add bundle:bird

This commit is contained in:
Franzi 2021-09-29 19:45:18 +02:00
parent fe44417b14
commit 30d4d989fc
Signed by: kunsi
GPG key ID: 12E3D2136B818350
3 changed files with 134 additions and 0 deletions

View file

@ -0,0 +1,41 @@
log syslog all;
router id ${node.metadata.get('bird/my_ip')};
debug protocols all;
ipv4 table master4;
protocol device {
}
protocol kernel {
scan time 30;
ipv4 {
export where source != RTS_STATIC;
};
}
% if node.metadata.get('bird/static_routes', set()):
protocol static {
ipv4;
% for route in sorted(node.metadata.get('bird/static_routes', set())):
route ${route} via ${node.metadata.get('bird/my_ip')};
% endfor
}
% endif
% for name, config in sorted(node.metadata.get('bird/bgp_neighbors', {}).items()):
protocol bgp '${name}' {
local ${config['local_ip']} as ${config['local_as']};
neighbor ${config['neighbor_ip']} as ${config['neighbor_as']};
hold time ${config.get('hold_time', 15)};
error wait time 5, 10;
direct;
ipv4 {
next hop self;
import all;
export all;
};
}
% endfor

17
bundles/bird/items.py Normal file
View file

@ -0,0 +1,17 @@
files = {
'/etc/bird/bird.conf': {
'content_type': 'mako',
'triggers': {
'svc_systemd:bird:reload',
},
},
}
svc_systemd = {
'bird': {
'needs': {
'file:/etc/bird/bird.conf',
'pkg_apt:bird2',
},
},
}

76
bundles/bird/metadata.py Normal file
View file

@ -0,0 +1,76 @@
from ipaddress import ip_network
from bundlewrap.exceptions import NoSuchNode
from bundlewrap.metadata import atomic
defaults = {
'apt': {
'packages': {
'bird2': {},
},
},
'sysctl': {
'options': {
'net.ipv4.ip_forward': '1',
'net.ipv6.conf.all.forwarding': '1',
},
},
}
@metadata_reactor.provides(
'bird/bgp_neighbors',
)
def neighbor_info_from_wireguard(metadata):
neighbors = {}
my_as = repo.libs.s2s.AS_NUMBERS[metadata.get('location')]
for name, config in metadata.get('wireguard/peers', {}).items():
try:
rnode = repo.get_node(name)
except NoSuchNode:
continue
neighbors[name] = {
'local_ip': config['my_ip'],
'local_as': my_as,
'neighbor_ip': config['their_ip'],
'neighbor_as': repo.libs.s2s.AS_NUMBERS[rnode.metadata.get('location')],
}
return {
'bird': {
'bgp_neighbors': neighbors,
},
}
@metadata_reactor.provides(
'bird/my_ip',
)
def my_ip(metadata):
if node.has_bundle('wireguard'):
my_ip = sorted(metadata.get('interfaces/wg0/ips'))[0].split('/')[0]
else:
my_ip = str(sorted(repo.libs.tools.resolve_identifier(repo, node.name))[0])
return {
'bird': {
'my_ip': my_ip,
},
}
@metadata_reactor.provides(
'firewall/port_rules',
)
def firewall(metadata):
sources = set()
for config in metadata.get('bird/bgp_neighbors', {}).values():
sources.add(config['neighbor_ip'])
return {
'firewall': {
'port_rules': {
'179': atomic(sources),
},
},
}