better IPv6 network config fix

diff --git a/playall b/playall
index 8203a0f1120b1a12485d290e10537f29e21c1115..98310c0fbe5cd2dca627af731f50689783027c67 100755 (executable)
--- a/playall
+++ b/playall
@@ -3,6 +3,6 @@ set -e
 
 for HOST in $(fgrep 'all:' hosts | sed 's/.*all: *//g'); do
   echo "Playing on $HOST"
-  ansible-playbook site.yml -l "$HOST" "$@"
+  "$(dirname "$0")"/play "$HOST" "$@"
   echo
 done

diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml
index 1280595d07711aa74819f66ad5deb0c8bf60e680..5943499d81585d8c014e8a1ef3c300ee620a1566 100644 (file)
--- a/roles/apache/tasks/main.yml
+++ b/roles/apache/tasks/main.yml
@@ -58,9 +58,24 @@
     dest: /etc/apache2/sites-available/000-default.conf
     src: templates/000-default.conf
   notify: apache
-# work-arounds and hacks
-- name: cronjob to fix apache startup
+# IPv6 autconf issues: DAD makes addresses appear but unusable, which breaks services startup
+- name: tweak apache systemd unit (create dir)
+  file: path=/etc/systemd/system/apache2.service.d state=directory
+- name: tweak apache systemd unit
+  copy:
+    dest: /etc/systemd/system/apache2.service.d/override.conf
+    content: |
+      [Unit]
+      After=network-online.target
+- name: sysconfig to disable DAD
+  copy:
+    dest: /etc/sysctl.d/50-no-dad.conf
+    content: |
+      # Disable DAD so network-online.target works for IPv6
+      net.ipv6.conf.all.accept_dad=0
+- name: cleanup cronjob to fix apache startup
   cron:
     name: "apache2-start-fix"
     minute: "*/5"
     job: "if systemctl is-failed apache2 >/dev/null; then echo 'restarting apache'; systemctl restart apache2; fi"
+    state: absent