diff --git a/Readme.md b/Readme.md index 6d8973b..f754ebc 100644 --- a/Readme.md +++ b/Readme.md @@ -47,8 +47,26 @@ meshes: advvalidlifetime: 864000 advpreferredlifetime: 172800 iface_mtu: 1350 - peers_mesh_repo: https://github.com/freifunk-mwu/peers-ffmz.git - peers_intragate_repo: https://github.com/freifunk-mwu/ffmz-infrastructure-peers.git + fastd: + nodes: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/peers-ffmz.git + version: master + - id: 1 + mtu: 1312 + peers: + repo: https://github.com/freifunk-mwu/peers-ffmz.git + version: master + intragate: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/ffmz-infrastructure-peers.git + version: master dns: master: fd37:b4dc:4b1e::a25:103 forward_zones: @@ -81,8 +99,26 @@ meshes: maxrtradvinterval: 900 advvalidlifetime: 864000 iface_mtu: 1350 - peers_mesh_repo: https://github.com/freifunk-mwu/peers-ffwi.git - peers_intragate_repo: https://github.com/freifunk-mwu/ffwi-infrastructure-peers.git + fastd: + nodes: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/peers-ffwi.git + version: master + - id: 1 + mtu: 1312 + peers: + repo: https://github.com/freifunk-mwu/peers-ffwi.git + version: master + intragate: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/ffwi-infrastructure-peers.git + version: master dns: master: fd56:b4dc:4b1e::a38:103 forward_zones: diff --git a/inventory/group_vars/all b/inventory/group_vars/all index 3b2d411..6955e93 100644 --- a/inventory/group_vars/all +++ b/inventory/group_vars/all @@ -40,8 +40,26 @@ meshes: advvalidlifetime: 864000 advpreferredlifetime: 172800 iface_mtu: 1350 - peers_mesh_repo: https://github.com/freifunk-mwu/peers-ffmz.git - peers_intragate_repo: https://github.com/freifunk-mwu/ffmz-infrastructure-peers.git + fastd: + nodes: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/peers-ffmz.git + version: master + - id: 1 + mtu: 1312 + peers: + repo: https://github.com/freifunk-mwu/peers-ffmz.git + version: master + intragate: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/ffmz-infrastructure-peers.git + version: master dns: master: fd37:b4dc:4b1e::a25:103 forward_zones: @@ -75,8 +93,26 @@ meshes: advvalidlifetime: 864000 advpreferredlifetime: 172800 iface_mtu: 1350 - peers_mesh_repo: https://github.com/freifunk-mwu/peers-ffwi.git - peers_intragate_repo: https://github.com/freifunk-mwu/ffwi-infrastructure-peers.git + fastd: + nodes: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/peers-ffwi.git + version: master + - id: 1 + mtu: 1312 + peers: + repo: https://github.com/freifunk-mwu/peers-ffwi.git + version: master + intragate: + instances: + - id: 0 + mtu: 1406 + peers: + repo: https://github.com/freifunk-mwu/ffwi-infrastructure-peers.git + version: master dns: master: fd56:b4dc:4b1e::a38:103 forward_zones: diff --git a/roles/network-fastd/README.md b/roles/network-fastd/README.md index 535178e..e54f946 100644 --- a/roles/network-fastd/README.md +++ b/roles/network-fastd/README.md @@ -1,9 +1,12 @@ # Ansible role network-fastd -Diese Ansible role konfiguriert Netzwerk Interfaces für fastd. +Diese Ansible role konfiguriert Netzwerk Interfaces für die definierten fastd Instanzen. -- xxVPN pro Mesh -- xxigVPN pro Mesh +Es wird zwischen node- und intragate-Instanzen unterschieden. + +## Interface-Benamung +Node-Interfaces: $mesh.id + VPN + '-' + $mesh.fastd.nodes.instances.xx.mtu, z.B. "mzVPN-1312" +Intragate-Interfaces: $mesh.id + 'ig' + VPN + '-' + $mesh.fastd.intragate.instances.xx.mtu, z.B. "mzigVPN-1312" ## Benötigte Variablen @@ -20,7 +23,7 @@ meshes: ## MAC-Adressen -Die MAC-Adressen der Interfaces werden aus dem IPv4-Subnetz sowie der `magic`-Nummerdes Hosts berechnet. +Die MAC-Adressen der Interfaces werden aus dem IPv4-Subnetz sowie der `magic`-Nummer des Hosts