diff --git a/defaults/main.yml b/defaults/main.yml index 5c45f23..c6f87e2 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -5,16 +5,32 @@ default_locale_lang: "en_US.UTF-8" default_deb_locale_messages: "C.UTF-8" default_el_locale_messages: "en_US.UTF-8" locales_list: - - { name: '{{ default_locale_lang }}' } - - { name: 'en_US.UTF-8' } - - { name: 'en_US' } - - { name: 'it_IT.UTF-8' } - - { name: 'it_IT' } + - {name: '{{ default_locale_lang }}'} + - {name: 'en_US.UTF-8'} + - {name: 'en_US'} + - {name: 'it_IT.UTF-8'} + - {name: 'it_IT'} domain_name: '{{ ansible_domain }}' + +sysctl_custom_file: /etc/sysctl.d/90-custom-values.conf +sysctl_opts_reload: yes +sysctl_custom_file_state: present + +# Only name and value are mandatory. The others have defaults +sysctl_custom_options: [] +# - name: 'net.nf_conntrack_max' +# value: '32768' +# sysctlfile: '{{ sysctl_custom_file }}' +# sysctl_reload: '{{ sysctl_opts_reload }}' +# sysctlfile_state: '{{ sysctl_custom_file_state }}' + +disable_ipv6: false +ipv6_sysctl_value: 1 +ipv6_sysctl_file: /etc/sysctl.d/10-ipv6-disable.conf # # Define the following variables to manage additional disks and mount points, even static nfs ones -additional_disks: False +additional_disks: false disks_and_mountpoints_list: [] # - { mountpoint: '/data', device: 'xvda3', fstype: 'xfs', opts: 'noatime', state: 'mounted', create_filesystem: True } @@ -30,7 +46,7 @@ idmap_conf_options: - { section: 'General', option: 'Verbosity', value: '{{ idmap_verbosity }}', state: 'present' } # autofs mount points -autofs_client_mountpoint: False +autofs_client_mountpoint: false autofs_conf_options: - { section: 'autofs', option: 'master_map_name', value: '/etc/auto.master', state: 'present' } - { section: 'autofs', option: 'timeout', value: '300', state: 'present' } diff --git a/tasks/main.yml b/tasks/main.yml index 90af6a3..cfb2221 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -3,6 +3,7 @@ - import_tasks: hostname.yml - import_tasks: locale.yml - import_tasks: timezone.yml +- import_tasks: sysctl.yml - import_tasks: http_client_proxy.yml - import_tasks: additional_disks.yml when: additional_disks diff --git a/tasks/sysctl.yml b/tasks/sysctl.yml new file mode 100644 index 0000000..cfbef0e --- /dev/null +++ b/tasks/sysctl.yml @@ -0,0 +1,52 @@ +--- +- block: + - name: Ensure that the /etc/sysctl.d directory exists + file: + path: /etc/sysctl.d + state: directory + owner: root + group: root + + tags: ['sysctl', 'kernel', 'sysctl_ipv6', 'ipv6'] + +- block: + - name: Set the custom sysctl values + sysctl: + name: '{{ item.name }}' + value: '{{ item.value }}' + sysctl_file: "{{ item.sysctlfile | default ('/etc/sysctl.d/90-custom-values.conf') }}" + reload: "{{ item.sysctl_reload | default(true) }} state={{ item.sysctlfile_state | default('present') }}" + loop: '{{ sysctl_custom_options }}' + + tags: ['sysctl', 'kernel'] + +- block: + - name: Disable the in kernel ipv6 support + sysctl: + name: '{{ item }}' + value: 1 + sysctl_file: '{{ ipv6_sysctl_file }}' + reload: true + state: present + loop: + - net.ipv6.conf.all.disable_ipv6 + - net.ipv6.conf.default.disable_ipv6 + - net.ipv6.conf.lo.disable_ipv6 + - net.ipv6.conf.{{ ansible_default_ipv4.interface }}.disable_ipv6 + when: disable_ipv6 + + - name: enable the in kernel ipv6 support + sysctl: + name: '{{ item }}' + value: 0 + sysctl_file: '{{ ipv6_sysctl_file }}' + reload: true + state: present + loop: + - net.ipv6.conf.all.disable_ipv6 + - net.ipv6.conf.default.disable_ipv6 + - net.ipv6.conf.lo.disable_ipv6 + - net.ipv6.conf.{{ ansible_default_ipv4.interface }}.disable_ipv6 + when: not disable_ipv6 + + tags: ['sysctl', 'kernel', 'sysctl_ipv6', 'ipv6']