init.sls 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297
  1. #
  2. # Bird routing daemon
  3. #
  4. {%- set roles = salt['pillar.get']('nodes:' ~ grains['id'] ~ ':roles', []) %}
  5. include:
  6. - network.interfaces
  7. bird-repo:
  8. pkgrepo.managed:
  9. - comments: "# Official bird repo"
  10. - human_name: Official bird repository
  11. - name: "deb http://bird.network.cz/debian/ {{ grains['oscodename'] }} main"
  12. - dist: {{ grains['oscodename'] }}
  13. - file: /etc/apt/sources.list.d/bird.list
  14. - key_url: salt://bird/bird_apt.key
  15. bird-pkg:
  16. pkg.installed:
  17. - name: bird
  18. - require:
  19. - pkgrepo: bird-repo
  20. # Make sure both services are enabled
  21. bird:
  22. service.running:
  23. - enable: True
  24. - running: True
  25. bird6:
  26. service.running:
  27. - enable: True
  28. - running: True
  29. # Reload commands for bird{,6} to be tied to files which should trigger reconfiguration
  30. bird-configure:
  31. cmd.wait:
  32. - name: /usr/sbin/birdc configure
  33. - watch: []
  34. bird6-configure:
  35. cmd.wait:
  36. - name: /usr/sbin/birdc6 configure
  37. - watch: []
  38. /etc/bird:
  39. file.directory:
  40. - mode: 750
  41. - user: bird
  42. - group: bird
  43. - require:
  44. - pkg: bird
  45. /etc/bird/bird.d:
  46. file.directory:
  47. - makedirs: true
  48. - mode: 755
  49. - user: root
  50. - group: bird
  51. - require:
  52. - file: /etc/bird
  53. /etc/bird/bird.conf:
  54. file.managed:
  55. - source: salt://bird/bird.conf
  56. - template: jinja
  57. - require:
  58. - file: /etc/bird/bird.d
  59. - require_in:
  60. - service: bird
  61. - watch_in:
  62. - cmd: bird-configure
  63. - mode: 644
  64. - user: root
  65. - group: bird
  66. /etc/bird/bird6.d:
  67. file.directory:
  68. - makedirs: true
  69. - mode: 755
  70. - user: root
  71. - group: bird
  72. - require:
  73. - file: /etc/bird
  74. /etc/bird/bird6.conf:
  75. file.managed:
  76. - source: salt://bird/bird6.conf
  77. - template: jinja
  78. - require:
  79. - file: /etc/bird/bird6.d
  80. - watch_in:
  81. - cmd: bird6-configure
  82. - mode: 644
  83. - user: root
  84. - group: bird
  85. - require_in:
  86. - service: bird6
  87. #
  88. # External VRF / Routing table?
  89. #
  90. /etc/bird/bird.d/VRF_external.conf:
  91. file.managed:
  92. - source: salt://bird/VRF_external.conf
  93. - template: jinja
  94. proto: v4
  95. - watch_in:
  96. - cmd: bird-configure
  97. - require:
  98. - file: /etc/bird/bird.d
  99. - require_in:
  100. - service: bird
  101. /etc/bird/bird6.d/VRF_external.conf:
  102. file.managed:
  103. - source: salt://bird/VRF_external.conf
  104. - template: jinja
  105. proto: v6
  106. - watch_in:
  107. - cmd: bird6-configure
  108. - require:
  109. - file: /etc/bird/bird6.d
  110. - require_in:
  111. - service: bird6
  112. /etc/bird/bird.d/external.conf:
  113. file.absent
  114. /etc/bird/bird6.d/external.conf:
  115. file.absent
  116. #
  117. # IGP / OSPF
  118. #
  119. /etc/bird/bird.d/IGP.conf:
  120. file.managed:
  121. - source: salt://bird/IGP.conf
  122. - template: jinja
  123. proto: v4
  124. - watch_in:
  125. - cmd: bird-configure
  126. - require:
  127. - file: /etc/bird/bird.d
  128. - require_in:
  129. - service: bird
  130. /etc/bird/bird6.d/IGP.conf:
  131. file.managed:
  132. - source: salt://bird/IGP.conf
  133. - template: jinja
  134. proto: v6
  135. - watch_in:
  136. - cmd: bird6-configure
  137. - require:
  138. - file: /etc/bird/bird6.d
  139. - require_in:
  140. - service: bird6
  141. # Compatibility glue
  142. /etc/bird/bird6.d/IGP6.conf:
  143. file.absent:
  144. - watch_in:
  145. - cmd: bird-configure
  146. #
  147. # iBGP
  148. #
  149. /etc/bird/ff-policy.conf:
  150. file.managed:
  151. - source: salt://bird/ff-policy.conf
  152. - template: jinja
  153. proto: v4
  154. - watch_in:
  155. - cmd: bird-configure
  156. - require:
  157. - file: /etc/bird/bird.d
  158. - require_in:
  159. - service: bird
  160. /etc/bird/ff-policy6.conf:
  161. file.managed:
  162. - source: salt://bird/ff-policy.conf
  163. - template: jinja
  164. proto: v6
  165. - watch_in:
  166. - cmd: bird6-configure
  167. - require:
  168. - file: /etc/bird/bird6.d
  169. - require_in:
  170. - service: bird6
  171. /etc/bird/bird.d/ibgp.conf:
  172. file.managed:
  173. - source: salt://bird/ibgp.conf
  174. - template: jinja
  175. proto: v4
  176. - watch_in:
  177. - cmd: bird-configure
  178. - require:
  179. - file: /etc/bird/bird.d
  180. - require_in:
  181. - service: bird
  182. /etc/bird/bird6.d/ibgp.conf:
  183. file.managed:
  184. - source: salt://bird/ibgp.conf
  185. - template: jinja
  186. proto: v6
  187. - watch_in:
  188. - cmd: bird6-configure
  189. - require:
  190. - file: /etc/bird/bird6.d
  191. - require_in:
  192. - service: bird6
  193. #
  194. # FFRL-exit
  195. #
  196. {% if 'ffrl-exit' in roles %}
  197. python-ipcalc:
  198. pkg.installed
  199. /etc/bird/bird.d/ffrl.conf:
  200. file.managed:
  201. - source: salt://bird/ffrl.conf
  202. - template: jinja
  203. proto: v4
  204. - watch_in:
  205. - cmd: bird-configure
  206. - require:
  207. - file: /etc/bird/bird.d
  208. - pkg: python-ipcalc
  209. - require_in:
  210. - service: bird
  211. /etc/bird/bird6.d/ffrl.conf:
  212. file.managed:
  213. - source: salt://bird/ffrl.conf
  214. - template: jinja
  215. proto: v6
  216. - watch_in:
  217. - cmd: bird6-configure
  218. - require:
  219. - file: /etc/bird/bird6.d
  220. - pkg: python-ipcalc
  221. - require_in:
  222. - service: bird6
  223. /etc/bird/bird.d/bogon_unreach.conf:
  224. file.managed:
  225. - source: salt://bird/bogon_unreach.conf
  226. - template: jinja
  227. proto: v4
  228. - watch_in:
  229. - cmd: bird-configure
  230. - require:
  231. - file: /etc/bird/bird.d
  232. - require_in:
  233. - service: bird
  234. /etc/bird/bird6.d/bogon_unreach.conf:
  235. file.managed:
  236. - source: salt://bird/bogon_unreach.conf
  237. - template: jinja
  238. proto: v6
  239. - watch_in:
  240. - cmd: bird6-configure
  241. - require:
  242. - file: /etc/bird/bird6.d
  243. - require_in:
  244. - service: bird6
  245. {% else %}
  246. /etc/bird/bird.d/ffrl.conf:
  247. file.absent
  248. /etc/bird/bird6.d/ffrl.conf:
  249. file.absent
  250. /etc/bird/bird.d/bogon_unreach.conf:
  251. file.absent
  252. /etc/bird/bird6.d/bogon_unreach.conf:
  253. file.absent
  254. {% endif %}