From 407a01550a681a447693fc88114c74365e82befe Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Tue, 17 Feb 2026 18:09:55 +0100 Subject: [PATCH] feat: remove static routes --- defaults/main.yaml | 3 --- handlers/main.yaml | 9 --------- readme.md | 20 -------------------- tasks/routing.yaml | 20 -------------------- 4 files changed, 52 deletions(-) diff --git a/defaults/main.yaml b/defaults/main.yaml index 53cf07f..c76bc7e 100644 --- a/defaults/main.yaml +++ b/defaults/main.yaml @@ -7,9 +7,6 @@ lan_interface: "eth1" # nat rules nat_port_forwards: [] -# static routes -static_routes: [] - # incoming firewall rules incoming_firewall_rules: [] diff --git a/handlers/main.yaml b/handlers/main.yaml index e305b8a..7eadef7 100644 --- a/handlers/main.yaml +++ b/handlers/main.yaml @@ -5,12 +5,3 @@ ansible.builtin.service: name: "nftables" state: "restarted" - -# apply local routes -- name: "apply routes - add static routes" - ansible.builtin.shell: - cmd: | - {% for route in static_routes %} - ip route replace {{ route.destination }} via {{ route.gateway }}{{ ' dev ' + route.interface if route.interface is defined else '' }}{{ ' metric ' + route.metric if route.metric is defined else '' }} - {% endfor %} - when: "static_routes | length > 0" diff --git a/readme.md b/readme.md index a4d4d6d..53747f6 100644 --- a/readme.md +++ b/readme.md @@ -26,26 +26,6 @@ wan_interface: "eth0" lan_interface: "eth1" ``` -### Static Routes - -```yaml -static_routes: - - - name: "route to internal network 10.0.0.0/8 via 192.168.1.1" - destination: "10.0.0.0/8" - gateway: "192.168.1.1" - - - name: "route to dmz with custom metric" - destination: "172.16.0.0/12" - gateway: "192.168.1.254" - metric: 100 - - - name: "route with specific interface" - destination: "192.168.100.0/24" - gateway: "192.168.1.1" - interface: "eth1" -``` - ### Incoming Firewall Rules ```yaml diff --git a/tasks/routing.yaml b/tasks/routing.yaml index 33f75b2..21283af 100644 --- a/tasks/routing.yaml +++ b/tasks/routing.yaml @@ -34,23 +34,3 @@ value: "0" - name: "net.ipv4.conf.all.log_martians" value: "0" - -# configure static routes -- name: "routing - static routes" - ansible.builtin.blockinfile: - path: "/etc/network/interfaces" - marker: " # {mark} ANSIBLE MANAGED STATIC ROUTES" - block: | - {% for route in static_routes %} - # {{ route.name }} - {% if route.metric is defined %} - down ip route del {{ route.destination }} via {{ route.gateway }}{{ ' dev ' + route.interface if route.interface is defined else '' }} metric {{ route.metric }} - up ip route add {{ route.destination }} via {{ route.gateway }}{{ ' dev ' + route.interface if route.interface is defined else '' }} metric {{ route.metric }} - {% else %} - down ip route del {{ route.destination }} via {{ route.gateway }}{{ ' dev ' + route.interface if route.interface is defined else '' }} - up ip route add {{ route.destination }} via {{ route.gateway }}{{ ' dev ' + route.interface if route.interface is defined else '' }} - {% endif %} - {% endfor %} - insertafter: "^iface {{ lan_interface }} inet.*\\n(\\s+.*\\n)*\\s+netmask" - state: "{{ 'present' if static_routes | length > 0 else 'absent' }}" - notify: "apply routes"