ansible/router
ansible/router
2
0
Fork 0
Code Issues 1 Pull requests Activity
Ansible Role for managing an opiniated Alpine Router
33 commits 1 branch 0 tags 76 KiB
  • Jinja 100%
Find a file
Simon Cornet 0b1ea4d957 feat: add external dhcp option
2026-03-02 13:15:05 +01:00
defaults feat: add external dhcp option 2026-03-02 13:15:05 +01:00
handlers feat: remove static routes 2026-02-17 18:09:55 +01:00
meta chore: fix galaxy meta information 2026-02-16 14:50:40 +01:00
roles ci: add various configs and linter fixes 2026-02-16 17:51:23 +01:00
tasks feat: remove static routes 2026-02-17 18:09:55 +01:00
templates feat: add external dhcp option 2026-03-02 13:15:05 +01:00
.ansible-lint chore: add basic role layout for ans-router 2026-02-16 14:15:02 +01:00
.gitignore chore: add basic role layout for ans-router 2026-02-16 14:15:02 +01:00
.gitlab-ci.yml ci: add initial config 2026-02-16 17:35:14 +01:00
.markdownlint-cli2.jsonc ci: add various configs and linter fixes 2026-02-16 17:51:23 +01:00
.yamllint chore: add basic role layout for ans-router 2026-02-16 14:15:02 +01:00
AGENTS.md chore: restructure tasks - install, routing, firewall, performance 2026-02-16 14:17:09 +01:00
playbook.yaml ci: add various configs and linter fixes 2026-02-16 17:51:23 +01:00
readme.md feat: remove static routes 2026-02-17 18:09:55 +01:00
renovate.json chore: add basic role layout for ans-router 2026-02-16 14:15:02 +01:00

readme.md

Overview

This role configures router functionality on Alpine Linux.

Supported Operating Systems

Operating System Version
Alpine 3.23

Tags

Tag Purpose
full Execute all tasks
routing Configure routing and iptables
firewall Configure firewall rules
performance Configure performance tuning

Role Variables

Interfaces

wan_interface: "eth0"
lan_interface: "eth1"

Incoming Firewall Rules

incoming_firewall_rules:

  - name: "allow ssh from lan"
    source: "192.168.1.0/24"
    protocol: "tcp"
    port: 22

  - name: "allow https from lan"
    source: "192.168.1.0/24"
    protocol: "tcp"
    port: 443

  - name: "allow dns from lan"
    source: "192.168.1.0/24"
    protocol: "udp"
    port: 53

  - name: "allow ping from lan"
    source: "192.168.1.0/24"
    protocol: "icmp"
    port: 0

NAT Port Forwards

nat_port_forwards:

  - name: "forward http to web server"
    dst: "192.168.1.10"
    port: 80
    protocol: "tcp"

  - name: "forward https to web server"
    dst: "192.168.1.10"
    port: 443
    protocol: "tcp"

  - name: "forward ssh to internal server"
    dst: "192.168.1.20"
    port: 2222
    protocol: "tcp"