main.yml 7.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192
  1. - name: l2tp Install dependencies for this role
  2. apt:
  3. pkg: "{{ item }}"
  4. state: present
  5. with_items:
  6. - bridge-utils
  7. - ebtables
  8. - git
  9. - iproute
  10. - libevent-dev
  11. - libnetfilter-conntrack3
  12. - python-dev
  13. - python-virtualenv
  14. # additional dependencies for wlanslovenija's version
  15. - libffi-dev
  16. - libnfnetlink-dev
  17. - libnetfilter-conntrack-dev
  18. - gcc
  19. when: domaenenliste is defined
  20. - name: Determine whether the global version of tunneldigger is installed or not
  21. stat: path=/lib/systemd/system/tunneldigger.service
  22. register: _td_global_installed
  23. when: domaenenliste is defined
  24. - name: Determine whether the per domain version of tunneldigger is installed or not
  25. stat: path=/lib/systemd/system/tunneldigger@.service
  26. register: _td_per_domain_installed
  27. when: domaenenliste is defined
  28. - name: Get all enabled tunneldigger (domain specific) instances
  29. shell: '/bin/ls /etc/systemd/system/multi-user.target.wants/tunneldigger@* | grep -oE "[0-9]+"'
  30. changed_when: False
  31. failed_when: False
  32. check_mode: no
  33. register: _td_domain_instances
  34. when: domaenenliste is defined
  35. # remove /etc/systemd/system/tunneldigger.service if it's not a symlink (issue within older versie of this role, may can be removed in the future)
  36. - name: Remove tunneldigger.service from systemd's local config if it isn't a symlink
  37. file: path=/etc/systemd/system/tunneldigger.service state=absent
  38. register: _old_td_systemd
  39. when: domaenenliste is defined
  40. - name: Stop and disable obsolete td instances
  41. service: name="tunneldigger@{{item}}.service" enabled=no state=stopped
  42. with_items: "{{_td_domain_instances.stdout_lines}}"
  43. when: domaenenliste is defined and (item not in domaenenliste or tunneldigger.instance_per_domain == False) and _td_per_domain_installed.stat.exists == True
  44. - name: Stop global td instance if change to per domain instances is ongoing
  45. service: name="tunneldigger.service" enabled=no state=stopped
  46. when:
  47. - domaenenliste is defined
  48. - tunneldigger.instance_per_domain == True and (_td_global_installed.stat.exists == True or _old_td_systemd.changed == True)
  49. - name: Delete global td systemd config if change to per domain instances is ongoing
  50. file: path=/lib/systemd/system/tunneldigger.service state=absent
  51. when:
  52. - domaenenliste is defined
  53. - tunneldigger.instance_per_domain == True and (_td_global_installed.stat.exists == True or _old_td_systemd.changed == True)
  54. - name: Delete per domain td systemd config if change to global td is ongoing
  55. file: path=/lib/systemd/system/tunneldigger@.service state=absent
  56. when:
  57. - domaenenliste is defined
  58. - tunneldigger.instance_per_domain == False and _td_per_domain_installed.stat.exists == True
  59. # tasks for wlanslovenija's version
  60. # git: repo=https://github.com/wlanslovenija/tunneldigger dest=/srv/tunneldigger force=yes update=yes version=235e111fb8fa02c4687af7f695e21204d9d28fe6
  61. - name: Clone tunneldigger (wlanslovenija fork)
  62. git: repo=https://github.com/wlanslovenija/tunneldigger dest=/srv/tunneldigger/tunneldigger force=yes update=yes
  63. when: domaenenliste is defined
  64. - name: manually setup virtualenv for tunneldigger
  65. command: virtualenv /srv/tunneldigger/tunneldigger_env -p python2.7 creates="/srv/tunneldigger/tunneldigger_env"
  66. - name: Install python dependencies
  67. shell: "/srv/tunneldigger/tunneldigger_env/bin/python /srv/tunneldigger/tunneldigger/broker/setup.py install"
  68. args:
  69. chdir: /srv/tunneldigger/tunneldigger/broker/
  70. - name: Remove repository if td mode change is ongoing
  71. file: path=/srv/tunneldigger state=absent
  72. when:
  73. - domaenenliste is defined
