summaryrefslogtreecommitdiffstats
path: root/ansible/roles
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles')
-rw-r--r--ansible/roles/dns/handlers/main.yml14
-rw-r--r--ansible/roles/dns/tasks/main.yml36
-rw-r--r--ansible/roles/dns/templates/simulated_hosts.j23
-rw-r--r--ansible/roles/firewall/tasks/firewall-disable.yml17
-rw-r--r--ansible/roles/firewall/tasks/main.yml2
5 files changed, 72 insertions, 0 deletions
diff --git a/ansible/roles/dns/handlers/main.yml b/ansible/roles/dns/handlers/main.yml
new file mode 100644
index 00000000..ac3209dc
--- /dev/null
+++ b/ansible/roles/dns/handlers/main.yml
@@ -0,0 +1,14 @@
+---
+- name: Restart dnsmasq container
+ docker_container:
+ name: dnsmasq
+ image: andyshinn/dnsmasq:2.76
+ command: -H /simulated_hosts --log-facility=-
+ capabilities: NET_ADMIN
+ volumes:
+ - "{{ app_data_path }}/cfg/simulated_hosts:/simulated_hosts:ro"
+ ports:
+ - "53:53/tcp"
+ - "53:53/udp"
+ state: started
+ restart_policy: unless-stopped
diff --git a/ansible/roles/dns/tasks/main.yml b/ansible/roles/dns/tasks/main.yml
new file mode 100644
index 00000000..2bc05648
--- /dev/null
+++ b/ansible/roles/dns/tasks/main.yml
@@ -0,0 +1,36 @@
+---
+- name: Ensure cfg directory exist
+ file:
+ path: "{{ app_data_path }}/cfg"
+ state: directory
+
+- name: Create simulated hostnames file
+ template:
+ src: simulated_hosts.j2
+ dest: "{{ app_data_path }}/cfg/simulated_hosts"
+ notify: Restart dnsmasq container
+
+- name: Load dnsmasq container
+ docker_image:
+ name: andyshinn/dnsmasq:2.76
+ load_path: "{{ app_data_path }}/offline_data/docker_images_infra/andyshinn_dnsmasq_2.76.tar"
+ state: present
+ timeout: 120
+ notify: Restart dnsmasq container
+
+- name: Start dnsmasq container
+ docker_container:
+ name: dnsmasq
+ network_mode: host
+ image: andyshinn/dnsmasq:2.76
+ command: -H /simulated_hosts --log-facility=-
+ capabilities: NET_ADMIN
+ dns_servers:
+ - 127.0.0.1
+ volumes:
+ - "{{ app_data_path }}/cfg/simulated_hosts:/simulated_hosts:ro"
+ ports:
+ - "53:53/tcp"
+ - "53:53/udp"
+ state: started
+ restart_policy: unless-stopped
diff --git a/ansible/roles/dns/templates/simulated_hosts.j2 b/ansible/roles/dns/templates/simulated_hosts.j2
new file mode 100644
index 00000000..637aef6a
--- /dev/null
+++ b/ansible/roles/dns/templates/simulated_hosts.j2
@@ -0,0 +1,3 @@
+{% for host in all_simulated_hosts -%}
+ {{ ansible_host }} {{ host }}
+{% endfor %}
diff --git a/ansible/roles/firewall/tasks/firewall-disable.yml b/ansible/roles/firewall/tasks/firewall-disable.yml
new file mode 100644
index 00000000..9a8a2c10
--- /dev/null
+++ b/ansible/roles/firewall/tasks/firewall-disable.yml
@@ -0,0 +1,17 @@
+---
+- name: Check if firewalld is installed
+ yum:
+ list: firewalld
+ disablerepo: "*"
+ register: firewalld_check
+
+- name: Stop and disable firewalld if exists
+ service:
+ name: firewalld
+ state: stopped
+ enabled: no
+ when: firewalld_check.results|selectattr('yumstate', 'match', 'installed')|list|length != 0
+
+- name: Flush iptables
+ iptables:
+ flush: true
diff --git a/ansible/roles/firewall/tasks/main.yml b/ansible/roles/firewall/tasks/main.yml
new file mode 100644
index 00000000..f7bb7c74
--- /dev/null
+++ b/ansible/roles/firewall/tasks/main.yml
@@ -0,0 +1,2 @@
+---
+- include_tasks: "firewall-{{ state }}.yml"