chzerv.sysctl
Ansible Role: sysctl
NOTE: This role is mostly tested locally using Vagrant virtual machines. The Continuous Integration (CI) uses molecule, but it won’t apply any sysctl settings if the target is a container, because it’s likely to fail (even for privileged containers).
This role is used to configure sysctl settings on a Linux system.
Requirements
None
Role Variables
sysctl_set: true
When set to true, the value will be checked before applying it.
sysctl_reload: true
When set to true, sysctl will be reloaded (using sysctl -p) after the configuration file is updated.
sysctl_file: "/etc/sysctl.d/99-sysctl.conf"
The path to the file where the configuration will be saved.
sysctl_entries: []
# sysctl_entries:
# - name: net.ipv4.ip_forward
# value: 1
# state: present
# sysctl_set: "{{ sysctl_set }}"
# reload: "{{ sysctl_reload }}"
# sysctl_file: "{{ sysctl_file }}"
Here you define the settings you want to apply.
nameandvalueare required; the rest can be set globally (like above) or individually per entry.stateispresentby default, but can be changed toabsentto remove a setting.Note: You can specify multiple entries at once, like this:
sysctl_entries: - name: net.ipv4.ip_forward value: 1 - name: kernel.kptr_restrict value: 1 state: absent sysctl_set: false reload: true
Dependencies
None
Example Playbook
- hosts: server
vars:
sysctl_entries:
- name: net.ipv4.ip_forward
value: 1
state: present
- name: kernel.kexec_load_disabled
value: 1
reload: true
sysctl_set: true
state: absent
roles:
- { role: chzerv.sysctl }
License
MIT / BSD
Author Information
Xristos Zervakis
ansible-galaxy install chzerv.sysctl