# # /etc/network/interfaces (Salt managed) # {%- set node_config = salt['pillar.get']('nodes:' ~ grains['id'], {}) %} {%- set node_id = grains['id'] %} {%- set sites_config = salt['pillar.get']('sites', {}) %} {%- set ifaces = salt['ffho_net.get_interface_config'](node_config, sites_config) %} {%- set iface_list = salt['ffho_net.get_interface_list'](ifaces) %} #source /etc/network/interfaces.d/* {# # Configure any secondary IPs / router_id on loopback, if present #} # The loopback network interface auto lo iface lo {%- if 'lo' in ifaces %} {%- for prefix in ifaces['lo']['prefixes'] %} {%- set mask = '128' if ':' in prefix else '32' %} {%- set prefix = prefix if '/' in prefix else prefix ~ '/' ~ mask %} address {{ prefix }} {%- endfor %} {%- endif %} {# # Set up ifaces dict with configured and generated interfaces. #} {%- for interface in iface_list if interface not in ['lo'] %} {%- set config = ifaces.get (interface) %} {#- Let's go #} {%- set planned = "" %} {%- if config.get ('status', 'online') == 'planned' %} {%- set planned = " (Planned)" %} {%- endif %} {%- set desc = config.get ('desc', interface) %} {%- set alias = config.get ('alias', desc) + planned %} # {{ desc + planned }} {%- if config.get ('auto', True) == True %} auto {{ interface }} {%- endif %} {%- if 'method' in config %} iface {{ interface }} inet {{ config.get ('method') }} {%- else %} iface {{ interface }} {%- endif %} {#- Alias / Description set? #} {%- if 'alias' in config or 'desc' in config %} alias "{{ alias }}" # {%- endif %} {#- Configure stuff for bonding, bridging, etc.? #} {%- for feature in ['batman', 'bond', 'bridge', 'vlan', 'vxlan'] if feature in config %} {%- set feature_config = config.get (feature) %} {%- for opt in feature_config|sort %} {{ opt }} {{ feature_config.get (opt) }} {%- endfor %} # {%- endfor %} {#- Wireguard tunnel? #} {%- if 'wireguard' in config %} use wireguard up echo 0 > /proc/sys/net/ipv6/conf/$IFACE/addr_gen_mode # {%- endif %} {#- Configure IP addresses #} {%- for prefix in config.get ('prefixes', []) %} address {{ prefix }} {%- endfor %} {#- Anything else... #} {%- for keyword in config|sort %} {%- set argument = config.get (keyword) %} {%- if argument is none %} {%- elif keyword.startswith ("_") %} {%- elif keyword in [ 'auto', 'batman', 'bond', 'bridge', 'driver', 'mac', 'method', 'vlan', 'vxlan', 'desc', 'prefixes', 'status', 'tagged_vlans', 'urpf', 'has_gateway', 'wireguard' ] %} {%- elif argument is string or argument is number %} {{ keyword }} {{ argument }} {%- else %} {%- for item in argument %} {{ keyword }} {{ item }} {%- endfor %} {%- endif %} {%- endfor %} {% endfor %} {#- # OpenVPN VPNs (if any) #} {%- include "network/interfaces/openvpn.tmpl" %}