diff options
| author | uvok cheetah | 2024-04-21 15:50:35 +0200 |
|---|---|---|
| committer | uvok cheetah | 2024-04-21 15:50:35 +0200 |
| commit | 2b9a71e8ecb41cc8e9b73735837f07c9b1351ff7 (patch) | |
| tree | 84ff56a440e31ce33bb8ea214ab79391660a4b44 | |
| parent | 293ddf3a4bf78d72fea4b8196e3bbc2d81b3f12e (diff) | |
Changed to bird tole
- rename prefixes to clear_prefixes
- add router id
- add config files
- add handler "change"
| -rw-r--r-- | host_vars/netcup/tinc (renamed from host_vars/netcup) | 0 | ||||
| -rw-r--r-- | roles/uvok_bird/TODO.txt | 4 | ||||
| -rw-r--r-- | roles/uvok_bird/defaults/main.yml | 3 | ||||
| -rw-r--r-- | roles/uvok_bird/files/common.conf | 14 | ||||
| -rw-r--r-- | roles/uvok_bird/files/logging.conf | 11 | ||||
| -rw-r--r-- | roles/uvok_bird/handlers/main.yml | 4 | ||||
| -rw-r--r-- | roles/uvok_bird/tasks/main.yml | 23 | ||||
| -rw-r--r-- | roles/uvok_bird/templates/bird.conf.j2 | 16 | ||||
| -rw-r--r-- | roles/uvok_bird/templates/clearnet.conf.j2 | 5 | ||||
| -rw-r--r-- | roles/uvok_bird/templates/defines.conf.j2 | 4 |
10 files changed, 81 insertions, 3 deletions
diff --git a/host_vars/netcup b/host_vars/netcup/tinc index 9d49382..9d49382 100644 --- a/host_vars/netcup +++ b/host_vars/netcup/tinc diff --git a/roles/uvok_bird/TODO.txt b/roles/uvok_bird/TODO.txt new file mode 100644 index 0000000..6176bb1 --- /dev/null +++ b/roles/uvok_bird/TODO.txt @@ -0,0 +1,4 @@ +- use protocol "description" option +- import limit / receive limit + import limit [number | off ] [action warn | block | restart | disable] +
\ No newline at end of file diff --git a/roles/uvok_bird/defaults/main.yml b/roles/uvok_bird/defaults/main.yml index 7ab4a34..b877f74 100644 --- a/roles/uvok_bird/defaults/main.yml +++ b/roles/uvok_bird/defaults/main.yml @@ -6,5 +6,6 @@ uvok_bird_opts: dn42: false use_fallback: false preferred_ip: "::1" - prefixes: [] + clear_prefixes: [] babel_if_name: + router_id: "0.0.0.0" diff --git a/roles/uvok_bird/files/common.conf b/roles/uvok_bird/files/common.conf new file mode 100644 index 0000000..61917bd --- /dev/null +++ b/roles/uvok_bird/files/common.conf @@ -0,0 +1,14 @@ +# managed by Ansible + +function honor_graceful_shutdown() { + if (65535, 0) ~ bgp_community then { + bgp_local_pref = 0; + } +} + +# The Device protocol is not a real routing protocol. It does not generate any +# routes and it only serves as a module for getting information about network +# interfaces from the kernel. It is necessary in almost any configuration. +protocol device { + scan time 10; +} diff --git a/roles/uvok_bird/files/logging.conf b/roles/uvok_bird/files/logging.conf new file mode 100644 index 0000000..bd9e6e8 --- /dev/null +++ b/roles/uvok_bird/files/logging.conf @@ -0,0 +1,11 @@ +# managed by Ansible + +# log syslog { info, remote, warning, error, auth, fatal, bug }; +log syslog { warning, error, fatal, bug }; +log "/var/log/bird/remote.log" { remote }; +log "/var/log/bird/bugs.log" { bug }; +log "/var/log/bird/trace.log" { trace }; +log "/var/log/bird/debug.log" { debug }; +log "/var/log/bird/info.log" { info }; + +timeformat protocol iso long; diff --git a/roles/uvok_bird/handlers/main.yml b/roles/uvok_bird/handlers/main.yml index aab7d9f..33814c5 100644 --- a/roles/uvok_bird/handlers/main.yml +++ b/roles/uvok_bird/handlers/main.yml @@ -4,6 +4,10 @@ - name: Check config command: birdc configure check listen: configure bird + changed_when: false + register: bird_check_result - name: Apply bird config command: birdc configure soft listen: configure bird + changed_when: true + when: bird_check_result.rc == 0 diff --git a/roles/uvok_bird/tasks/main.yml b/roles/uvok_bird/tasks/main.yml index c3ef063..4bdcf35 100644 --- a/roles/uvok_bird/tasks/main.yml +++ b/roles/uvok_bird/tasks/main.yml @@ -7,7 +7,17 @@ mode: '0750' owner: 'bird' group: 'bird' -- name: Install template +- name: Install common templates + template: + src: '{{ item.src }}' + dest: '{{ item.dest }}' + mode: '0640' + owner: 'bird' + group: 'bird' + loop: + - { src: 'bird.conf.j2', dest: '{{ uvok_bird_opts.config_dir }}/bird.conf' } + - { src: 'defines.conf.j2', dest: '{{ uvok_bird_opts.config_dir }}/defines.conf' } +- name: Install clearnet templates template: src: clearnet.conf.j2 dest: '{{ uvok_bird_opts.config_dir }}/clearnet.conf' @@ -17,3 +27,14 @@ when: - uvok_bird_opts.clearnet notify: configure bird +- name: Copy remaining files + copy: + src: files/{{ item }} + dest: '{{ uvok_bird_opts.config_dir }}/{{ item }}' + mode: '0640' + owner: 'bird' + group: 'bird' + loop: + - "common.conf" + - "logging.conf" + notify: configure bird diff --git a/roles/uvok_bird/templates/bird.conf.j2 b/roles/uvok_bird/templates/bird.conf.j2 new file mode 100644 index 0000000..82452a0 --- /dev/null +++ b/roles/uvok_bird/templates/bird.conf.j2 @@ -0,0 +1,16 @@ +# {{ ansible_managed }} + +include "/etc/bird/logging.conf"; + +include "/etc/bird/defines.conf"; +router id OWNIP; + +include "/etc/bird/common.conf"; + +{% if uvok_bird_opts.dn42 %} +include "/etc/bird/dn42.conf"; +{% endif %} + +{% if uvok_bird_opts.clearnet %} +include "/etc/bird/clearnet.conf"; +{% endif %} diff --git a/roles/uvok_bird/templates/clearnet.conf.j2 b/roles/uvok_bird/templates/clearnet.conf.j2 index 420a8da..1ced3a4 100644 --- a/roles/uvok_bird/templates/clearnet.conf.j2 +++ b/roles/uvok_bird/templates/clearnet.conf.j2 @@ -1,5 +1,8 @@ # {{ ansible_managed }} +include "/etc/bird/clear_defines.conf"; +include "/etc/bird/clear_functions.conf"; + define CLEARNET_PREFIP = {{ uvok_bird_opts.preferred_ip }}; # trs=transit @@ -145,7 +148,7 @@ filter myas_f_rc }; protocol static myprefix { -{% for prefix in uvok_bird_opts.prefixes %} +{% for prefix in uvok_bird_opts.clear_prefixes %} route {{ prefix }} reject; {% endfor %}; diff --git a/roles/uvok_bird/templates/defines.conf.j2 b/roles/uvok_bird/templates/defines.conf.j2 new file mode 100644 index 0000000..8a8d597 --- /dev/null +++ b/roles/uvok_bird/templates/defines.conf.j2 @@ -0,0 +1,4 @@ +# {{ ansible_managed }} + +# both clear and DN42 +define OWNIP = {{ uvok_bird_opts.router_id }}; |