ansible-role-hardening
ansible-role-hardening copied to clipboard
Add conditional handling of ipv6 support on the OS.
I ran into an issue where a Ubuntu 20.04 system did not have ipv6 support, or it was not enabled.
Either way: it wasn't showing up under /proc.
This leads to an issue where if you add these settings via sysctl, every time after that you use sysctl for something, or run an ansible playbook that does something with sysctl, you get an error.
Particularly, that the it cannot stat
a location similar to /proc/.../ipv6/...
This PR adds conditional checking if the required directory exists and if it doesn't, omits setting ipv6 settings.
The approach is to put ipv4, ipv6 and other systctl setting in their own dict, and combining those based on ipv6 being available under /proc
or not.
Thanks! I'll run some tests and merge if okay.
If ready to merge, I'd suggest a squash merge, as the commits have stacked up, and they can be squashed into 1 for the purposes of the merge.
Thanks @KoenDG!