berechnet. -xxVPN-prefix: `02:11` -xxigVPN-prefix: `02:12` +xxVPN-$mtu prefix: `02:2x` # x = ID der fastd-Instanz +xxigVPN-$mtu prefix: `02:3x` # x = ID der fastd-Instanz diff --git a/roles/network-fastd/tasks/main.yml b/roles/network-fastd/tasks/main.yml index 2b53d6b..2cf7998 100644 --- a/roles/network-fastd/tasks/main.yml +++ b/roles/network-fastd/tasks/main.yml @@ -2,13 +2,17 @@ - name: create fastd mesh interfaces template: src: fastd-mesh.j2 - dest: "/etc/network/interfaces.d/{{ item.id }}VPN" + dest: "/etc/network/interfaces.d/{{ item.0.id }}VPN-{{ item.1.mtu }}" notify: reload network interfaces - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: create fastd intragate interfaces template: src: fastd-intragate.j2 - dest: "/etc/network/interfaces.d/{{ item.id }}igVPN" + dest: "/etc/network/interfaces.d/{{ item.0.id }}igVPN-{{ item.1.mtu }}" notify: reload network interfaces - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances diff --git a/roles/network-fastd/templates/fastd-intragate.j2 b/roles/network-fastd/templates/fastd-intragate.j2 index ffb1d63..9d049a2 100644 --- a/roles/network-fastd/templates/fastd-intragate.j2 +++ b/roles/network-fastd/templates/fastd-intragate.j2 @@ -1,8 +1,8 @@ -{% set ip4hex = item.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} -{% set mac = '0212' + ip4hex -%} +{% set ip4hex = item.0.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} +{% set mac = '023' + item.1.id|string + ip4hex -%} # # {{ ansible_managed }} # -auto {{ item.id }}igVPN -iface {{ item.id }}igVPN +auto {{ item.0.id }}igVPN-{{ item.1.mtu }} +iface {{ item.0.id }}igVPN-{{ item.1.mtu }} hwaddress {{ mac | hwaddr('linux') }} diff --git a/roles/network-fastd/templates/fastd-mesh.j2 b/roles/network-fastd/templates/fastd-mesh.j2 index 879ceea..207cd79 100644 --- a/roles/network-fastd/templates/fastd-mesh.j2 +++ b/roles/network-fastd/templates/fastd-mesh.j2 @@ -1,8 +1,8 @@ -{% set ip4hex = item.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} -{% set mac = '0211' + ip4hex -%} +{% set ip4hex = item.0.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} +{% set mac = '022' + item.1.id|string + ip4hex -%} # # {{ ansible_managed }} # -auto {{ item.id }}VPN -iface {{ item.id }}VPN +auto {{ item.0.id }}VPN-{{ item.1.mtu }} +iface {{ item.0.id }}VPN-{{ item.1.mtu }} hwaddress {{ mac | hwaddr('linux') }} diff --git a/roles/service-fastd-intragate/README.md b/roles/service-fastd-intragate/README.md index 186f744..399b8b1 100644 --- a/roles/service-fastd-intragate/README.md +++ b/roles/service-fastd-intragate/README.md @@ -18,8 +18,15 @@ meshes: - id: xx ... site_number: # integer - peers_mesh_repo: # String - https Link zum Github Repository - peers_intragate_repo: # String - https Link zum Github Repository + fastd: + nodes: + instances: + - id: 0 # integer + mtu: # integer + peers: + repo: # String - https Link zum Github Repository + version: # String - Branch oder Commit ID + ... ´´´ - Dictionary `fastd_secrets` (Host-Variable) ´´´ diff --git a/roles/service-fastd-intragate/handlers/main.yml b/roles/service-fastd-intragate/handlers/main.yml index f8e9ab6..f61c999 100644 --- a/roles/service-fastd-intragate/handlers/main.yml +++ b/roles/service-fastd-intragate/handlers/main.yml @@ -1,6 +1,8 @@ --- - name: restart fastd intragate instances systemd: - name: "fastd@{{ item.id }}igVPN" + name: "fastd@{{ item.0.id }}igVPN-{{ item.1.mtu }}" state: restarted - with_dict: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances diff --git a/roles/service-fastd-intragate/tasks/main.yml b/roles/service-fastd-intragate/tasks/main.yml index 0d69173..1800909 100644 --- a/roles/service-fastd-intragate/tasks/main.yml +++ b/roles/service-fastd-intragate/tasks/main.yml @@ -1,45 +1,57 @@ --- - name: