63 lines
1.3 KiB
YAML
63 lines
1.3 KiB
YAML
---
|
|
- name: Setup NAT
|
|
ansible.builtin.iptables:
|
|
chain: POSTROUTING
|
|
table: nat
|
|
source: "{{ internal_network }}"
|
|
jump: MASQUERADE
|
|
|
|
- ansible.posix.sysctl:
|
|
name: kernel.panic
|
|
value: '1'
|
|
sysctl_file: /etc/sysctl.conf
|
|
|
|
- ansible.posix.sysctl:
|
|
name: net.ipv4.ip_forward
|
|
value: '1'
|
|
sysctl_set: true
|
|
state: present
|
|
reload: true
|
|
|
|
- ansible.posix.sysctl:
|
|
name: net.ipv6.conf.all.forwarding
|
|
value: '1'
|
|
sysctl_set: true
|
|
state: present
|
|
reload: true
|
|
|
|
- ansible.posix.sysctl:
|
|
name: net.ipv6.conf.ens19.proxy_ndp
|
|
value: '1'
|
|
sysctl_set: true
|
|
state: present
|
|
reload: true
|
|
|
|
- name: saveip6tables
|
|
ansible.builtin.shell: ip6tables-save > /etc/iptables/rules.v6
|
|
|
|
- name: saveip4tables
|
|
ansible.builtin.shell: iptables-save > /etc/iptables/rules.v4
|
|
|
|
- name: Create Routing Table 42
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/iproute2/rt_tables
|
|
line: 42 ffrl
|
|
create: yes
|
|
|
|
- name: Generate NDPPD Config
|
|
ansible.builtin.template:
|
|
src: ndppd.conf.j2
|
|
dest: /etc/ndppd.conf
|
|
owner: root
|
|
group: root
|
|
mode: 755
|
|
|
|
- name: Install all Packages for VPN Servers
|
|
ansible.builtin.apt:
|
|
name:
|
|
- libndp0
|
|
- libndp-tools
|
|
- ndppd
|
|
- iptables-persistent
|
|
state: latest
|
|
update_cache: yes |