add bundle:bird
This commit is contained in:
parent
fe44417b14
commit
30d4d989fc
GPG key ID:
12E3D2136B818350
3 changed files with 134 additions and 0 deletions
41
bundles/bird/files/bird.conf
Normal file
41
bundles/bird/files/bird.conf
Normal file
|
|
@ -0,0 +1,41 @@
|
|||
log syslog all;
|
||||
router id ${node.metadata.get('bird/my_ip')};
|
||||
debug protocols all;
|
||||
|
||||
ipv4 table master4;
|
||||
|
||||
protocol device {
|
||||
}
|
||||
|
||||
protocol kernel {
|
||||
scan time 30;
|
||||
ipv4 {
|
||||
export where source != RTS_STATIC;
|
||||
};
|
||||
}
|
||||
% if node.metadata.get('bird/static_routes', set()):
|
||||
|
||||
protocol static {
|
||||
ipv4;
|
||||
|
||||
% for route in sorted(node.metadata.get('bird/static_routes', set())):
|
||||
route ${route} via ${node.metadata.get('bird/my_ip')};
|
||||
% endfor
|
||||
}
|
||||
% endif
|
||||
% for name, config in sorted(node.metadata.get('bird/bgp_neighbors', {}).items()):
|
||||
|
||||
protocol bgp '${name}' {
|
||||
local ${config['local_ip']} as ${config['local_as']};
|
||||
neighbor ${config['neighbor_ip']} as ${config['neighbor_as']};
|
||||
hold time ${config.get('hold_time', 15)};
|
||||
error wait time 5, 10;
|
||||
direct;
|
||||
|
||||
ipv4 {
|
||||
next hop self;
|
||||
import all;
|
||||
export all;
|
||||
};
|
||||
}
|
||||
% endfor
|
||||
17
bundles/bird/items.py
Normal file
17
bundles/bird/items.py
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
files = {
|
||||
'/etc/bird/bird.conf': {
|
||||
'content_type': 'mako',
|
||||
'triggers': {
|
||||
'svc_systemd:bird:reload',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
svc_systemd = {
|
||||
'bird': {
|
||||
'needs': {
|
||||
'file:/etc/bird/bird.conf',
|
||||
'pkg_apt:bird2',
|
||||
},
|
||||
},
|
||||
}
|
||||
76
bundles/bird/metadata.py
Normal file
76
bundles/bird/metadata.py
Normal file
|
|
@ -0,0 +1,76 @@
|
|||
from ipaddress import ip_network
|
||||
from bundlewrap.exceptions import NoSuchNode
|
||||
from bundlewrap.metadata import atomic
|
||||
|
||||
defaults = {
|
||||
'apt': {
|
||||
'packages': {
|
||||
'bird2': {},
|
||||
},
|
||||
},
|
||||
'sysctl': {
|
||||
'options': {
|
||||
'net.ipv4.ip_forward': '1',
|
||||
'net.ipv6.conf.all.forwarding': '1',
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'bird/bgp_neighbors',
|
||||
)
|
||||
def neighbor_info_from_wireguard(metadata):
|
||||
neighbors = {}
|
||||
my_as = repo.libs.s2s.AS_NUMBERS[metadata.get('location')]
|
||||
|
||||
for name, config in metadata.get('wireguard/peers', {}).items():
|
||||
try:
|
||||
rnode = repo.get_node(name)
|
||||
except NoSuchNode:
|
||||
continue
|
||||
|
||||
neighbors[name] = {
|
||||
'local_ip': config['my_ip'],
|
||||
'local_as': my_as,
|
||||
'neighbor_ip': config['their_ip'],
|
||||
'neighbor_as': repo.libs.s2s.AS_NUMBERS[rnode.metadata.get('location')],
|
||||
}
|
||||
|
||||
return {
|
||||
'bird': {
|
||||
'bgp_neighbors': neighbors,
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'bird/my_ip',
|
||||
)
|
||||
def my_ip(metadata):
|
||||
if node.has_bundle('wireguard'):
|
||||
my_ip = sorted(metadata.get('interfaces/wg0/ips'))[0].split('/')[0]
|
||||
else:
|
||||
my_ip = str(sorted(repo.libs.tools.resolve_identifier(repo, node.name))[0])
|
||||
|
||||
return {
|
||||
'bird': {
|
||||
'my_ip': my_ip,
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@metadata_reactor.provides(
|
||||
'firewall/port_rules',
|
||||
)
|
||||
def firewall(metadata):
|
||||
sources = set()
|
||||
for config in metadata.get('bird/bgp_neighbors', {}).values():
|
||||
sources.add(config['neighbor_ip'])
|
||||
|
||||
return {
|
||||
'firewall': {
|
||||
'port_rules': {
|
||||
'179': atomic(sources),
|
||||
},
|
||||
},
|
||||
}
|
||||
Loading…
Reference in a new issue