From: Ralf Jung <post@ralfj.de>
Date: Fri, 10 Aug 2018 10:59:53 +0000 (+0200)
Subject: better IPv6 network config fix
X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/5b0ee7c4c8d8df834da1e4a4d2f1d6b34c002dda

better IPv6 network config fix
---

diff --git a/playall b/playall
index 8203a0f..98310c0 100755
--- a/playall
+++ b/playall
@@ -3,6 +3,6 @@ set -e
 
 for HOST in $(fgrep 'all:' hosts | sed 's/.*all: *//g'); do
   echo "Playing on $HOST"
-  ansible-playbook site.yml -l "$HOST" "$@"
+  "$(dirname "$0")"/play "$HOST" "$@"
   echo
 done
diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml
index 1280595..5943499 100644
--- a/roles/apache/tasks/main.yml
+++ b/roles/apache/tasks/main.yml
@@ -58,9 +58,24 @@
     dest: /etc/apache2/sites-available/000-default.conf
     src: templates/000-default.conf
   notify: apache
-# work-arounds and hacks
-- name: cronjob to fix apache startup
+# IPv6 autconf issues: DAD makes addresses appear but unusable, which breaks services startup
+- name: tweak apache systemd unit (create dir)
+  file: path=/etc/systemd/system/apache2.service.d state=directory
+- name: tweak apache systemd unit
+  copy:
+    dest: /etc/systemd/system/apache2.service.d/override.conf
+    content: |
+      [Unit]
+      After=network-online.target
+- name: sysconfig to disable DAD
+  copy:
+    dest: /etc/sysctl.d/50-no-dad.conf
+    content: |
+      # Disable DAD so network-online.target works for IPv6
+      net.ipv6.conf.all.accept_dad=0
+- name: cleanup cronjob to fix apache startup
   cron:
     name: "apache2-start-fix"
     minute: "*/5"
     job: "if systemctl is-failed apache2 >/dev/null; then echo 'restarting apache'; systemctl restart apache2; fi"
+    state: absent