projects / Institute / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f1a8ba0)
Front, Core /and/ Gate need to forward packets.
authorMatt Birkholz <matt@birchwood-abbey.net>
Thu, 18 Sep 2025 20:19:01 +0000 (14:19 -0600)
committerMatt Birkholz <matt@birchwood-abbey.net>
Thu, 18 Sep 2025 20:19:01 +0000 (14:19 -0600)
Punted OpenVPN and deleted too much.

README.org patch | blob | history
roles_t/core/tasks/main.yml patch | blob | history
roles_t/front/tasks/main.yml patch | blob | history
roles_t/gate/tasks/main.yml patch | blob | history

diff --git a/README.org b/README.org
index f74d242e860fec6256b267eca79c411c0b082e54..0ceb818f1f4c112c236333fdc9846892ae40a251 100644 (file)
--- a/README.org
+++ b/README.org
@@ -2108,6 +2108,13 @@ The following tasks install WireGuard™, configure it with
 #+CAPTION: [[file:roles_t/front/tasks/main.yml][=roles_t/front/tasks/main.yml=]]
 #+BEGIN_SRC conf :tangle roles_t/front/tasks/main.yml
 
+- name: Enable IP forwarding.
+  become: yes
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: "1"
+    state: present
+
 - name: Install WireGuard™.
   become: yes
   apt: pkg=wireguard
@@ -3572,6 +3579,13 @@ The following tasks install WireGuard™, configure it with
 #+CAPTION: [[file:roles_t/core/tasks/main.yml][=roles_t/core/tasks/main.yml=]]
 #+BEGIN_SRC conf :tangle roles_t/core/tasks/main.yml
 
+- name: Enable IP forwarding.
+  become: yes
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: "1"
+    state: present
+
 - name: Install WireGuard™.
   become: yes
   apt: pkg=wireguard
@@ -5044,6 +5058,13 @@ The following tasks install WireGuard™, configure it with
 #+CAPTION: [[file:roles_t/gate/tasks/main.yml][=roles_t/gate/tasks/main.yml=]]
 #+BEGIN_SRC conf :tangle roles_t/gate/tasks/main.yml
 
+- name: Enable IP forwarding.
+  become: yes
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: "1"
+    state: present
+
 - name: Install WireGuard™.
   become: yes
   apt: pkg=wireguard
diff --git a/roles_t/core/tasks/main.yml b/roles_t/core/tasks/main.yml
index 74c48192859fa309dbd9a8eab46055a1d64a59e5..0251231670b962e68f4edb93c27f3954b8252479 100644 (file)
--- a/roles_t/core/tasks/main.yml
+++ b/roles_t/core/tasks/main.yml
@@ -626,6 +626,13 @@
     name: webupdate
     user: monkey
 
+- name: Enable IP forwarding.
+  become: yes
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: "1"
+    state: present
+
 - name: Install WireGuard™.
   become: yes
   apt: pkg=wireguard
diff --git a/roles_t/front/tasks/main.yml b/roles_t/front/tasks/main.yml
index 58a52c8695d1cca9655f5600a54e30cfc7a8bc5d..61a31524852f8116ff1e95d22752439c4a81f850 100644 (file)
--- a/roles_t/front/tasks/main.yml
+++ b/roles_t/front/tasks/main.yml
@@ -375,6 +375,13 @@
   when: members[item].status != 'current'
   tags: accounts
 
+- name: Enable IP forwarding.
+  become: yes
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: "1"
+    state: present
+
 - name: Install WireGuard™.
   become: yes
   apt: pkg=wireguard
diff --git a/roles_t/gate/tasks/main.yml b/roles_t/gate/tasks/main.yml
index d6510b8b5321de77b3b4dfe5957f9d929e166169..31b3c0b32005c28d76d129ca8cfddaa55a2b138e 100644 (file)
--- a/roles_t/gate/tasks/main.yml
+++ b/roles_t/gate/tasks/main.yml
@@ -146,6 +146,12 @@
     service: isc-dhcp-server
     enabled: yes
 
+- name: Enable IP forwarding.
+  become: yes
+  sysctl:
+    name: net.ipv4.ip_forward
+    value: "1"
+    state: present
 
 - name: Install WireGuard™.
   become: yes
Small Institute Networking