Change: sanify atuin networking setup

4 files changed, 62 insertions, 0 deletions

diff --git a/ansible/roles/hetzner-network-bridge/defaults/main.yml b/ansible/roles/hetzner-network-bridge/defaults/main.yml
new file mode 100644
index 0000000..9d14aed
--- /dev/null
+++ b/ansible/roles/hetzner-network-bridge/defaults/main.yml
@@ -0,0 +1,17 @@
+# The name of the external physical interface. You MUST specify this.
+bridge_nic: FIXME
+
+# The statically assigned IPv4 address for the external interface.
+# You MUST specify this.
+bridge_nic_addr: FIXME
+
+# The gateway via which the physical external interface should send
+# packages. You MUST specify this.
+bridge_gateway: FIXME
+
+# The name of the virtual bridge that will be created.
+bridge_iface: br0
+
+# The additional IPv4 addresses for the physical host, to be used by a
+# VM and thus routed via the virtual bridge. 
+bridge_guest_addr: []
diff --git a/ansible/roles/hetzner-network-bridge/handlers/main.yml b/ansible/roles/hetzner-network-bridge/handlers/main.yml
new file mode 100644
index 0000000..ed984b4
--- /dev/null
+++ b/ansible/roles/hetzner-network-bridge/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: bridgeup
+  fail:
+    msg: "Network config changed; reboot and re-run Ansible"
diff --git a/ansible/roles/hetzner-network-bridge/tasks/main.yml b/ansible/roles/hetzner-network-bridge/tasks/main.yml
new file mode 100644
index 0000000..d8bad30
--- /dev/null
+++ b/ansible/roles/hetzner-network-bridge/tasks/main.yml
@@ -0,0 +1,20 @@
+- name: install bridge-utils
+  apt:
+    name: bridge-utils
+
+- name: set /etc/network/interfaces
+  copy:
+    content: |
+      source /etc/network/interfaces.d/*
+    dest: /etc/network/interfaces
+  notify: bridgeup
+
+- name: drop other include files
+  shell:
+    find /etc/network/interfaces.d -mindepth 1 ! -name bridge -delete
+
+- name: configure network bridge
+  template:
+    src: interfaces.j2
+    dest: /etc/network/interfaces.d/bridge
+  notify: bridgeup
diff --git a/ansible/roles/hetzner-network-bridge/templates/interfaces.j2 b/ansible/roles/hetzner-network-bridge/templates/interfaces.j2
new file mode 100644
index 0000000..ff1b7b5
--- /dev/null
+++ b/ansible/roles/hetzner-network-bridge/templates/interfaces.j2
@@ -0,0 +1,22 @@
+auto lo
+iface lo inet loopback
+
+auto {{ bridge_nic }}
+iface {{ bridge_nic }} inet static
+   address {{ bridge_nic_addr }}
+   netmask 255.255.255.255
+   pointopoint {{ bridge_gateway }}
+   gateway {{ bridge_gateway }}
+
+auto {{ bridge_iface }}
+iface {{ bridge_iface }} inet static
+   address {{ bridge_nic_addr }}
+   netmask 255.255.255.255
+   bridge_ports none
+   bridge_stp off
+   bridge_fd 0
+   pre-up brctl addbr {{ bridge_iface }}
+{% for guestaddr in bridge_guest_addrs %}
+   up ip route add {{ guestaddr }}/32 dev {{ bridge_iface }}
+   down ip route del {{ guestaddr }}/32 dev {{ bridge_iface }}
+{% endfor %}