11-25 update

2025-11-28 17:25:49 -08:00
parent 8a9fdc565e
commit 5f83cd75d6
3 changed files with 37 additions and 3 deletions
--- a/tasks/create_bridge.yaml
+++ b/tasks/create_bridge.yaml
@ -44,6 +44,20 @@
      regexp: '^#? *iface {{ current_iface }} inet dhcp'
      line: '# iface {{ current_iface }} inet dhcp'
      backrefs: yes
+  
+#  - name: Create auto iface line for main interface
+#    lineinfile:
+#      dest: /etc/network/interfaces
+#      regexp: '^#? *auto {{ current_iface }}'
+#      line: 'auto {{ current_iface }}'
+#      backrefs: yes
+#  
+#  - name: Create iface manual line for main interface
+#    lineinfile:
+#      dest: /etc/network/interfaces
+#      regexp: '^#? *iface {{ current_iface }} inet manual'
+#      line: 'iface {{ current_iface }} inet manual'
+#      backrefs: yes

 - name: Create new bridge interface file
  template:
@ -61,6 +75,16 @@
    bridge link
  register: bridge_status

+# enable routing on bridge
+- name: "Enable routing on {{ bridge_name }}"
+  shell: "iptables -A FORWARD -i {{ bridge_name }} -o {{ bridge_name }} -j ACCEPT"
+  
+# Make iptables rules persistent
+- name: Persistence - iptables
+  shell: |
+    netfilter-persistent save
+    netfilter-persistent reload  
+
 - name: show bridge status
  debug:
    msg: 
--- a/tasks/main.yaml
+++ b/tasks/main.yaml
@ -3,6 +3,12 @@
 # optionally it creates a new inventory file on the jenkins host
 # if the appropriate variable is declared

+- name: Install iptables-persistent
+  apt:
+    name:
+      - iptables-persistent
+    state: present
+
 # check interfaces
 - name: check interfaces for vmpbr0
  shell: ip -o -4 ad
@ -37,7 +43,7 @@

 - name: Reboot
  when: '"vmpbr0" not in ip_ad_output.stdout'
-  command: "reboot now"
+  shell: "( sleep 5 ; reboot now ) & "
  ignore_errors: yes

 ...
--- a/templates/inventory.j2
+++ b/templates/inventory.j2
@ -5,5 +5,9 @@ all:
  vars:
    ansible_connection: ssh
    ansible_ssh_private_key_file: /var/jenkins_home/jenkins_key    
-
-# host_ip;{{ bridge_address }}
+    ansible_python_interpreter: /usr/bin/python3
+    jenkins_user: '{{ jenkins_user}}'
+    jenkins_group: '{{ jenkins_group}}'
+    subnet_group_check: '{{ subnet_group_check }}'
+    SERVER_SUBNET_GROUP: '{{ SERVER_SUBNET_GROUP }}'
+    stage_two_ip: {{ bridge_address }}