Add role system-sysctl-gateway
This commit is contained in:
parent
846f385a21
commit
41d6fb0ff1
4 changed files with 54 additions and 0 deletions
|
@ -25,3 +25,4 @@
|
||||||
- service-bird-icvpn
|
- service-bird-icvpn
|
||||||
- service-bird-ffrl
|
- service-bird-ffrl
|
||||||
- service-rclocal
|
- service-rclocal
|
||||||
|
- system-sysctl-gateway
|
||||||
|
|
12
roles/system-sysctl-gateway/README.md
Normal file
12
roles/system-sysctl-gateway/README.md
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
# Ansible role system-sysctl-gateway
|
||||||
|
Diese Ansible role setzt Freifunk Gateway spezifische sysctl-Parameter.
|
||||||
|
|
||||||
|
## Benötigte Variablen
|
||||||
|
- List `sysctl_settings_gateway` (Rollen-Variable)
|
||||||
|
```
|
||||||
|
sysctl_settings_gateway:
|
||||||
|
- name: # sysctl-Parameter
|
||||||
|
value: # zu setzender Wert
|
||||||
|
...
|
||||||
|
|
||||||
|
´´´
|
7
roles/system-sysctl-gateway/tasks/main.yml
Normal file
7
roles/system-sysctl-gateway/tasks/main.yml
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
- name: set freifunk gateway sysctl settings
|
||||||
|
sysctl:
|
||||||
|
name: "{{ item.name }}"
|
||||||
|
value: "{{ item.value }}"
|
||||||
|
state: present
|
||||||
|
with_items: "{{ sysctl_settings_gateway }}"
|
34
roles/system-sysctl-gateway/vars/main.yml
Normal file
34
roles/system-sysctl-gateway/vars/main.yml
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
---
|
||||||
|
sysctl_settings_gateway:
|
||||||
|
- name: net.ipv4.ip_forward
|
||||||
|
value: 1
|
||||||
|
- name: net.ipv4.conf.default.rp_filter
|
||||||
|
value: 0
|
||||||
|
- name: net.ipv4.conf.all.rp_filter
|
||||||
|
value: 0
|
||||||
|
- name: net.ipv4.neigh.default.gc_thresh1
|
||||||
|
value: 1024
|
||||||
|
- name: net.ipv4.neigh.default.gc_thresh2
|
||||||
|
value: 2048
|
||||||
|
- name: net.ipv4.neigh.default.gc_thresh3
|
||||||
|
value: 4096
|
||||||
|
- name: net.netfilter.nf_conntrack_tcp_timeout_established
|
||||||
|
value: 86400
|
||||||
|
- name: net.netfilter.nf_conntrack_max
|
||||||
|
value: 262140
|
||||||
|
- name: net.ipv6.conf.all.forwarding
|
||||||
|
value: 1
|
||||||
|
- name: net.ipv6.conf.all.autoconf
|
||||||
|
value: 0
|
||||||
|
- name: net.ipv6.conf.default.autoconf
|
||||||
|
value: 0
|
||||||
|
- name: net.ipv6.conf.all.accept_ra
|
||||||
|
value: 0
|
||||||
|
- name: net.ipv6.conf.default.accept_ra
|
||||||
|
value: 0
|
||||||
|
- name: net.ipv6.neigh.default.gc_thresh1
|
||||||
|
value: 1024
|
||||||
|
- name: net.ipv6.neigh.default.gc_thresh2
|
||||||
|
value: 2048
|
||||||
|
- name: net.ipv6.neigh.default.gc_thresh3
|
||||||
|
value: 4096
|
Loading…
Reference in a new issue