playbook/ors: use systemd-networkd instead of ifupdown

e4f41c3c · Joanne Hugé · 7ced67af · e4f41c3c · 7ced67af · e4f41c3c
Commit e4f41c3c authored Sep 11, 2023 by Joanne Hugé
6 changed files
--- a/playbook/roles/ors-image-backports/tasks/main.yml
+++ b/playbook/roles/ors-image-backports/tasks/main.yml
+---
+
+# Set cron to repeat ors-image-backports in case someone unplugs the ORS while this playbook is running
+
+  - name: Set Cron to repeat until success
+    cron: name="Repeat ors-image-backports until success" minute="*/4" hour="*" job="flock -n /opt/upgrader/ansible.lock -c \"PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin ansible-playbook ors-image-backports.yml -i hosts 2>>/opt/upgrader/ors_image_backports.log >> /opt/upgrader/ors_image_backports.log\""
+
+  - name: Remove obsolete cron
+    cron: name="Launch Upgrader with ansible" state=absent
+
+  - name: Remove obsolete cron
+    cron: name="Launch Startup with ansible" state=absent
+
+  - name: Remove obsolete cron
+    cron: name="Launch ors playbook periodically" state=absent
+
+  - name: Remove obsolete cron
+    cron: name="Launch ors playbook at reboot" state=absent
+
+  - name: Remove obsolete cron
+    cron: name="Launch ors playbook every 3 hours" state=absent
+
+  - name: Check if Service Exists
+    stat: path=/etc/init.d/init-sdr
+    register: init_sdr_service
+
+  - name: Reload daemon
+    systemd: daemon_reload=yes
+    when: init_sdr_service.stat.exists
+
+  - name: Disable old init-sdr service
+    systemd: name=init-sdr enabled=no
+    when: init_sdr_service.stat.exists
+
+  - name: Fix apt
+    shell: 'DEBIAN_FRONTEND=noninteractive apt install -y'
+    ignore_errors: yes
+    register: apt_install
+
+  - name: Get SSD disk path
+    shell: "debconf-show grub-efi-amd64 | grep install_devices_disks_changed | awk '{ print $NF }'"
+    ignore_errors: yes
+    register: ssd_disk
+    when: apt_install.rc != 0
+
+  - name: Fix grub install
+    shell: "echo 'grub-efi grub-efi/install_devices string {{ ssd_disk.stdout }}' | debconf-set-selections && DEBIAN_FRONTEND=noninteractive apt install -y"
+    when: ssd_disk.rc == 0 and apt_install.rc != 0
+    ignore_errors: yes
+
+# Configure systemd-networkd 
+
+  - name: Configure /etc/systemd/network/dhcp.network
+    copy: src=systemd-dhcp-network dest=/etc/systemd/network/dhcp.network owner=root mode=644
+
+  - name: Create a directory if it does not exist
+    file: path=/etc/systemd/system/systemd-networkd-wait-online.service.d state=directory mode=0755
+
+  - name: Configure /etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf
+    copy: src=systemd-wait-online-override dest=/etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf owner=root mode=644
+
+  - name: Enable and stop systemd-networkd
+    systemd: name=systemd-networkd.service enabled=yes state=stopped
+
+  - name: Remove ifupdown
+    shell: 'DEBIAN_FRONTEND="noninteractive" apt remove --purge -y ifupdown'
+
+  - name: Start systemd-networkd
+    systemd: name=systemd-networkd.service enabled=yes state=started
+
+# Configure DHCP timeout
+
+  - name: Configure dhcp timeout
+    lineinfile: dest=/etc/dhcp/dhclient.conf regexp="^timeout (.*)" line="timeout 15" state=present
+
+# Configure DNS
+
+  - name: Disable dnsmasq service
+    systemd: name=dnsmasq.service enabled=no state=stopped
+    ignore_errors: yes
+
+  - name: Disable DNS stub resolver
+    lineinfile: dest=/etc/systemd/resolved.conf regexp="(.*)DNSStubListener=(.*)" line="DNSStubListener=no" state=present
+    register: disable_dns_stub
+
+  - name: Create resolv symbolic link
+    file:
+      src: /run/systemd/resolve/resolv.conf
+      dest: /etc/resolv.conf
+      state: link
+      force: true
+    register: create_resolv_link
+
+  - name: Configure default nameservers
+    lineinfile: dest=/etc/systemd/resolved.conf regexp="^DNS=(.*)" line="DNS=1.1.1.1 8.8.8.8" state=present
+    register: configure_default_nameservers
+
+  - name: Restart systemd-resolved.service if necessary
+    systemd: name=systemd-resolved.service enabled=yes state=restarted
+    when: (disable_dns_stub.changed) or (create_resolv_link.changed) or (configure_default_nameservers.changed)
+
+  - name: Enable and start systemd-resolved.service
+    systemd: name=systemd-resolved.service enabled=yes state=started
+
+  - name: Remove cron after successful run
+    cron: name="Repeat ors-image-backports until success" state=absent
+
--- a/playbook/roles/ors/files/interfaces
+++ b/playbook/roles/ors/files/interfaces
-auto lo
-iface lo inet loopback
-
-auto enp2s0
-iface enp2s0 inet dhcp
-        post-up echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
-        post-up iptables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
-        post-up iptables -t nat -A POSTROUTING -p udp -m udp --sport 5353 -j SNAT --to-source :53
-        post-up iptables -t nat -A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination :5353
-        post-up ip6tables -t nat -A POSTROUTING -o enp2s0 -j MASQUERADE
-
-auto enp0s31f6
-iface enp0s31f6 inet dhcp
-        post-up echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
-        post-up iptables -t nat -A POSTROUTING -o enp0s31f6 -j MASQUERADE
-        post-up iptables -t nat -A POSTROUTING -p udp -m udp --sport 5353 -j SNAT --to-source :53
-        post-up iptables -t nat -A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination :5353
-        post-up ip6tables -t nat -A POSTROUTING -o enp0s31f6 -j MASQUERADE
-
-source /etc/network/interfaces.d/*
--- a/playbook/roles/ors/files/systemd-dhcp-network
+++ b/playbook/roles/ors/files/systemd-dhcp-network
+[Match]
+Name=en*
+
+[Network]
+DHCP=yes
--- a/playbook/roles/ors/files/systemd-wait-online-override
+++ b/playbook/roles/ors/files/systemd-wait-online-override
+[Service]
+ExecStart=
+ExecStart=/usr/lib/systemd/systemd-networkd-wait-online --any
--- a/playbook/roles/ors/tasks/main.yml
+++ b/playbook/roles/ors/tasks/main.yml
@@ -95,8 +95,23 @@

