add bundle:bird

bundles/bird/metadata.py

@@ -0,0 +1,76 @@
+from ipaddress import ip_network
+from bundlewrap.exceptions import NoSuchNode
+from bundlewrap.metadata import atomic
+
+defaults = {
+    'apt': {
+        'packages': {
+            'bird2': {},
+        },
+    },
+    'sysctl': {
+        'options': {
+            'net.ipv4.ip_forward': '1',
+            'net.ipv6.conf.all.forwarding': '1',
+        },
+    },
+}
+
+@metadata_reactor.provides(
+    'bird/bgp_neighbors',
+)
+def neighbor_info_from_wireguard(metadata):
+    neighbors = {}
+    my_as = repo.libs.s2s.AS_NUMBERS[metadata.get('location')]
+
+    for name, config in metadata.get('wireguard/peers', {}).items():
+        try:
+            rnode = repo.get_node(name)
+        except NoSuchNode:
+            continue
+
+        neighbors[name] = {
+            'local_ip': config['my_ip'],
+            'local_as': my_as,
+            'neighbor_ip': config['their_ip'],
+            'neighbor_as': repo.libs.s2s.AS_NUMBERS[rnode.metadata.get('location')],
+        }
+
+    return {
+        'bird': {
+            'bgp_neighbors': neighbors,
+        },
+    }
+
+
+@metadata_reactor.provides(
+    'bird/my_ip',
+)
+def my_ip(metadata):
+    if node.has_bundle('wireguard'):
+        my_ip = sorted(metadata.get('interfaces/wg0/ips'))[0].split('/')[0]
+    else:
+        my_ip = str(sorted(repo.libs.tools.resolve_identifier(repo, node.name))[0])
+
+    return {
+        'bird': {
+            'my_ip': my_ip,
+        },
+    }
+
+
+@metadata_reactor.provides(
+    'firewall/port_rules',
+)
+def firewall(metadata):
+    sources = set()
+    for config in metadata.get('bird/bgp_neighbors', {}).values():
+        sources.add(config['neighbor_ip'])
+
+    return {
+        'firewall': {
+            'port_rules': {
+                '179': atomic(sources),
+            },
+        },
+    }