add router role

author: Egor Tensin <Egor.Tensin@gmail.com> 2023-08-08 22:54:28 +0200
committer: Egor Tensin <Egor.Tensin@gmail.com> 2023-08-08 22:55:04 +0200
commit: f10a9fe80ce3b3a8eeb183c24cec1f34bd0f8177 (patch)
tree: fec9559100d94605688165c53dd58c8fc6b882ef
parent: wireguard: optionally set iptables rules (diff)
download: infra-ansible-f10a9fe80ce3b3a8eeb183c24cec1f34bd0f8177.tar.gz
infra-ansible-f10a9fe80ce3b3a8eeb183c24cec1f34bd0f8177.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/roles/router/tasks/main.yml b/roles/router/tasks/main.yml
new file mode 100644
index 0000000..6aecdd4
--- /dev/null
+++ b/roles/router/tasks/main.yml
@@ -0,0 +1,11 @@
+- name: Set sysctl values
+  become: true
+  ansible.posix.sysctl:
+    name: '{{ item }}'
+    value: 1
+    reload: true
+    sysctl_file: /etc/sysctl.d/99-router.conf
+  loop:
+    - net.ipv4.ip_forward
+    - net.ipv4.conf.all.forwarding
+    - net.ipv6.conf.all.forwarding
author	Egor Tensin <Egor.Tensin@gmail.com>	2023-08-08 22:54:28 +0200
committer	Egor Tensin <Egor.Tensin@gmail.com>	2023-08-08 22:55:04 +0200
commit	f10a9fe80ce3b3a8eeb183c24cec1f34bd0f8177 (patch)
tree	fec9559100d94605688165c53dd58c8fc6b882ef
parent	wireguard: optionally set iptables rules (diff)
download	infra-ansible-f10a9fe80ce3b3a8eeb183c24cec1f34bd0f8177.tar.gz infra-ansible-f10a9fe80ce3b3a8eeb183c24cec1f34bd0f8177.zip