bundles/radvd: introduce, add to home.router

This commit is contained in:
Franzi 2020-11-14 11:47:44 +01:00
parent fa224a9939
commit 644eb37b82
Signed by: kunsi
GPG key ID: 12E3D2136B818350
6 changed files with 77 additions and 0 deletions

View file

@ -0,0 +1,3 @@
#!/bin/bash
systemctl stop radvd

View file

@ -0,0 +1,3 @@
#!/bin/bash
systemctl start radvd

View file

@ -0,0 +1,16 @@
% for interface, config in sorted(interfaces.items()):
interface ${interface}
{
AdvSendAdvert on;
prefix ${config.get('prefix', '::/64')}
{
AdvOnLink on;
AdvAutonomous on;
AdvRouterAddr on;
};
RDNSS ${' '.join(sorted(config['rdnss']))}
{
AdvRDNSSLifetime 900;
};
};
% endfor

36
bundles/radvd/items.py Normal file
View file

@ -0,0 +1,36 @@
if node.metadata.get('radvd', {}).get('integrate-with-pppd', False):
files['/etc/ppp/ip-up.d/radvd'] = {
'source': 'ip-up',
'mode': '0755',
}
files['/etc/ppp/ip-down.d/radvd'] = {
'source': 'ip-down',
'mode': '0755',
}
# Will be started and stopped by pppd.
should_be_running = None
should_be_enabled = False
else:
should_be_running = True
should_be_enabled = True
files['/etc/radvd.conf'] = {
'content_type': 'mako',
'context': {
'interfaces': node.metadata['radvd']['interfaces'],
},
'triggers': {
'svc_systemd:radvd:restart',
},
}
svc_systemd = {
'radvd': {
'running': should_be_running,
'enabled': should_be_enabled,
'needs': {
'file:/etc/radvd.conf',
},
},
}

View file

@ -0,0 +1,7 @@
defaults = {
'apt': {
'packages': {
'radvd': {},
},
},
}

View file

@ -5,6 +5,7 @@ nodes['home.router'] = {
'bundles': { 'bundles': {
'iptables', 'iptables',
'pppd', 'pppd',
'radvd',
'dhcpd', 'dhcpd',
'wide-dhcp6c', 'wide-dhcp6c',
}, },
@ -46,6 +47,17 @@ nodes['home.router'] = {
'nameservers': atomic({ 'nameservers': atomic({
'9.9.9.10', '9.9.9.10',
}), }),
'radvd': {
'integrate-with-pppd': True,
'interfaces': {
'enp1s0.42': {
'rdnss': {
'2001:4860:4860::8888',
'2001:4860:4860::8844',
},
},
},
},
'pppd': { 'pppd': {
'username': vault.decrypt('encrypt$gAAAAABfruZ5AZbgJ3mfMLWqIMx8o4bBRMJsDPD1jElh-vWN_gnhiuZVjrQ1-7Y6zDXNkxXiyhx8rxc2enmvo26axd7EBI8FqknCptXAPruVtDZrBCis4TE='), 'username': vault.decrypt('encrypt$gAAAAABfruZ5AZbgJ3mfMLWqIMx8o4bBRMJsDPD1jElh-vWN_gnhiuZVjrQ1-7Y6zDXNkxXiyhx8rxc2enmvo26axd7EBI8FqknCptXAPruVtDZrBCis4TE='),
'password': vault.decrypt('encrypt$gAAAAABfruaXEDkaFksFMU8g97ydWyJF8p2KcSDJJBlzaOLDsLL6oCDYjG1kMPVESOzqjn8ThtSht1uZDuMCstA-sATmLS-EWQ=='), 'password': vault.decrypt('encrypt$gAAAAABfruaXEDkaFksFMU8g97ydWyJF8p2KcSDJJBlzaOLDsLL6oCDYjG1kMPVESOzqjn8ThtSht1uZDuMCstA-sATmLS-EWQ=='),