configure systemd unit fastd@ systemd: - name: "fastd@{{ item.id }}igVPN" + name: "fastd@{{ item.0.id }}igVPN-{{ item.1.mtu }}" enabled: yes - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances - name: create fastd intragate directories file: - path: "/etc/fastd/{{ item.id }}igVPN" + path: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}" state: directory mode: 0755 - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances - name: create fastd peer intragate directories file: - path: "/etc/fastd/{{ item.id }}igVPN/peers" + path: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/peers" state: directory mode: 0755 owner: admin group: admin - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances - name: clone fastd peer intragate repos git: - repo: "{{ item.peers_intragate_repo }}" - dest: "/etc/fastd/{{ item.id }}igVPN/peers" - version: master + repo: "{{ item.1.peers.repo }}" + dest: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/peers" + version: "{{ item.1.peers.version }}" update: no - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances become: false - name: template fastd mesh config template: src: fastd-intragate.conf.j2 - dest: "/etc/fastd/{{ item.id }}igVPN/fastd.conf" + dest: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/fastd.conf" notify: restart fastd intragate instances - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances - name: write fastd intragate secret template: src: fastd-secret.conf.j2 - dest: "/etc/fastd/{{ item.id }}igVPN/secret.conf" + dest: "/etc/fastd/{{ item.0.id }}igVPN-{{ item.1.mtu }}/secret.conf" notify: restart fastd intragate instances - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.intragate.instances diff --git a/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 b/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 index 628d5f9..817ffa5 100644 --- a/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 +++ b/roles/service-fastd-intragate/templates/fastd-intragate.conf.j2 @@ -1,4 +1,4 @@ -{% set ip4hex = item.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} +{% set ip4hex = item.0.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} {% set mac = '0212' + ip4hex -%} # # {{ ansible_managed }} @@ -9,13 +9,13 @@ hide mac addresses yes; method "aes128-ctr+umac"; -interface "{{ item.id }}igVPN"; +interface "{{ item.0.id }}igVPN-{{ item.1.mtu }}"; -bind {{ ansible_default_ipv4.address | ipaddr('public') }}:101{{ item.site_number }}; -bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:101{{ item.site_number }}; +bind {{ ansible_default_ipv4.address | ipaddr('public') }}:11{{ item.1.id }}{{ item.0.site_number }}; +bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:11{{ item.1.id }}{{ item.0.site_number }}; include "secret.conf"; -mtu 1406; +mtu {{ item.1.mtu }}; peer group "servers" { include peers from "peers/gates"; @@ -27,11 +27,11 @@ on up " ip link set address {{ mac | hwaddr('linux') }} dev $INTERFACE ip link set $INTERFACE up - batctl -m {{ item.id }}BAT if add $INTERFACE + batctl -m {{ item.0.id }}BAT if add $INTERFACE "; on down " - batctl -m {{ item.id }}BAT if del $INTERFACE + batctl -m {{ item.0.id }}BAT if del $INTERFACE "; -status socket "/var/run/fastd-{{ item.id }}igVPN.status"; +status socket "/var/run/fastd-{{ item.0.id }}igVPN-{{ item.1.mtu }}.status"; diff --git a/roles/service-fastd-intragate/templates/fastd-secret.conf.j2 b/roles/service-fastd-intragate/templates/fastd-secret.conf.j2 index e6a1a48..b4a8077 100644 --- a/roles/service-fastd-intragate/templates/fastd-secret.conf.j2 +++ b/roles/service-fastd-intragate/templates/fastd-secret.conf.j2 @@ -1,4 +1,4 @@ -{% set local_interface = item.id + 'igVPN' -%} +{% set local_interface = item.0.id + 'igVPN' -%} # # {{ ansible_managed }} # diff --git a/roles/service-fastd-mesh/README.md b/roles/service-fastd-mesh/README.md index c091d51..84f93e1 100644 --- a/roles/service-fastd-mesh/README.md +++ b/roles/service-fastd-mesh/README.md @@ -2,7 +2,6 @@ Diese Ansible role konfiguriert die fastd-Instanz für die Knoten Kommunikation. -- konfiguriert xxVPN-Instanzen - stellt sicher, dass die Instanz-Verzeichnisse existieren - schreibt fastd.conf - schreibt secret.conf @@ -11,6 +10,10 @@ Diese Ansible role konfiguriert die fastd-Instanz für die Knoten Kommunikation. - klont die fastd peer repos - klont bingener fastd peer repo (im Moment hardcoded) +## Instanz-Benamung +Node-Instanzen: $mesh.id + VPN + '-' + $mesh.fastd.nodes.instances.xx.mtu, z.B. "mzVPN-1312" +Intragate-Instanzen: $mesh.id + 'ig' + VPN + '-' + $mesh.fastd.intragate.instances.xx.mtu, z.B. "mzigVPN-1312" + ## Benötigte Variablen - Dictionary `meshes` @@ -19,8 +22,15 @@ meshes: - id: xx ... site_number: # integer - peers_mesh_repo: # String - https Link zum Github Repository - peers_intragate_repo: # String - https Link zum Github Repository + fastd: + nodes: + instances: + - id: 0 # integer + mtu: # integer + peers: + repo: # String - https Link zum Github Repository + version: # String - Branch oder Commit ID + ... ´´´ - Dictionary `fastd_secrets` (Host-Variable) ´´´ diff --git a/roles/service-fastd-mesh/handlers/main.yml b/roles/service-fastd-mesh/handlers/main.yml index 05e2a52..542401e 100644 --- a/roles/service-fastd-mesh/handlers/main.yml +++ b/roles/service-fastd-mesh/handlers/main.yml @@ -1,6 +1,8 @@ --- - name: restart fastd mesh instances systemd: - name: "fastd@{{ item.id }}VPN" + name: "fastd@{{ item.0.id }}VPN{{ item.1.mtu }}" state: restarted - with_dict: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances diff --git a/roles/service-fastd-mesh/tasks/main.yml b/roles/service-fastd-mesh/tasks/main.yml index 688a7bc..9d0ba57 100644 --- a/roles/service-fastd-mesh/tasks/main.yml +++ b/roles/service-fastd-mesh/tasks/main.yml @@ -1,84 +1,106 @@ --- - name: configure systemd unit fastd@ systemd: - name: "fastd@{{ item.id }}VPN" + name: "fastd@{{ item.0.id }}VPN-{{ item.1.mtu }}" enabled: yes - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: create fastd directories file: - path: "/etc/fastd/{{ item.id }}VPN" + path: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}" state: directory mode: 0755 - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: create fastd peer mesh directories file: - path: "/etc/fastd/{{ item.id }}VPN/peers" + path: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peers" state: directory mode: 0755 owner: admin group: admin - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: create fastd peer mesh directories for ffbin file: - path: "/etc/fastd/mzVPN/peers_bingen" + path: "/etc/fastd/mzVPN-{{ item }}/peers_bingen" state: directory mode: 0755 owner: admin group: admin + with_items: + - 1406 + - 1312 - name: clone fastd peer mesh repos git: - repo: "{{ item.peers_mesh_repo }}" - dest: "/etc/fastd/{{ item.id }}VPN/peers" - version: master + repo: "{{ item.1.peers.repo }}" + dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peers" + version: "{{ item.1.peers.version }}" update: no - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances become: false - name: clone fastd peer mesh repo for ffbin git: repo: https://github.com/freifunk-bingen/peers-ffbin.git - dest: /etc/fastd/mzVPN/peers_bingen + dest: "/etc/fastd/mzVPN-{{ item }}/peers_bingen" version: master update: no + with_items: + - 1406 + - 1312 become: false - name: template fastd mesh config template: src: fastd-mesh.conf.j2 - dest: "/etc/fastd/{{ item.id }}VPN/fastd.conf" + dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/fastd.conf" notify: