123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192 |
- - name: l2tp Install dependencies for this role
- apt:
- pkg: "{{ item }}"
- state: present
- with_items:
- - bridge-utils
- - ebtables
- - git
- - iproute
- - libevent-dev
- - libnetfilter-conntrack3
- - python-dev
- - python-virtualenv
- # additional dependencies for wlanslovenija's version
- - libffi-dev
- - libnfnetlink-dev
- - libnetfilter-conntrack-dev
- - gcc
- when: domaenenliste is defined
- - name: Determine whether the global version of tunneldigger is installed or not
- stat: path=/lib/systemd/system/tunneldigger.service
- register: _td_global_installed
- when: domaenenliste is defined
- - name: Determine whether the per domain version of tunneldigger is installed or not
- stat: path=/lib/systemd/system/tunneldigger@.service
- register: _td_per_domain_installed
- when: domaenenliste is defined
- - name: Get all enabled tunneldigger (domain specific) instances
- shell: '/bin/ls /etc/systemd/system/multi-user.target.wants/tunneldigger@* | grep -oE "[0-9]+"'
- changed_when: False
- failed_when: False
- check_mode: no
- register: _td_domain_instances
- when: domaenenliste is defined
- # remove /etc/systemd/system/tunneldigger.service if it's not a symlink (issue within older versie of this role, may can be removed in the future)
- - name: Remove tunneldigger.service from systemd's local config if it isn't a symlink
- file: path=/etc/systemd/system/tunneldigger.service state=absent
- register: _old_td_systemd
- when: domaenenliste is defined
- - name: Stop and disable obsolete td instances
- service: name="tunneldigger@{{item}}.service" enabled=no state=stopped
- with_items: "{{_td_domain_instances.stdout_lines}}"
- when: domaenenliste is defined and (item not in domaenenliste or tunneldigger.instance_per_domain == False) and _td_per_domain_installed.stat.exists == True
- - name: Stop global td instance if change to per domain instances is ongoing
- service: name="tunneldigger.service" enabled=no state=stopped
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == True and (_td_global_installed.stat.exists == True or _old_td_systemd.changed == True)
- - name: Delete global td systemd config if change to per domain instances is ongoing
- file: path=/lib/systemd/system/tunneldigger.service state=absent
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == True and (_td_global_installed.stat.exists == True or _old_td_systemd.changed == True)
- - name: Delete per domain td systemd config if change to global td is ongoing
- file: path=/lib/systemd/system/tunneldigger@.service state=absent
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == False and _td_per_domain_installed.stat.exists == True
- # tasks for wlanslovenija's version
- # git: repo=https://github.com/wlanslovenija/tunneldigger dest=/srv/tunneldigger force=yes update=yes version=235e111fb8fa02c4687af7f695e21204d9d28fe6
- - name: Clone tunneldigger (wlanslovenija fork)
- git: repo=https://github.com/wlanslovenija/tunneldigger dest=/srv/tunneldigger/tunneldigger force=yes update=yes
- when: domaenenliste is defined
- - name: manually setup virtualenv for tunneldigger
- command: virtualenv /srv/tunneldigger/tunneldigger_env -p python2.7 creates="/srv/tunneldigger/tunneldigger_env"
- - name: Install python dependencies
- shell: "/srv/tunneldigger/tunneldigger_env/bin/python /srv/tunneldigger/tunneldigger/broker/setup.py install"
- args:
- chdir: /srv/tunneldigger/tunneldigger/broker/
- - name: Remove repository if td mode change is ongoing
- file: path=/srv/tunneldigger state=absent
- when:
- - domaenenliste is defined
- - (tunneldigger.instance_per_domain == False and _td_per_domain_installed.stat.exists == True) or (tunneldigger.instance_per_domain == True and (_td_global_installed.stat.exists == True or _old_td_systemd.changed == True))
- - name: Make sure scripts directory exists
- file:
- path: /srv/tunneldigger/scripts
- state: directory
- - name: Deploy addif.sh for each domain
- template: src=addif.sh.j2 dest="/srv/tunneldigger/scripts/addif_domain{{item.key}}.sh" mode=0755
- with_dict: "{{domaenenliste}}"
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == True
- - name: Deploy addif.sh if mode is global
- copy: src=addif.sh dest=/srv/tunneldigger/scripts mode=0755
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == False
- - name: Deploy delif.sh for each domain
- template: src=delif.sh.j2 dest="/srv/tunneldigger/scripts/delif_domain{{item.key}}.sh" mode=0755
- with_dict: "{{domaenenliste}}"
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == True
- - name: Deploy delif.sh if mode is global
- copy: src=delif.sh dest=/srv/tunneldigger/scripts mode=0755
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == False
- - name: Create sperrliste.txt if not exists
- file:
- name: /srv/tunneldigger/sperrliste.txt
- state: touch
- when: domaenenliste is defined
- - name: Deploy tunneldigger.conf to /etc/modules-load.d/
- copy: src=tunneldigger.conf dest=/etc/modules-load.d/tunneldigger.conf
- notify: load kernel modules
- when: domaenenliste is defined
- - name: Make sure conf directory exists
- file:
- path: /srv/tunneldigger/conf
- state: directory
- - name: Deploy l2tp_broker.cfg for each domain
- template: src="l2tp_broker.cfg.j2" dest="/srv/tunneldigger/conf/l2tp_broker_domain{{item.key}}.cfg"
- notify: restart tunneldigger per domain
- with_dict: "{{domaenenliste}}"
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == True
- - name: Deploy l2tp_broker.cfg if mode is global
- template: src="l2tp_broker.cfg.j2" dest="/srv/tunneldigger/conf/l2tp_broker.cfg"
- notify: restart tunneldigger
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == False
- - name: l2tp-bridge einrichten
- template: src=l2tp_bridge.j2 dest=/etc/network/interfaces.d/20_l2tp_bridge.cfg
- notify: restart networking
- when: domaenenliste is defined
- - name: Deploy tunneldigger@.service template file
- copy: src=tunneldigger@.service dest=/lib/systemd/system/tunneldigger@.service
- register: _domain_td_systemd
- notify:
- - restart tunneldigger per domain
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == True
- - name: Deploy tunneldigger.service file
- copy: src=tunneldigger.service dest=/lib/systemd/system/tunneldigger.service
- register: _global_td_systemd
- notify:
- - restart tunneldigger
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == False
- - name: reload systemd
- shell: systemctl daemon-reload
- when:
- - domaenenliste is defined
- - _domain_td_systemd.changed or _global_td_systemd.changed
- - name: enable all tunneldigger instances
- service: name="tunneldigger@{{item.key}}.service" enabled=yes
- with_dict: "{{domaenenliste}}"
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == True
- - name: Enable tunneldigger.service if mode is global
- service: name="tunneldigger.service" enabled=yes
- when:
- - domaenenliste is defined
- - tunneldigger.instance_per_domain == False
|