From 972364516ba400878b9e06fe239c1f07d751d4fa Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Thu, 13 Jun 2024 22:39:18 +0200 Subject: tnet --- tnet/bird-config.yml | 20 ----------------- tnet/bird-deploy.yml | 26 +++++++++++++++++++++ tnet/bird-gen.yml | 20 ++++++++++++++--- tnet/bird-install.yml | 2 +- tnet/files/akili/bird-tnet-pre.conf | 7 ++++++ tnet/files/akili/bird-tnet.conf | 8 ------- tnet/files/astyanax/bird-tnet-pre.conf | 7 ++++++ tnet/files/astyanax/bird-tnet.conf | 8 ------- tnet/files/hash/bird-tnet-pre.conf | 7 ++++++ tnet/files/hash/bird-tnet.conf | 8 ------- tnet/files/knot/bird-tnet-pre.conf | 7 ++++++ tnet/files/knot/bird-tnet.conf | 8 ------- tnet/files/kv24ix/bird-tnet.conf | 41 ---------------------------------- tnet/files/lhn2ix/bird-tnet.conf | 41 ---------------------------------- tnet/files/lhn2pi/bird-tnet-pre.conf | 7 ++++++ tnet/files/lhn2pi/bird-tnet.conf | 8 ------- tnet/files/node1/bird-tnet-pre.conf | 7 ++++++ tnet/files/node1/bird-tnet.conf | 8 ------- tnet/files/node2/bird-tnet-pre.conf | 7 ++++++ tnet/files/node2/bird-tnet.conf | 8 ------- tnet/templates/bird-tnet-pre.conf.j2 | 7 ++++++ tnet/templates/bird-tnet.conf.j2 | 8 ------- 22 files changed, 100 insertions(+), 170 deletions(-) delete mode 100644 tnet/bird-config.yml create mode 100644 tnet/bird-deploy.yml create mode 100644 tnet/files/akili/bird-tnet-pre.conf create mode 100644 tnet/files/astyanax/bird-tnet-pre.conf create mode 100644 tnet/files/hash/bird-tnet-pre.conf create mode 100644 tnet/files/knot/bird-tnet-pre.conf delete mode 100644 tnet/files/kv24ix/bird-tnet.conf delete mode 100644 tnet/files/lhn2ix/bird-tnet.conf create mode 100644 tnet/files/lhn2pi/bird-tnet-pre.conf create mode 100644 tnet/files/node1/bird-tnet-pre.conf create mode 100644 tnet/files/node2/bird-tnet-pre.conf create mode 100644 tnet/templates/bird-tnet-pre.conf.j2 (limited to 'tnet') diff --git a/tnet/bird-config.yml b/tnet/bird-config.yml deleted file mode 100644 index fcffa4d..0000000 --- a/tnet/bird-config.yml +++ /dev/null @@ -1,20 +0,0 @@ -- hosts: tnet - tasks: - - become: yes - copy: - dest: /etc/bird/bird-tnet.conf - src: "{{ inventory_hostname }}/bird-tnet.conf" - register: bird_conf - - - systemd: - state: reloaded - service: bird - when: bird_conf.changed - become: yes - handlers: - - name: systemctl reload bird - become: yes - systemd: - name: bird - state: reloaded - diff --git a/tnet/bird-deploy.yml b/tnet/bird-deploy.yml new file mode 100644 index 0000000..ed7cecf --- /dev/null +++ b/tnet/bird-deploy.yml @@ -0,0 +1,26 @@ +- hosts: tnet_bird + tasks: + - become: yes + copy: + dest: "/etc/bird/{{ item }}" + src: "{{ inventory_hostname }}/{{ item }}" + owner: bird + group: bird + mode: 0640 + register: bird_conf + loop: + - bird-tnet-pre.conf + - bird-tnet.conf + + - systemd: + state: reloaded + service: bird + when: bird_conf.changed + become: yes + handlers: + - name: systemctl reload bird + become: yes + systemd: + name: bird + state: reloaded + diff --git a/tnet/bird-gen.yml b/tnet/bird-gen.yml index 17e8128..9fa71b1 100644 --- a/tnet/bird-gen.yml +++ b/tnet/bird-gen.yml @@ -1,11 +1,25 @@ +- name: Remove old configuration + hosts: localhost + connection: local + gather_facts: False + tasks: + - file: + path: files + state: absent + changed_when: False + - name: Generate Bird configuration - hosts: tnet + hosts: tnet_bird connection: local gather_facts: False tasks: - file: path: files/{{ inventory_hostname }} state: directory + changed_when: False - template: - src: bird-tnet.conf.j2 - dest: files/{{ inventory_hostname }}/bird-tnet.conf + src: "{{ item }}.j2" + dest: "files/{{ inventory_hostname }}/{{ item }}" + loop: + - bird-tnet-pre.conf + - bird-tnet.conf diff --git a/tnet/bird-install.yml b/tnet/bird-install.yml index c52ce50..49aed92 100644 --- a/tnet/bird-install.yml +++ b/tnet/bird-install.yml @@ -1,5 +1,5 @@ - hosts: - - bgp + - tnet_bird tasks: - name: Install bird2 become: yes diff --git a/tnet/files/akili/bird-tnet-pre.conf b/tnet/files/akili/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/akili/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/akili/bird-tnet.conf b/tnet/files/akili/bird-tnet.conf index 3c53d79..f9b9d08 100644 --- a/tnet/files/akili/bird-tnet.conf +++ b/tnet/files/akili/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/astyanax/bird-tnet-pre.conf b/tnet/files/astyanax/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/astyanax/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/astyanax/bird-tnet.conf b/tnet/files/astyanax/bird-tnet.conf index 8fa46b9..d697e54 100644 --- a/tnet/files/astyanax/bird-tnet.conf +++ b/tnet/files/astyanax/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/hash/bird-tnet-pre.conf b/tnet/files/hash/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/hash/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/hash/bird-tnet.conf b/tnet/files/hash/bird-tnet.conf index b2afdc8..16ce2cc 100644 --- a/tnet/files/hash/bird-tnet.conf +++ b/tnet/files/hash/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/knot/bird-tnet-pre.conf b/tnet/files/knot/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/knot/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/knot/bird-tnet.conf b/tnet/files/knot/bird-tnet.conf index 32f06cb..fcecc19 100644 --- a/tnet/files/knot/bird-tnet.conf +++ b/tnet/files/knot/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/kv24ix/bird-tnet.conf b/tnet/files/kv24ix/bird-tnet.conf deleted file mode 100644 index a8fb14c..0000000 --- a/tnet/files/kv24ix/bird-tnet.conf +++ /dev/null @@ -1,41 +0,0 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - -template bgp tnet_tpl { - local as 4242423538; - neighbor internal; - - direct; - - password "trygvis"; - - ipv6 { - next hop self; - import filter { - if is_tnet() then { - print proto, ": import accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": import reject, reason=not tnet"; reject; - }; - # newer bird's only - # import keep filtered; - export filter { - if is_tnet() then { - print proto, ": export accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": export reject, reason=not tnet"; reject; - }; - }; -} - -protocol bgp tnet_knot from tnet_tpl { - neighbor fdb1:4242:3538:ffff:ea4:11cb:863:5252; - interface "tnet-knot"; -} diff --git a/tnet/files/lhn2ix/bird-tnet.conf b/tnet/files/lhn2ix/bird-tnet.conf deleted file mode 100644 index b020368..0000000 --- a/tnet/files/lhn2ix/bird-tnet.conf +++ /dev/null @@ -1,41 +0,0 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - -template bgp tnet_tpl { - local as 4242423538; - neighbor internal; - - direct; - - password "trygvis"; - - ipv6 { - next hop self; - import filter { - if is_tnet() then { - print proto, ": import accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": import reject, reason=not tnet"; reject; - }; - # newer bird's only - # import keep filtered; - export filter { - if is_tnet() then { - print proto, ": export accept, net=", net, ", from=", from, ", gw=", gw; - accept; - } - print proto, ": export reject, reason=not tnet"; reject; - }; - }; -} - -protocol bgp tnet_knot from tnet_tpl { - neighbor fdb1:4242:3538:ffff:18b7:d3ec:5608:db9a; - interface "tnet-knot"; -} diff --git a/tnet/files/lhn2pi/bird-tnet-pre.conf b/tnet/files/lhn2pi/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/lhn2pi/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/lhn2pi/bird-tnet.conf b/tnet/files/lhn2pi/bird-tnet.conf index 5d5939b..864ad0b 100644 --- a/tnet/files/lhn2pi/bird-tnet.conf +++ b/tnet/files/lhn2pi/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/node1/bird-tnet-pre.conf b/tnet/files/node1/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/node1/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/node1/bird-tnet.conf b/tnet/files/node1/bird-tnet.conf index ebf0160..88bd6f8 100644 --- a/tnet/files/node1/bird-tnet.conf +++ b/tnet/files/node1/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/files/node2/bird-tnet-pre.conf b/tnet/files/node2/bird-tnet-pre.conf new file mode 100644 index 0000000..7994dfe --- /dev/null +++ b/tnet/files/node2/bird-tnet-pre.conf @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() # -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/files/node2/bird-tnet.conf b/tnet/files/node2/bird-tnet.conf index 813b0f5..99dfc5e 100644 --- a/tnet/files/node2/bird-tnet.conf +++ b/tnet/files/node2/bird-tnet.conf @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; diff --git a/tnet/templates/bird-tnet-pre.conf.j2 b/tnet/templates/bird-tnet-pre.conf.j2 new file mode 100644 index 0000000..ba012cf --- /dev/null +++ b/tnet/templates/bird-tnet-pre.conf.j2 @@ -0,0 +1,7 @@ +define tnet = fdb1:4242:3538::/48; +define tnet_router = fdb1:4242:3538:ffff::/64; + +function is_tnet() -> bool +{ + return net ~ tnet && ! (net ~ tnet_router); +} diff --git a/tnet/templates/bird-tnet.conf.j2 b/tnet/templates/bird-tnet.conf.j2 index 6e1ba0e..57e557a 100644 --- a/tnet/templates/bird-tnet.conf.j2 +++ b/tnet/templates/bird-tnet.conf.j2 @@ -1,11 +1,3 @@ -define tnet = fdb1:4242:3538::/48; -define tnet_router = fdb1:4242:3538:ffff::/64; - -function is_tnet() -> bool -{ - return net ~ tnet && ! (net ~ tnet_router); -} - template bgp tnet_tpl { local as 4242423538; neighbor internal; -- cgit v1.2.3