restart fastd mesh instances - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: write fastd mesh secret template: src: fastd-secret.conf.j2 - dest: "/etc/fastd/{{ item.id }}VPN/secret.conf" + dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/secret.conf" notify: restart fastd mesh instances - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: copy peer_limit.conf if not exist copy: src: peer_limit.conf - dest: "/etc/fastd/{{ item.id }}VPN/peer_limit.conf" + dest: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peer_limit.conf" owner: admin group: admin mode: 0640 force: no notify: restart fastd mesh instances - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: set file attributes for peer_limit.conf file: - path: "/etc/fastd/{{ item.id }}VPN/peer_limit.conf" + path: "/etc/fastd/{{ item.0.id }}VPN-{{ item.1.mtu }}/peer_limit.conf" mode: 0640 owner: admin group: admin notify: restart fastd mesh instances - with_items: "{{ meshes }}" + with_subelements: + - "{{ meshes }}" + - fastd.nodes.instances - name: write systemd unit fastd-sync-meshkeys.service template: diff --git a/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 b/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 index c800e47..038ac4d 100644 --- a/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 +++ b/roles/service-fastd-mesh/templates/fastd-mesh.conf.j2 @@ -1,4 +1,4 @@ -{% set ip4hex = item.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} +{% set ip4hex = item.0.ipv4_network | ipaddr('net') | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} {% set mac = '0211' + ip4hex -%} # # {{ ansible_managed }} @@ -9,18 +9,18 @@ hide mac addresses yes; method "salsa2012+umac"; -interface "{{ item.id }}VPN"; +interface "{{ item.0.id }}VPN-{{ item.1.mtu }}"; -bind {{ ansible_default_ipv4.address | ipaddr('public') }}:100{{ item.site_number }}; -bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:100{{ item.site_number }}; +bind {{ ansible_default_ipv4.address | ipaddr('public') }}:10{{ item.1.id }}{{ item.0.site_number }}; +bind {{ ansible_default_ipv6.address | ipaddr('public') | ipwrap }}:10{{ item.1.id }}{{ item.0.site_number }}; include "secret.conf"; -mtu 1406; +mtu {{ item.1.mtu }}; peer group "vpn_nodes" { include "peer_limit.conf"; include peers from "peers"; -{% if item.id == "mz" %} +{% if item.0.id == "mz" %} include peers from "peers_bingen"; {% endif %} } @@ -34,11 +34,11 @@ on up " ip link set address {{ mac | hwaddr('linux') }} dev $INTERFACE ip link set $INTERFACE up - batctl -m {{ item.id }}BAT if add $INTERFACE + batctl -m {{ item.0.id }}BAT if add $INTERFACE "; on down " - batctl -m {{ item.id }}BAT if del $INTERFACE + batctl -m {{ item.0.id }}BAT if del $INTERFACE "; -status socket "/var/run/fastd-{{ item.id }}VPN.status"; +status socket "/var/run/fastd-{{ item.0.id }}VPN-{{ item.1.mtu }}.status"; diff --git a/roles/service-fastd-mesh/templates/fastd-secret.conf.j2 b/roles/service-fastd-mesh/templates/fastd-secret.conf.j2 index 958df93..a30308c 100644 --- a/roles/service-fastd-mesh/templates/fastd-secret.conf.j2 +++ b/roles/service-fastd-mesh/templates/fastd-secret.conf.j2 @@ -1,4 +1,4 @@ -{% set local_interface = item.id + 'VPN' -%} +{% set local_interface = item.0.id + 'VPN' -%} # # {{ ansible_managed }} # diff --git a/roles/service-tinc/templates/tinc-up.j2 b/roles/service-tinc/templates/tinc-up.j2 index 5fb6692..57f0131 100644 --- a/roles/service-tinc/templates/tinc-up.j2 +++ b/roles/service-tinc/templates/tinc-up.j2 @@ -1,5 +1,5 @@ {% set ip4hex = icvpn_ipv4_transfer_net | ipaddr('net') | ipsubnet(24, 37) | ipaddr(magic) | ipaddr('address') | ip4_hex() -%} -{% set mac = '0220' + ip4hex -%} +{% set mac = '02f0' + ip4hex -%} #!/bin/sh # # {{ ansible_managed }}