parent
7174bb3bc6
commit
79efa07285
@ -0,0 +1,13 @@ |
||||
--- |
||||
- hosts: cobalamin.csclub.uwaterloo.ca |
||||
become: yes |
||||
become_method: sudo |
||||
roles: |
||||
- common |
||||
- core |
||||
- hardware |
||||
- generate-hosts |
||||
- auth |
||||
- csc-packages |
||||
- nfs |
||||
- cleanup |
@ -1,2 +0,0 @@ |
||||
--- |
||||
syscom: False |
@ -0,0 +1,12 @@ |
||||
# IPv6 Privacy Extensions (RFC 4941) |
||||
# --- |
||||
# IPv6 typically uses a device's MAC address when choosing an IPv6 address |
||||
# to use in autoconfiguration. Privacy extensions allow using a randomly |
||||
# generated IPv6 address, which increases privacy. |
||||
# |
||||
# Acceptable values: |
||||
# 0 - don’t use privacy extensions. |
||||
# 1 - generate privacy addresses |
||||
# 2 - prefer privacy addresses and use them over the normal addresses. |
||||
net.ipv6.conf.all.use_tempaddr = 0 |
||||
net.ipv6.conf.default.use_tempaddr = 0 |
@ -0,0 +1,9 @@ |
||||
- name: copy over ipv6 kernel configs |
||||
copy: src={{ item.src }} dest={{ item.dest }} |
||||
with_items: |
||||
- { src: '10-ipv6-privacy.conf', dest: '/etc/sysctl.d/10-ipv6-privacy.conf' } |
||||
|
||||
- name: Template disable ra |
||||
template: src={{ item.src }} dest={{ item.dest }} |
||||
with_items: |
||||
- { src: '10-ipv6-disable-ra.conf', dest: '/etc/sysctl.d/10-ipv6-disable-ra.conf' } |
@ -0,0 +1,5 @@ |
||||
net.ipv6.conf.all.accept_ra = 0 |
||||
net.ipv6.conf.default.accept_ra = 0 |
||||
{% for interface in ansible_interfaces %} |
||||
net.ipv6.conf.{{ interface }}.accept_ra = 0 |
||||
{% endfor %} |
Loading…
Reference in new issue