 # Network

-  - name: Configure /etc/network/interfaces
-    copy: src=interfaces dest=/etc/network/interfaces owner=root mode=644
+  - name: Configure /etc/systemd/network/dhcp.network
+    copy: src=systemd-dhcp-network dest=/etc/systemd/network/dhcp.network owner=root mode=644
+
+  - name: Create a directory if it does not exist
+    file: path=/etc/systemd/system/systemd-networkd-wait-online.service.d state=directory mode=0755
+
+  - name: Configure /etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf
+    copy: src=systemd-wait-online-override dest=/etc/systemd/system/systemd-networkd-wait-online.service.d/override.conf owner=root mode=644
+
+  - name: Enable and stop systemd-networkd
+    systemd: name=systemd-networkd.service enabled=yes state=stopped
+
+  - name: Remove ifupdown
+    shell: 'DEBIAN_FRONTEND="noninteractive" apt remove --purge -y ifupdown'
+
+  - name: Start systemd-networkd
+    systemd: name=systemd-networkd.service enabled=yes state=started

  - name: Configure dhcp timeout
    lineinfile: dest=/etc/dhcp/dhclient.conf regexp="^timeout (.*)" line="timeout 15" state=present

--- a/playbook/sha256sum
+++ b/playbook/sha256sum
-55ce33d3e89f0093de552d8de66e306b6c142c06a4aa3e36e03954785f720047  -
+956c7348e0e5264fd18a9bffadf143b43f1f8ea8a1bd426c5ef63d5296b75fc8  -