Add role to set up base Debian server

With sshd in separate management VRF and FRR to announce routes to
self over unnumbered BGP.

roles/debian/templates/fabric.intf.j2

@@ -0,0 +1,6 @@
+{% for iface in ifaces_fabric %}
+auto {{ iface }}
+iface {{ iface }}
+    mtu 9216
+
+{% endfor %}

roles/debian/templates/frr.conf.j2

@@ -0,0 +1,28 @@
+frr defaults datacenter
+service integrated-vtysh-config
+log syslog
+
+router bgp {{ asn }}
+  bgp bestpath as-path multipath-relax
+
+  neighbor fabric peer-group
+  neighbor fabric remote-as external
+  neighbor fabric capability extended-nexthop
+
+{% for iface in ifaces_fabric %}
+  neighbor {{ iface }} interface peer-group fabric
+  neighbor {{ iface }} bfd
+{% endfor %}
+
+  address-family ipv4 unicast
+    redistribute connected route-map loopback
+    neighbor fabric activate
+  exit-address-family
+
+  address-family ipv6 unicast
+    redistribute connected route-map loopback
+    neighbor fabric activate
+  exit-address-family
+
+route-map loopback permit 1
+  match interface lo

roles/debian/templates/interfaces.j2

@@ -0,0 +1,14 @@
+source /etc/network/interfaces.d/*
+
+# Management VRF and link.
+auto mgmt
+iface mgmt
+    address 127.0.0.1/8
+    address ::1/128
+    vrf-table auto
+
+auto {{ iface_mgmt }}
+iface {{ iface_mgmt }}
+    vrf mgmt
+    address {{ ansible_host }}/{{ mgmt_gw | ipaddr('prefix') }}
+    gateway {{ mgmt_gw | ipaddr('address') }}

roles/debian/templates/loopback.intf.j2

@@ -0,0 +1,3 @@
+auto lo
+iface lo inet loopback
+    address {{ router_id }}/32

roles/debian/templates/resolv.conf.j2

@@ -0,0 +1,4 @@
+search {{ domain }}
+{% for server in dns %}
+nameserver {{ server }}
+{% endfor %}