Commit 4f6b7ae6 authored by Hugo LEVY-FALK's avatar Hugo LEVY-FALK

use sysctl from ansible rather than copy a file.

parent 9691f947
......@@ -55,6 +55,24 @@ all:
peer_address: 10.7.0.127
primary: false
gateways:
vars:
sysctl_config:
- name: net.ipv4.ip_forward
value: 1
- name: net.ipv4.tcp_syncookies
value: 1
- name: net.ipv4.conf.all.rp_filter
value: 1
- name: net.ipv4.conf.default.rp_filter
value: 1
- name: net.ipv4.conf.all.accept_source_route
value: 0
- name: net.ipv4.neigh.default.gc_thresh1
value: 1024
- name: net.ipv4.neigh.default.gc_thresh2
value: 4096
- name: net.ipv4.neigh.default.gc_thresh3
value: 8192
hosts:
10.7.0.57:
router_network_address: 10.3.0.57/24
......
......@@ -21,17 +21,13 @@
owner: root
register: interfaces
- name: Configure sysctl
copy:
src: local.conf
dest: /etc/sysctl.d/local.conf
mode: 0644
group: root
owner: root
register: sysctl
- name: Reload sysctl
sysctl:
reload: yes
when: sysctl.changed
name: "{{ item.name }}"
value: "{{ item.value }}"
state: present
sysctl_file: /etc/sysctl.d/local.conf
loop: "{{ sysctl_config }}"
- name: Restart Network, and pray
shell: "sleep 5 && service networking restart"
async: 1
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment