From 90249ad43098c8c43d4f6025bdbb4c3afd56ed43 Mon Sep 17 00:00:00 2001
From: Simeon 'n0emis' Keske <git@n0emis.eu>
Date: Wed, 3 Mar 2021 21:30:22 +0100
Subject: [PATCH] allow to template bird configs

---
 defaults/main.yml     |  5 ++++-
 tasks/bird2.yml       |  4 ++--
 tasks/pingfinder.yml  | 14 +++++++++++++-
 templates/wg-quick.j2 | 21 +++++++++++++++++++--
 4 files changed, 38 insertions(+), 6 deletions(-)

diff --git a/defaults/main.yml b/defaults/main.yml
index d704875..4602e90 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -16,13 +16,16 @@ dn42_roa_v6_location: "/etc/bird/roa_dn42_v6.conf"
 dn42_roa_cronjob: "curl -sfSLR -o{{ dn42_roa_v4_location }} -z{{ dn42_roa_v4_location }} {{ dn42_roa_v4_source }} && curl -sfSLR -o{{ dn42_roa_v6_location }} -z{{ dn42_roa_v6_location }} {{ dn42_roa_v6_source }} && birdc configure"
 
 dn42_pingfinder_enable: no
-dn42_pingfinder_download_url: "https://git.dn42.us/dn42/pingfinder/raw/master/clients/generic-linux-debian-redhat-busybox.sh"
+dn42_pingfinder_download_url: "https://dn42.us/peers/script"
 dn42_pingfinder_location: "/usr/bin/dn42_pingfinder"
 dn42_pingfinder_uuid: ""
 dn42_pingfinder_logfile: "/dev/null"
 
 dn42_configure_linux_network_table: no
 
+dn42_bird2_template: "bird2/bird.conf.j2"
+dn42_bird2_peer_template: "bird2/peer.conf.j2"
+
 dn42_peers:
   - name: "neighbour"
     as: "4242424242"
diff --git a/tasks/bird2.yml b/tasks/bird2.yml
index acfb73d..732464b 100644
--- a/tasks/bird2.yml
+++ b/tasks/bird2.yml
@@ -8,7 +8,7 @@
 - name: Copy bird config-file
   template:
     dest: /etc/bird/bird.conf
-    src: "bird2/bird.conf.j2"
+    src: "{{ dn42_bird2_template }}"
   notify: reload bird
 
 - name: Ensure birds peer foler exists
@@ -21,7 +21,7 @@
 - name: Copy birds peer config-files
   template:
     dest: "/etc/bird/peers/{{ peer.name }}.conf"
-    src: "bird2/peer.conf.j2"
+    src: "{{ dn42_bird2_peer_template }}"
   when: (not peer.state is defined) or peer.state != "absent"
   loop: "{{ dn42_peers }}"
   loop_control:
diff --git a/tasks/pingfinder.yml b/tasks/pingfinder.yml
index a6b0946..740224b 100644
--- a/tasks/pingfinder.yml
+++ b/tasks/pingfinder.yml
@@ -7,8 +7,20 @@
     group: "root"
     mode: "0755"
 
+- name: Set pingfinder UUID
+  cron:
+    name: "UUID"
+    job: "{{ dn42_pingfinder_uuid }}"
+    env: yes
+
+- name: Set pingfinder LOGFILE
+  cron:
+    name: "LOGFILE"
+    job: "{{ dn42_pingfinder_logfile }}"
+    env: yes
+
 - name: Add Pingfinder Cronjob
   cron:
     name: Run Pingfinder
-    job: "UUID={{ dn42_pingfinder_uuid }} LOGFILE={{ dn42_pingfinder_logfile }} {{ dn42_pingfinder_location }}"
+    job: "{{ dn42_pingfinder_location }}"
     minute: "*/5"
diff --git a/templates/wg-quick.j2 b/templates/wg-quick.j2
index 5c80ff5..ae4a887 100644
--- a/templates/wg-quick.j2
+++ b/templates/wg-quick.j2
@@ -1,7 +1,24 @@
+{%- set ifname = peer.if.name | default(dn42_wg_default_if_prefix + peer.name) -%}
+{%- set localv4 = peer.if.v4 | default(dn42_local_v4) -%}
+{%- set localv6 = peer.if.v6 | default(dn42_local_v6) -%}
+{%- if dn42_configure_linux_network_table -%}
+{%- set table = "42" -%}
+{%- else -%}
+{%- set table = "main" -%}
+{%- endif -%}
+
 [Interface]
 PrivateKey = {{ peer.wg.privkey | default(dn42_wg_private_key) }}
-Address = {{ peer.if.v4 | default(dn42_local_v4) }}/32, {{ peer.if.v6 | default(dn42_local_v6) }}/128
-PostUp = {% if peer.v4 is defined %}/sbin/ip addr del dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 && /sbin/ip addr add dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v4 | default(dn42_local_v4) }}/32 peer {{ peer.v4 }}/32 && {% endif %}{% if peer.v6 is defined %}/sbin/ip addr del dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 && /sbin/ip addr add dev {{ peer.if.name | default(dn42_wg_default_if_prefix + peer.name) }} {{ peer.if.v6 | default(dn42_local_v6) }}/128 peer {{ peer.v6 }}/128{% endif %}
+Address = {{ localv4 }}/32, {{ localv6 }}/128
+PostUp = {% if peer.v4 is defined -%}
+/sbin/ip addr del dev {{ ifname }} {{ localv4 }}/32 && {# ... -#}
+/sbin/ip addr add dev {{ ifname }} {{ localv4 }}/32 peer {{ peer.v4 }}/32
+{%- if peer.v6 is defined %} && {% endif -%}
+{%- endif %}{% if peer.v6 is defined -%}
+/sbin/ip addr del dev {{ ifname }} {{ localv6 }}/128 && {# ... -#}
+/sbin/ip addr add dev {{ ifname }} {{ localv6 }}/128 peer {{ peer.v6 }}/128 && {# ... -#}
+ip -6 r add {{ peer.v6 }}/128 dev {{ ifname }} table {{ table }} || true
+{%- endif %}
 
 Table = off
 ListenPort = {{ peer.wg.port }}