From 46cafb2f9ae259906affb14767d2f853dadd22be Mon Sep 17 00:00:00 2001
From: uvok cheetah
Date: Sun, 24 Mar 2024 19:13:09 +0100
Subject: Fixup tinc role

- add handler to restart
- add variables
- add IP addresses
---
 host_vars/firstroot             |  4 +++-
 host_vars/hetzner               |  8 ++++++++
 host_vars/netcup                |  7 +++++++
 roles/tinc/defaults/main.yml    |  1 +
 roles/tinc/handlers/main.yml    |  7 +++++++
 roles/tinc/tasks/tinc.yml       | 11 ++++++++++-
 roles/tinc/templates/tinc-up.j2 |  4 +++-
 7 files changed, 39 insertions(+), 3 deletions(-)
 create mode 100644 host_vars/hetzner
 create mode 100644 host_vars/netcup
 create mode 100644 roles/tinc/defaults/main.yml
 create mode 100644 roles/tinc/handlers/main.yml

diff --git a/host_vars/firstroot b/host_vars/firstroot
index 2c6b7b7..7bec76d 100644
--- a/host_vars/firstroot
+++ b/host_vars/firstroot
@@ -2,7 +2,9 @@ tinc:
   configure: true
   name: firstroot
   connections: [hetzner]
-  address: fe80::10/64
+  address:
+    - fe80::10/64
+    - 10.2.0.10/24
   listen_on: any
   extra_up:
     - sysctl -w net.ipv4.conf.${INTERFACE}.forwarding=1
diff --git a/host_vars/hetzner b/host_vars/hetzner
new file mode 100644
index 0000000..02b9c22
--- /dev/null
+++ b/host_vars/hetzner
@@ -0,0 +1,8 @@
+tinc:
+  configure: true
+  name: hetzner
+  connections: [netcup]
+  address:
+    - fe80::1/64
+    - 10.2.0.1/24
+  listen_on: any
diff --git a/host_vars/netcup b/host_vars/netcup
new file mode 100644
index 0000000..9d49382
--- /dev/null
+++ b/host_vars/netcup
@@ -0,0 +1,7 @@
+tinc:
+  configure: true
+  name: netcup
+  connections: [hetzner]
+  address:
+    - fe80::2/64
+  listen_on: any
diff --git a/roles/tinc/defaults/main.yml b/roles/tinc/defaults/main.yml
new file mode 100644
index 0000000..41ec8a3
--- /dev/null
+++ b/roles/tinc/defaults/main.yml
@@ -0,0 +1 @@
+tinc_netname: tn_int
diff --git a/roles/tinc/handlers/main.yml b/roles/tinc/handlers/main.yml
new file mode 100644
index 0000000..fadb8d5
--- /dev/null
+++ b/roles/tinc/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+# handlers file for uvok_tinc
+- name: Apply Tinc config
+  listen: configure tinc
+  service:
+    name: "tinc@{{ tinc_netname }}"
+    state: restarted
diff --git a/roles/tinc/tasks/tinc.yml b/roles/tinc/tasks/tinc.yml
index 2673a59..a76ad8e 100644
--- a/roles/tinc/tasks/tinc.yml
+++ b/roles/tinc/tasks/tinc.yml
@@ -8,14 +8,16 @@
   template:
     src: tinc.conf.j2
     dest: /etc/tinc/tn_int/tinc.conf
-    mode: '0750'
+    mode: '0640'
   tags:
     - tconfig
+  notify: configure bird
 - name: Install tinc-up template
   template:
     src: tinc-up.j2
     dest: /etc/tinc/tn_int/tinc-up
     mode: '0740'
+  notify: configure bird
   tags:
     - tconfig
 - name: Copy remaining files
@@ -25,6 +27,7 @@
     archive: false
     recursive: true
     times: true
+  notify: configure bird
 - name: Make scripts executable
   file:
     path: "/etc/tinc/tn_int/{{ item }}"
@@ -33,3 +36,9 @@
     - tinc-down
   tags:
     - exec
+- name: Ensure tinc is enabled
+  service:
+    name: "tinc@{{ tinc_netname }}"
+    daemon_reload: true
+    enabled: true
+  when: ansible_os_family != "OpenWrt"
diff --git a/roles/tinc/templates/tinc-up.j2 b/roles/tinc/templates/tinc-up.j2
index 8c26aa9..92aa782 100755
--- a/roles/tinc/templates/tinc-up.j2
+++ b/roles/tinc/templates/tinc-up.j2
@@ -1,7 +1,9 @@
 #!/bin/sh
 ip link set $INTERFACE up
 ip -6 addr flush dev $INTERFACE
-ip addr add {{ tinc.address }} dev $INTERFACE
+{% for addr in tinc.address %}
+ip addr add {{ addr }} dev $INTERFACE
+{% endfor %}
 {% if tinc.extra_up is defined %}
 {% for cmd in tinc.extra_up %}
 {{ cmd }}
-- 
cgit v1.2.3