Initial commit, squashed

2023-12-18 11:22:14 +01:00 · 2023-12-18 11:22:14 +01:00 · 158e8740b8
commit 158e8740b8
83 changed files with 2718 additions and 0 deletions
--- a/roles/exit/tasks/dhcp.yml
+++ b/roles/exit/tasks/dhcp.yml
@ -0,0 +1,26 @@
+- name: Install keepalived
+  import_tasks: keepalived.yml
+
+- name: Create keepalive notify script for systemd services
+  copy:
+    dest: /usr/local/bin/
+    src: keepalive-service
+    mode: 0755
+
+- name: Configure DHCP relays
+  template:
+    dest: "/etc/default/isc-dhcp-relay"
+    src: isc-dhcp-relay.j2
+
+- name: Set up keepalived
+  template:
+    dest: /etc/keepalived/keepalived.conf
+    src: keepalived.conf.j2
+    mode: 0600
+  notify: restart keepalived
+
+- name: Enable keepalived
+  service:
+    name: keepalived
+    enabled: yes
+    state: started
--- a/roles/exit/tasks/keepalived.yml
+++ b/roles/exit/tasks/keepalived.yml
@ -0,0 +1,25 @@
+# We should just apt install it but it’s broken with Cumulus 5.4 + Debian 10.
+- name: Install keepalived
+  block:
+  - name: Install deps for keepalived
+    package:
+      name: autoconf,automake,build-essential,pkg-config,libxtables-dev,libip4tc-dev,libip6tc-dev,libipset-dev,libnl-3-dev,libnl-genl-3-dev,libssl-dev
+
+  - name: Checkout keepalived source
+    git:
+      repo: https://github.com/acassen/keepalived
+      dest: /usr/local/src/keepalived
+      version: v2.2.7
+
+  - name: Build and install keepalived
+    shell: |
+      ./autogen.sh
+      ./configure --sysconfdir=/etc
+      make
+      make install
+    args:
+      chdir: /usr/local/src/keepalived
+      creates: /usr/local/sbin/keepalived
+    notify: reload systemd
+
+- meta: flush_handlers
--- a/roles/exit/tasks/main.yml
+++ b/roles/exit/tasks/main.yml
@ -0,0 +1,26 @@
+- name: Set up networks
+  template:
+    dest: /etc/network/interfaces.d/networks.intf
+    src: networks.intf.j2
+    mode: 0644
+  notify: reload interfaces
+
+- name: Set up firewall links
+  template:
+    dest: /etc/network/interfaces.d/firewall.intf
+    src: firewall.intf.j2
+    mode: 0644
+  notify: reload interfaces
+
+- name: Set up FRR
+  template:
+    dest: /etc/frr/frr.conf
+    src: frr.conf.j2
+    mode: 0600
+  notify: reload frr
+
+- name: Set up radvd
+  import_tasks: radvd.yml
+
+- name: Set up DHCP relay
+  import_tasks: dhcp.yml
--- a/roles/exit/tasks/radvd.yml
+++ b/roles/exit/tasks/radvd.yml
@ -0,0 +1,36 @@
+# We should just apt install it but we need features not in released
+# version. Also the cumulus package is two versions behind.
+- name: Install radvd
+  block:
+  - name: Install deps for radvd
+    package:
+      name: autoconf,automake,bison,build-essential,flex,gettext,libtool,pkg-config,libbsd-dev,libbsd0
+
+  - name: Checkout radvd source
+    git:
+      repo: https://github.com/radvd-project/radvd
+      dest: /usr/local/src/radvd
+      version: f67335b5335b6ed5ca68d6fa71c08cccb4f3a629
+
+  - name: Build and install radvd
+    shell: |
+      ./autogen.sh
+      ./configure --without-check
+      make
+      make install
+    args:
+      chdir: /usr/local/src/radvd
+      creates: /usr/local/sbin/radvd
+
+- name: Configure radvd
+  template:
+    dest: /etc/radvd.conf
+    src: radvd.conf.j2
+    mode: 0644
+  notify: restart radvd
+
+- name: Enable radvd
+  service:
+    name: radvd
+    enabled: true
+    state: started