Merge pull request 'unicast_peer' (#2) from unicast_peer into master

Reviewed-on: #2

README.md

@@ -52,6 +52,19 @@ Adresse IPv6 de failover.
 
 *<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
 
+### keepalived_peers
+
+Passer en unicast en utilisant cette liste d'IP.
+
+*<span style="text-decoration: underline">Valeur par défaut:</span> aucune*
+
+### keepalived_notify_script_enabled
+
+Booléen permettant d'activer le script de notification.<br>
+Le script est déployé dans `/etc/keepalived/notify.sh`.
+
+*<span style="text-decoration: underline">Valeur par défaut:</span> `false`*
+
 ### keepalived_track_scripts
 
 Liste de script dont le code retour doit être à zéro pour que le membre conserve ou puisse prendre l'IP de failover.

defaults/main.yml

@@ -11,6 +11,10 @@ keepalived_mail_from: ""
 keepalived_ipv4: ""
 keepalived_ipv6: ""
 
+keepalived_peers: []
+
+keepalived_notify_script_enabled: false
+
 keepalived_track_scripts: []
 # Exemple:
 #  - name: check_haproxy_8080

tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 # tasks file for keepalived
 
-- name: Installer keepalived
+- name: Installer le paquet
   ansible.builtin.apt:
     name: keepalived
   become: true
@@ -15,3 +15,25 @@
     dest: /etc/keepalived/keepalived.conf
   become: true
   notify: Redémarrer keepalived.service
+
+- name: Déployer les scripts
+  ansible.builtin.copy:
+    src: keepalived/notify.sh
+    dest: /etc/keepalived/
+    owner: keepalived_script
+    group: keepalived_script
+    mode: u=rx,g=rx,o=
+  when: keepalived_notify_script_enabled
+  become: true
+  notify: Redémarrer keepalived.service
+
+- name: Déployer le fichier de configuration de sudoers
+  ansible.builtin.copy:
+    src: keepalived/sudoers
+    dest: /etc/sudoers.d/keepalived
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+    validate: /usr/sbin/visudo -cf %s
+  when: "'keepalived/sudoers' is file"
+  become: true

templates/keepalived.j2

@@ -13,6 +13,7 @@ global_defs {
     smtp_connect_timeout 30
 {% endif %}
 
+  script_user keepalived_script
   enable_script_security
   max_auto_priority 50
 }
@@ -40,6 +41,17 @@ vrrp_instance VIP_{{ keepalived_uid }} {
   virtual_router_id {{ keepalived_uid }}
   advert_int 1
 
+{% if keepalived_peers | length > 0 %}
+  unicast_src_ip {{ ansible_facts[keepalived_interface]['ipv4']['address'] }}
+  unicast_peer {
+{% for peer in keepalived_peers %}
+{% if peer != ansible_facts[keepalived_interface]['ipv4']['address'] %}
+    {{ peer }}
+{% endif %}
+{% endfor %}
+  }
+{% endif %}
+
 {% if keepalived_ipv4 | length > 0 %}
   virtual_ipaddress {
     {{ keepalived_ipv4 }} dev {{ keepalived_interface }} scope global
@@ -52,6 +64,10 @@ vrrp_instance VIP_{{ keepalived_uid }} {
   }
 {% endif %}
 
+{% if keepalived_notify_script_enabled %}
+  notify /etc/keepalived/notify.sh
+{% endif %}
+
 {% if keepalived_track_scripts | length > 0 %}
   track_script {
 {% for script in keepalived_track_scripts %}