Initial Commit

roles/networking/defaults/main.yml

@@ -0,0 +1,41 @@
+---
+
+networking_timezone: Europe/Berlin
+
+networking:
+- type: "ethernet"
+  filename: "10-en.network"
+  interface: "en*"
+  route_metric: "10"
+  dhcp: true
+
+# Example: Static IP-Address
+# networking:
+# - type: "ethernet"
+#   filename: "10-eth0.network"
+#   interface: "eth0"
+#   route_metric: "99"
+#   dhcp: false
+#   ipv4_address: "192.168.178.12"
+#   ipv4_netmask: "/24"
+#   ipv4_gateway: "192.168.178.1"
+#   ipv6_address:
+#   ipv6_netmask:
+#   ipv6_gateway:
+#   ipv6_ignore_ra: true
+#   dns_servers:
+#   - 10.11.12.13
+#   - 13.12.11.10
+
+# Example: WLAN interface
+# networking:
+# - type: "wireless"
+#   filename: "20-wlp.network"
+#   interface: "wlp*"
+#   route_metric: "20"
+#   dhcp: true
+
+# networking_wpa_supplicant:
+# - interface: "wlp4s0"
+#   ssid: ""
+#   psk: ""

roles/networking/files/wpa_supplicant@.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=WPA supplicant daemon (interface-specific version)
+Requires=sys-subsystem-net-devices-%i.device
+After=sys-subsystem-net-devices-%i.device
+Before=network.target
+Wants=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/bin/wpa_supplicant -c/etc/wpa_supplicant/wpa_supplicant-%I.conf -i%I -Dnl80211,wext
+
+[Install]
+Alias=multi-user.target.wants/wpa_supplicant@%i.service

roles/networking/handlers/main.yml

@@ -0,0 +1,7 @@
+---
+
+- name: restart networkd
+  systemd:
+    name: systemd-networkd
+    state: restarted
+    daemon_reload: true

roles/networking/tasks/main.yml

@@ -0,0 +1,154 @@
+---
+
+- name: "install systemd-networkd"
+  block:
+  - name: "install systemd-networkd (Arch Linux)"
+    pacman:
+      name: systemd-networkd
+      state: present
+    when: ansible_os_family == "Archlinux"
+  - name: "install systemd-networkd (RedHat)"
+    yum:
+      name: systemd-networkd
+      state: present
+    when: ansible_os_family == "RedHat"
+
+- name: "uninstall NetworkManager"
+  block:
+  - name: "uninstall NetworkManager (Arch Linux)"
+    pacman:
+      name: NetworkManager
+      state: absent
+    when: ansible_os_family == "Archlinux"
+  - name: "uninstall systemd-networkd (RedHat)"
+    yum:
+      name: NetworkManager
+      state: absent
+    when: ansible_os_family == "RedHat"
+
+- name: "remove existing systemd-networkd configuration"
+  file:
+    path: "/etc/systemd/network"
+    state: absent
+
+- name: "create systemd-networkd directory"
+  file:
+    path: "/etc/systemd/network"
+    owner: root
+    group: root
+    mode: 0755
+    state: directory
+
+- name: "setup network interfaces via systemd-networkd (DHCP)"
+  block:
+  - name: filter dhcp interfaces
+    set_fact:
+      dhcp_interfaces: "{{ (dhcp_interfaces | default([])) + [ item ] }}"
+    when: item.dhcp
+    with_items: "{{ networking }}"
+
+  - name: "configure network interface {{ item.name }} (DHCP)"
+    template:
+      src: 10-dhcp.network.j2
+      dest: "/etc/systemd/network/{{ item.filename }}"
+      owner: root
+      group: root
+      mode: 0644
+    when: dhcp_interfaces is defined
+    with_items: "{{ dhcp_interfaces }}"
+
+- name: "setup network interfaces via systemd-networkd (static)"
+  block:
+  - name: filter static interfaces
+    set_fact:
+      static_interfaces: "{{ (static_interfaces | default([])) + [ item ] }}"
+    when: not item.dhcp
+    with_items: "{{ networking }}"
+
+  - name: "configure network interface {{ item.name }} (static)"
+    template:
+      src: 10-static.network.j2
+      dest: "/etc/systemd/network/{{ item.filename }}"
+      owner: root
+      group: root
+      mode: 0644
+    when: static_interfaces is defined
+    with_items: "{{ static_interfaces }}"
+
+- name: "setup wpa_supplicant configurations"
+  when: networking_wpa_supplicant is defined and networking_wpa_supplicant | length > 0
+  block:
+  - name: "copy systemd unit for custom wpa_supplicant@.service"
+    copy:
+      src: files/wpa_supplicant@.service
+      dest: /etc/systemd/system/wpa_supplicant@.service
+      owner: root
+      group: root
+
+  - name: "create wpa_supplicant configuration files"
+    template:
+      src: wpa_supplicant.conf.j2
+      dest: "/etc/wpa_supplicant/wpa_supplicant-{{ item.interface }}.conf"
+      owner: root
+      group: root
+      mode: 0640
+    with_items: "{{ networking_wpa_supplicant }}"
+
+  - name: "start and enable wpa_supplicant for interfaces"
+    service:
+      name: wpa_supplicant@{{ item.interface }}.service
+      state: started
+      enabled: yes
+    with_items: "{{ networking_wpa_supplicant }}"
+
+- name: create symlink to resolv.conf
+  file:
+    src: /run/systemd/resolve/stub-resolv.conf
+    dest: /etc/resolv.conf
+    state: link
+    force: yes
+    follow: no
+    owner: root
+    group: root
+
+- name: enable networkd
+  service:
+    name: systemd-networkd
+    enabled: yes
+    daemon_reload: yes
+
+- name: start and enable resolved
+  service:
+    name: systemd-resolved
+    state: started
+    enabled: yes
+    daemon_reload: yes
+
+- name: set timezone
+  timezone:
+    name: "{{ networking_timezone }}"
+
+- name: start and enable timesyncd
+  service:
+    name: systemd-timesyncd
+    state: started
+    enabled: yes
+    daemon_reload: yes
+
+- name: start systemd-networkd after dbus.sock
+  block:
+  - name: create drop-in for systemd-networkd
+    file:
+      path: /etc/systemd/system/systemd-networkd.d
+      owner: root
+      group: root
+      mode: 0755
+      state: directory
+  - name: template after-dbus.conf
+    template:
+      src: after-dbus.conf.j2
+      dest: /etc/systemd/system/systemd-networkd.d/after-dbus.conf
+      owner: root
+      group: root
+      mode: 0644
+  when: ansible_os_family == "RedHat"