  74. - (tunneldigger.instance_per_domain == False and _td_per_domain_installed.stat.exists == True) or (tunneldigger.instance_per_domain == True and (_td_global_installed.stat.exists == True or _old_td_systemd.changed == True))
  75. - name: Make sure scripts directory exists
  76. file:
  77. path: /srv/tunneldigger/scripts
  78. state: directory
  79. - name: Deploy addif.sh for each domain
  80. template: src=addif.sh.j2 dest="/srv/tunneldigger/scripts/addif_domain{{item.key}}.sh" mode=0755
  81. with_dict: "{{domaenenliste}}"
  82. when:
  83. - domaenenliste is defined
  84. - tunneldigger.instance_per_domain == True
  85. - name: Deploy addif.sh if mode is global
  86. copy: src=addif.sh dest=/srv/tunneldigger/scripts mode=0755
  87. when:
  88. - domaenenliste is defined
  89. - tunneldigger.instance_per_domain == False
  90. - name: Deploy delif.sh for each domain
  91. template: src=delif.sh.j2 dest="/srv/tunneldigger/scripts/delif_domain{{item.key}}.sh" mode=0755
  92. with_dict: "{{domaenenliste}}"
  93. when:
  94. - domaenenliste is defined
  95. - tunneldigger.instance_per_domain == True
  96. - name: Deploy delif.sh if mode is global
  97. copy: src=delif.sh dest=/srv/tunneldigger/scripts mode=0755
  98. when:
  99. - domaenenliste is defined
  100. - tunneldigger.instance_per_domain == False
  101. - name: Create sperrliste.txt if not exists
  102. file:
  103. name: /srv/tunneldigger/sperrliste.txt
  104. state: touch
  105. when: domaenenliste is defined
  106. - name: Deploy tunneldigger.conf to /etc/modules-load.d/
  107. copy: src=tunneldigger.conf dest=/etc/modules-load.d/tunneldigger.conf
  108. notify: load kernel modules
  109. when: domaenenliste is defined
  110. - name: Make sure conf directory exists
  111. file:
  112. path: /srv/tunneldigger/conf
  113. state: directory
  114. - name: Deploy l2tp_broker.cfg for each domain
  115. template: src="l2tp_broker.cfg.j2" dest="/srv/tunneldigger/conf/l2tp_broker_domain{{item.key}}.cfg"
  116. notify: restart tunneldigger per domain
  117. with_dict: "{{domaenenliste}}"
  118. when:
  119. - domaenenliste is defined
  120. - tunneldigger.instance_per_domain == True
  121. - name: Deploy l2tp_broker.cfg if mode is global
  122. template: src="l2tp_broker.cfg.j2" dest="/srv/tunneldigger/conf/l2tp_broker.cfg"
  123. notify: restart tunneldigger
  124. when:
  125. - domaenenliste is defined
  126. - tunneldigger.instance_per_domain == False
  127. - name: l2tp-bridge einrichten
  128. template: src=l2tp_bridge.j2 dest=/etc/network/interfaces.d/20_l2tp_bridge.cfg
  129. notify: restart networking
  130. when: domaenenliste is defined
  131. - name: Deploy tunneldigger@.service template file
  132. copy: src=tunneldigger@.service dest=/lib/systemd/system/tunneldigger@.service
  133. register: _domain_td_systemd
  134. notify:
  135. - restart tunneldigger per domain
  136. when:
  137. - domaenenliste is defined
  138. - tunneldigger.instance_per_domain == True
  139. - name: Deploy tunneldigger.service file
  140. copy: src=tunneldigger.service dest=/lib/systemd/system/tunneldigger.service
  141. register: _global_td_systemd
  142. notify:
  143. - restart tunneldigger
  144. when:
  145. - domaenenliste is defined
  146. - tunneldigger.instance_per_domain == False
  147. - name: reload systemd
  148. shell: systemctl daemon-reload
  149. when:
  150. - domaenenliste is defined
  151. - _domain_td_systemd.changed or _global_td_systemd.changed
  152. - name: enable all tunneldigger instances
  153. service: name="tunneldigger@{{item.key}}.service" enabled=yes
  154. with_dict: "{{domaenenliste}}"
  155. when:
  156. - domaenenliste is defined
  157. - tunneldigger.instance_per_domain == True
  158. - name: Enable tunneldigger.service if mode is global
  159. service: name="tunneldigger.service" enabled=yes
  160. when:
  161. - domaenenliste is defined
  162. - tunneldigger.instance_per_domain == False