udpate hypervisor role

freifunk-berlin · Aug 22, 2024 · 6fe0f9e · 6fe0f9e
1 parent b0321ac
commit 6fe0f9e
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 15 deletions.
diff --git a/inventory/host_vars/a36s-hyp01.berlin.freifunk.net b/inventory/host_vars/a36s-hyp01.berlin.freifunk.net
@@ -1,2 +1,11 @@
 ---
 hypervisor_modprobe: modprobe-hpgen8.j2
+hypervisor_networks:
+  - name: AS44194
+    bridge_interface: ens2f1np1.123
+    address: 77.87.50.2/24
+    gateway: 77.87.50.1
+  - name: Strom
+    bridge_interface: ens2f1np1.1312
+  - name: in-berlin
+    bridge_interface: ens2f1np1.1300
diff --git a/roles/hypervisor/README.md b/roles/hypervisor/README.md
diff --git a/roles/hypervisor/tasks/main.yml b/roles/hypervisor/tasks/main.yml
@@ -34,35 +34,24 @@
   ansible.builtin.template:
     src: "bridge.j2"
     dest: "/etc/network/interfaces.d/{{ item.name }}"
-    mode: "0640"
+    mode: "0644"
     owner: root
     group: root
   loop: "{{ hypervisor_networks }}"
+  when: hypervisor_networks is defined
 
 - name: Define libvirt networks
   community.libvirt.virt_net:
     command: define
     name: "{{ item.name }}"
     xml: '{{ lookup("template", "libvirt-network.xml.j2") }}'
   loop: "{{ hypervisor_networks }}"
+  when: hypervisor_networks is defined
 
 - name: Set libvirt Networks active and autostart
   community.libvirt.virt_net:
     name: "{{ item.name }}"
     autostart: true
     state: active
   loop: "{{ hypervisor_networks }}"
-
-# Todo:
-# - custom boot options (maybe not needed)
-# - add users to group
-# - Service restarts (or maybe just a Warning that this needs to be done manually for safety reasons?)
-# - debian backports?
-#   - qemu 7.2 => 9.0 https://wiki.qemu.org/ChangeLog
-#   - kernel 6.1 => 6.5/6.9
-#
-#
-#
-#
-#
-#
+  when: hypervisor_networks is defined
diff --git a/roles/hypervisor/templates/modprobe.j2 b/roles/hypervisor/templates/modprobe.j2
@@ -1,2 +1,4 @@
+# Needed for vlans
 8021q
+# netfilter for bridges, loaded as module so the sysctls can be set before the bridge exists
 br_netfilter