inventory.
ifupdown__custom_host_files: []
- ifupdown__custom_dependent_files
Manage custom files defined by other Ansible roles through the role dependent variables.
ifupdown__custom_dependent_files: []
Configuration for other Ansible roles
- ifupdown__ferm__dependent_rules
Configuration for debops.ferm, generated dynamically from the network interface configuration and passed to the role through a variable.
ifupdown__ferm__dependent_rules: '{{ lookup("template", "lookup/ifupdown__ferm__dependent_rules.j2", convert_data=False) | from_yaml }}'
- ifupdown__kmod__dependent_load
Configuration for debops.kmod, generated dynamically from the network interface configuration and passed to the role through a variable.
ifupdown__kmod__dependent_load: '{{ lookup("template", "lookup/ifupdown__kmod__dependent_load.j2", convert_data=False) | from_yaml }}'
- ifupdown__sysctl__dependent_parameters
Configuration for the debops.sysctl Ansible role.
ifupdown__sysctl__dependent_parameters: '{{ lookup("template",
"lookup/ifupdown__sysctl__dependent_parameters.j2",
convert_data=False) | from_yaml }}'
Role metadata
- ifupdown__role_metadata
This is a variable with the role metadata used internally by DebOps.
ifupdown__role_metadata:
version: '0.3.0'