commit fec1339a2d7c16915a97fdf768626e8db684f88c Author: ace Date: Mon Oct 25 12:53:52 2021 +0300 first commit diff --git a/README.md b/README.md new file mode 100644 index 0000000..e69de29 diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..47f20d5 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,10 @@ +--- +- name: restart bird + systemd: + name: bird + state: restarted + daemon_reload: yes + +- name: restart loopback + shell: | + ifdown lo ; ifup lo diff --git a/meta/main.yml b/meta/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..5ef9cb1 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,26 @@ +--- +- name: install bird + package: + name: bird2 + state: present + +- name: add bird config + template: + src: bird.conf.j2 + dest: /etc/bird.conf + notify: + - restart bird + +- name: update ifcfg-lo config + template: + src: ifcfg-lo.j2 + dest: /etc/sysconfig/network-scripts/ifcfg-lo + notify: + - restart loopback + +- name: start bird service + systemd: + name: bird + state: started + enabled: yes + daemon_reload: yes diff --git a/templates/bird.conf.j2 b/templates/bird.conf.j2 new file mode 100644 index 0000000..ef93bc3 --- /dev/null +++ b/templates/bird.conf.j2 @@ -0,0 +1,44 @@ +log syslog all; +router id {{ bird.bgp.common[inventory_hostname].routerid }}; + +protocol device { +} +protocol direct { + disabled; # Disable by default + ipv4; # Connect to default IPv4 table + ipv6; # ... and to default IPv6 table +} +protocol kernel KERNEL4 { + ipv4 { # Connect protocol to IPv4 table by channel + export all; # Export to protocol. default is export none + }; +} +protocol kernel KERNEL6 { + ipv6 { export all; }; +} +{% for protocol_static in bird.bgp.static %} +protocol static {{ protocol_static.name }} { + ipv4; # Again, IPv4 channel with default options +{% for network in protocol_static['networks'][inventory_hostname] %} + route {{ network.ip }}/{{ network.mask_dash }} via "lo" { bgp_local_pref = {{ network.bgp_local_pref }}; }; +{% endfor %} +} +{% endfor %} +{% for protocol_bgp in bird.bgp.bgp %} +protocol bgp {{ protocol_bgp.name }} { + confederation {{ protocol_bgp.confederation }}; + confederation member yes; + local as {{ protocol_bgp.local_asnum }}; + neighbor {{ protocol_bgp.remote_addr }} as {{ protocol_bgp.remote_asnum }}; + hold time 30; + ipv4 { + export filter { +{% for proto in protocol_bgp.export %} + if proto = "{{ proto }}" then accept; +{% endfor %} + else reject; + }; + }; + +} +{% endfor %} diff --git a/templates/ifcfg-lo.j2 b/templates/ifcfg-lo.j2 new file mode 100644 index 0000000..a748591 --- /dev/null +++ b/templates/ifcfg-lo.j2 @@ -0,0 +1,15 @@ +DEVICE=lo +IPADDR=127.0.0.1 +NETMASK=255.0.0.0 +NETWORK=127.0.0.0 +# If you're having problems with gated making 127.0.0.0/8 a martian, +# you can change this to something else (255.255.255.255, for example) +BROADCAST=127.255.255.255 +{% for protocol_static in bird.bgp.static %} +{% for network in protocol_static['networks'][ansible_fqdn] %} +IPADDR{{ loop.index }}={{ network['ip'] }} +NETMASK{{ loop.index }}={{ network['mask'] }} +{% endfor %} +{% endfor %} +ONBOOT=yes +NAME=loopback