lxc-host:

o Correcting ordering of networkd files.
packages:
o Better split of package names.
unifi:
o importing role from Bitraf.
o Configring lxc host on birgitte.

8 files changed, 87 insertions, 27 deletions

diff --git a/ansible/roles/borg-client/tasks/borg-client.yml b/ansible/roles/borg-client/tasks/borg-client.yml
index 4ddad49..92aba57 100644
--- a/ansible/roles/borg-client/tasks/borg-client.yml
+++ b/ansible/roles/borg-client/tasks/borg-client.yml
@@ -78,8 +78,8 @@
     content: |
       [Unit]
       Description=Create backup
-      After=network-online.target
-      Wants=network-online.target
+      # After=network-online.target
+      # Wants=network-online.target
 
       [Service]
       Type=oneshot
diff --git a/ansible/roles/lxc-host/defaults/main.yml b/ansible/roles/lxc-host/defaults/main.yml
index cf747f3..46e58e2 100644
--- a/ansible/roles/lxc-host/defaults/main.yml
+++ b/ansible/roles/lxc-host/defaults/main.yml
@@ -1,3 +1,4 @@
+lxc_host__state: present
 lxc_host__backing_store: dir
 lxc_host__br_if: lxc0-br
 lxc_host__internal_if: lxc0-int
diff --git a/ansible/roles/lxc-host/tasks/networkd.yml b/ansible/roles/lxc-host/tasks/networkd.yml
index 526fc29..39d8a69 100644
--- a/ansible/roles/lxc-host/tasks/networkd.yml
+++ b/ansible/roles/lxc-host/tasks/networkd.yml
@@ -15,58 +15,75 @@
         name: systemd-networkd
         enabled: yes
         state: started
+      when: lxc_host__state == "present"
 
-    - name: "{{ file_prefix }}-1-{{ lxc_host__internal_if }}.netdev"
+    - loop:
+        - "{{ file_prefix }}-1-{{ br_if }}.netdev"
+        - "{{ file_prefix }}-2-{{ br_if }}.network"
+        - "{{ file_prefix }}-3-{{ lxc_host__internal_if }}.netdev"
+        - "{{ file_prefix }}-4-{{ lxc_host__internal_if }}.network"
+      when: lxc_host__state == "absent"
       notify: systemctl restart systemd-networkd
+      file:
+        path: "{{ item }}"
+        state: absent
+
+    - name: "{{ file_prefix }}-1-{{ br_if }}.netdev"
+      notify: systemctl restart systemd-networkd
+      when: lxc_host__state == "present"
       copy:
-        dest: "{{ file_prefix }}-1-{{ lxc_host__internal_if }}.netdev"
+        dest: "{{ file_prefix }}-1-{{ br_if }}.netdev"
         content: |
           [NetDev]
-          Name={{ lxc_host__internal_if }}
-          Kind=dummy
+          Name={{ br_if }}
+          Kind=bridge
 
-    - name: "{{ file_prefix }}-2-{{ lxc_host__internal_if }}.network"
+    - name: "{{ file_prefix }}-2-{{ br_if }}.network"
       notify: systemctl restart systemd-networkd
+      when: lxc_host__state == "present"
       copy:
-        dest: "{{ file_prefix }}-2-{{ lxc_host__internal_if }}.network"
+        dest: "{{ file_prefix }}-2-{{ br_if }}.network"
         content: |
           [Match]
-          Name={{ lxc_host__internal_if }}
+          Name={{ br_if }}
 
           [Network]
-          Bridge={{ br_if }}
+          {% if internal_if.ipv4 is defined %}
+          Address={{ internal_if.ipv4.address }}/{{ internal_if.ipv4.netmask }}
+          {% endif %}
+          {% if internal_if.ipv6 is defined %}
+          Address={{ internal_if.ipv6.address }}/{{ internal_if.ipv6.netmask }}
+          {% endif %}
 
-    - name: "{{ file_prefix }}-3-{{ br_if }}.netdev"
+    - name: "{{ file_prefix }}-3-{{ lxc_host__internal_if }}.netdev"
       notify: systemctl restart systemd-networkd
+      when: lxc_host__state == "present"
       copy:
-        dest: "{{ file_prefix }}-3-{{ br_if }}.netdev"
+        dest: "{{ file_prefix }}-3-{{ lxc_host__internal_if }}.netdev"
         content: |
           [NetDev]
-          Name={{ br_if }}
-          Kind=bridge
+          Name={{ lxc_host__internal_if }}
+          Kind=dummy
 