roles/networking/templates/10-dhcp.network.j2

@@ -0,0 +1,9 @@
+[Match]
+Name={{ item.interface }}
+
+[Network]
+DHCP=yes
+Domains={{ inventory_hostname.split(".")[1:] | join('.') | lower }}
+
+[DHCP]
+RouteMetric={{ item.route_metric }}

roles/networking/templates/10-static.network.j2

@@ -0,0 +1,31 @@
+[Match]
+Name={{ item.interface }}
+
+[Network]
+Gateway={{ item.ipv4_gateway }}
+{% if item.ipv6_gateway is defined %}
+Gateway={{ item.ipv6_gateway }}
+{% endif %}
+{% if item.ipv6_ignore_ra|default(false) is true %}
+IPv6AcceptRA=false
+{% endif %}
+{% for dns_server in item.dns_servers %}
+DNS={{ dns_server }}
+{% endfor %}
+
+[Address]
+Address={{ item.ipv4_address }}{{ item.ipv4_netmask }}
+RouteMetric={{ item.route_metric }}
+{% if item.ipv4_netmask == "/32" %}
+Peer={{ item.ipv4_gateway }}{{ item.ipv4_netmask}}
+{% endif %}
+
+{% if item.ipv6_address is defined %}
+[Address]
+Address={{ item.ipv6_address }}{{ item.ipv6_netmask }}
+{% endif %}
+
+{% if item.ipv6_gateway is defined and not item.ipv6_gateway.startswith("fe80") %}
+[Route]
+Destination={{ item.ipv6_gateway }}
+{% endif %}

roles/networking/templates/after-dbus.conf.j2

@@ -0,0 +1,2 @@
+[Unit]
+After=dbus.sock

roles/networking/templates/wpa_supplicant.conf.j2

@@ -0,0 +1,9 @@
+ctrl_interface=/run/wpa_supplicant
+ctrl_interface_group=wheel
+update_config=1
+ap_scan=1
+
+network={
+  ssid="{{ item.ssid }}"
+  psk="{{ item.psk }}"
+}