[proxy] Enable IP forwarding and ARP and NDP proxies

Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>

group_vars/arpproxy.yml

@@ -9,3 +9,5 @@ glob_service_proxy:
   cron:
     frequency: "* * * * *"
     options: "--alter"
+  proto_id: 201
+  main_interface: ens18

plays/arpproxy.yml

@@ -5,3 +5,4 @@
     service: "{{ glob_service_proxy | default({}) | combine(loc_service_proxy | default({})) }}"
   roles:
     - service
+    - arpproxy

roles/arpproxy/tasks/main.yml

@@ -0,0 +1,22 @@
+---
+- name: Register proto proxy
+  lineinfile:
+    path: /etc/iproute2/rt_protos.d/proxy.conf
+    regexp: "^\\d+ proxy$"
+    line: "{{ service.proto_id }} {{ service.config.protocol }}"
+    owner: root
+    group: root
+    mode: 0644
+
+- name: Enable IP forward and ARP and NDP proxies
+  sysctl:
+    name: "{{ item.name }}"
+    value: "1"
+    sysctl_file: "/etc/sysctl.d/{{ item.file }}.conf"
+    sysctl_set: true
+    reload: true
+  loop:
+    - {name: "net.ipv4.ip_forward", file: "10-forwarding"}
+    - {name: "net.ipv6.conf.all.forwarding", file: "10-forwarding"}
+    - {name: "net.ipv4.conf.{{ service.main_interface }}.proxy_arp", file: "11-proxy-{{ service.main_interface }}"}
+    - {name: "net.ipv6.conf.{{ service.main_interface }}.proxy_ndp", file: "11-proxy-{{ service.main_interface }}"}