From: Ralf Jung Date: Fri, 5 Oct 2018 12:54:54 +0000 (+0200) Subject: another attempt at fixing apache IPv6 listening X-Git-Url: https://git.ralfj.de/ansible.git/commitdiff_plain/d5c82e9fb028dd90bb67704206f27cc03a4e94c1?ds=sidebyside;hp=5e7a1d73a4c17a2eb7f1eaf5244eb5615cf72931 another attempt at fixing apache IPv6 listening --- diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml index 95bf531..fee26ef 100644 --- a/roles/apache/tasks/main.yml +++ b/roles/apache/tasks/main.yml @@ -70,9 +70,11 @@ Wants=network-online.target [Service] Restart=on-failure -- name: sysconfig to disable DAD +- name: cleanup old sysconfig + file: path=/etc/sysctl.d/50-no-dad.conf state=absent +- name: sysconfig to fix IPv6 listening copy: - dest: /etc/sysctl.d/50-no-dad.conf + dest: /etc/sysctl.d/50-ipv6-listen.conf content: | - # Disable DAD so network-online.target works for IPv6 - net.ipv6.conf.all.accept_dad=0 + # Allow binding to IPv6 address before we got that address + net.ipv6.ip_nonlocal_bind=1