-    - name: "{{ file_prefix }}-4-{{ br_if }}.network"
+    - name: "{{ file_prefix }}-4-{{ lxc_host__internal_if }}.network"
       notify: systemctl restart systemd-networkd
+      when: lxc_host__state == "present"
       copy:
-        dest: "{{ file_prefix }}-4-{{ br_if }}.network"
+        dest: "{{ file_prefix }}-4-{{ lxc_host__internal_if }}.network"
         content: |
           [Match]
-          Name={{ br_if }}
+          Name={{ lxc_host__internal_if }}
 
           [Network]
-          {% if internal_if.ipv4 is defined %}
-          Address={{ internal_if.ipv4.address }}/{{ internal_if.ipv4.netmask }}
-          {% endif %}
-          {% if internal_if.ipv6 is defined %}
-          Address={{ internal_if.ipv6.address }}/{{ internal_if.ipv6.netmask }}
-          {% endif %}
+          Bridge={{ br_if }}
 
     - meta: flush_handlers
 
     - name: Configure sysctl, enable ipv4 and ipv6 forwarding for {{ br_if }}
-      sysctl:
-        name: "{{ item }}"
-        value: 1
       with_items:
         - net.ipv4.conf.{{ br_if }}.forwarding
         - net.ipv6.conf.{{ br_if }}.forwarding
+      sysctl:
+        name: "{{ item }}"
+        value: 1
+        state: "{{ lxc_host__state }}"
diff --git a/ansible/roles/lxc-host/tasks/per-host.yml b/ansible/roles/lxc-host/tasks/per-host.yml
index ca33685..0acd1b5 100644
--- a/ansible/roles/lxc-host/tasks/per-host.yml
+++ b/ansible/roles/lxc-host/tasks/per-host.yml
@@ -2,6 +2,9 @@
     msg: "LXC HOST: {{ name }}"
   tags: lxc-host
 
+- debug:
+    var: lan
+
 - when: new
   tags: lxc-host
   become: yes
@@ -59,10 +62,10 @@
           {% endif %}
           {% if lan.ipv6 is defined %}
           lxc.net.0.ipv6.address = {{ lan.ipv6.address }}/{{ lan.ipv6.netmask }}
-          {% endif %}
           {% if lan.ipv6.gateway is defined %}
           lxc.net.0.ipv6.gateway = {{ lan.ipv6.gateway }}
           {% endif %}
+          {% endif %}
 
           # 0 = trace, 1 = debug, 2 = info, 3 = notice, 4 = warn, 5 = error, 6 = critical, 7 = alert, and 8 = fatal.
           lxc.log.level = 1
diff --git a/ansible/roles/systemd-networkd/handlers/main.yml b/ansible/roles/systemd-networkd/handlers/main.yml
new file mode 100644
index 0000000..9656da4
--- /dev/null
+++ b/ansible/roles/systemd-networkd/handlers/main.yml
@@ -0,0 +1,4 @@
+- name: restart
+  systemd:
+    name: systemd-networkd
+    state: restarted
diff --git a/ansible/roles/systemd-networkd/tasks/main.yml b/ansible/roles/systemd-networkd/tasks/main.yml
new file mode 100644
index 0000000..13c167b
--- /dev/null
+++ b/ansible/roles/systemd-networkd/tasks/main.yml
@@ -0,0 +1,9 @@
+- systemd:
+    name: systemd-networkd
+    state: started
+    enabled: yes
+- loop: "{{ systemd_networkd__files | default([]) }}"
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/network/{{ item | basename }}"
+  notify: restart
diff --git a/ansible/roles/unifi/handlers/main.yml b/ansible/roles/unifi/handlers/main.yml
new file mode 100644
index 0000000..ce78323
--- /dev/null
+++ b/ansible/roles/unifi/handlers/main.yml
@@ -0,0 +1,3 @@
+- name: update apt cache
+  apt:
+    update_cache: yes
diff --git a/ansible/roles/unifi/tasks/main.yml b/ansible/roles/unifi/tasks/main.yml
new file mode 100644
index 0000000..11c4c00
--- /dev/null
+++ b/ansible/roles/unifi/tasks/main.yml
@@ -0,0 +1,23 @@
+---
+- name: Ubiquiti APT key
+  notify: update apt cache
+  apt_key:
+    id: 06E85760C0A52C50
+    keyserver: keyserver.ubuntu.com
+
+- name: Ubiquiti APT repository
+  notify: update apt cache
+  copy:
+    dest: /etc/apt/sources.list.d/unifi.list
+    content: 'deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti'
+
+- meta: flush_handlers
+
+- name: packages
+  apt:
+    name: "{{ items }}"
+    install_recommends: no
+  vars:
+    items:
+      - openjdk-8-jre
+      - unifi