Update to 2021-12-01 19:13

roles/network/defaults/main.yml

@@ -0,0 +1,32 @@
+---
+
+net_ipv4_forward: no
+
+net_if: []
+# net_if:
+#   - name: vlan500
+#     type: vlan
+#     vlanid: 500
+#     vlandev: eth3
+#     bridge: brprd
+#   - name: brprd
+#     type: bridge
+#     ip4:
+#       method: static|dhcp
+#       addr:
+#         - 10.22.4.5/32
+#       gw: 10.22.4.1
+#       dns:
+#         - 10.22.4.1
+#         - 1.1.1.1
+
+net_if_defaults:
+  type: ethernet
+  ip4:
+    enabled: True
+    method: static
+    addr: []
+  ip6:
+    enabled: False
+
+...

roles/network/handlers/main.yml

@@ -0,0 +1,9 @@
+---
+
+- name: reload network
+  command: nmcli conn reload
+  notify: reload interfaces
+
+- name: reload interfaces
+  command: nmcli conn up {{ item.name }}
+  loop: "{{ net_if }}"

roles/network/tasks/main.yml

@@ -0,0 +1,27 @@
+---
+
+- name: Configure IPv4 Forwarding
+  sysctl: name="net.ipv4.ip_forward" value={{ net_ipv4_forward | ternary('1', '0') }} sysctl_file=/etc/sysctl.d/network.conf sysctl_set=yes state=present reload=yes
+  when: ansible_virtualization_type != 'systemd-nspawn'
+
+- name: Deploy /etc/hosts
+  template: src=hosts.j2 dest=/etc/hosts
+
+- name: Prevent PVE from changing /etc/hosts
+  copy: content='' dest=/etc/.pve-ignore.hosts
+  when: ansible_virtualization_type == 'lxc'
+
+- name: Merge interface settings with defaults
+  set_fact: net_if_conf={{ net_if_conf | default([]) + [ net_if_defaults | combine(item, recursive=True) ] }}
+  with_items: "{{ net_if }}"
+  tags: net,conf
+- set_fact: net_if={{ net_if_conf | default([]) }}
+  tags: net,conf
+
+- name: Deploy interface configuration
+  template: src=ifcfg.j2 dest=/etc/sysconfig/network-scripts/ifcfg-{{ item.name }}
+  loop: "{{ net_if }}"
+  notify: reload network
+  tags: net,conf
+
+...

roles/network/templates/hosts.j2

@@ -0,0 +1,9 @@
+127.0.0.1 localhost
+::1       localhost6
+{% if net_hosts is not defined or net_hosts | length < 1 %}
+{{ ansible_default_ipv4.address }} {{ inventory_hostname }} {{ inventory_hostname | regex_replace('^([^\.]+)\..*','\\1') }}{% if system_hostname is defined %} {{ system_hostname }}{% endif %} 
+{% else %}
+{% for host in net_hosts %}
+{{ host.ip }}  {{ host.aliases | join(' ') }}
+{% endfor %}
+{% endif %}

roles/network/templates/ifcfg.j2

@@ -0,0 +1,29 @@
+# {{ ansible_managed }}
+ANSIBLE=yes
+NAME={{ item.name }}
+DEVICE={{ item.name }}
+BOOTPROTO={{ (item.ip4.enabled == True and item.ip4.method == 'dhcp') | ternary('dhcp', 'none') }}
+ONBOOT=yes
+{% if item.bridge is defined and item.type != 'bridge' %}
+BRIDGE={{ item.bridge }}
+{% endif %}
+{% if item.type == 'vlan' %}
+TYPE=Vlan
+VLAN=yes
+{% if item.vlanid is defined %}
+VLAN_ID={{ item.vlanid }}
+{% endif %}
+{% if item.vlandev is defined %}
+PHYSDEV={{ item.vlandev }}
+{% endif %}
+{% elif item.type == 'bridge' %}
+TYPE=Bridge
+STP=off
+{% endif %}
+{% if item.ip4.enabled == True and item.ip4.method != 'dhcp' %}
+{% for addr in item.ip4.addr | default([]) %}
+IPADDR{{ ansible_loop.index0 }}={{ addr.split('/')[0] }}
+PREFIX{{ ansible_loop.index0 }}={{ addr.split('/')[1] }}
+{% endfor %}
+{% endif %}
+IPV6INIT=no