From 58c2912f463198e95ae0df71fdc85bf46bd6cbd5 Mon Sep 17 00:00:00 2001
From: 9pfs <9pfs@amcforum.wiki>
Date: Sun, 1 Dec 2024 23:42:47 -0800
Subject: [PATCH] Add lg, adjust filters and inventory

---
 .gitignore             |  1 +
 bird-babel.j2          | 10 +++++--
 inventory.yml          |  1 +
 lg.yml                 | 62 ++++++++++++++++++++++++++++++++++++++++++
 lg/frontend-service.j2 | 11 ++++++++
 lg/proxy-service.j2    | 12 ++++++++
 setup.yml              | 12 ++++++++
 7 files changed, 107 insertions(+), 2 deletions(-)
 create mode 100644 lg.yml
 create mode 100644 lg/frontend-service.j2
 create mode 100644 lg/proxy-service.j2

diff --git a/.gitignore b/.gitignore
index 2cb30a6..0aa8a4c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 .*.swp
 bin/
+src/
diff --git a/bird-babel.j2 b/bird-babel.j2
index 249c6e4..60b0908 100644
--- a/bird-babel.j2
+++ b/bird-babel.j2
@@ -2,8 +2,14 @@
 # "direct" protocol to read prefixes attached to interfaces and send them across
 # the network.
 protocol direct {
-    ipv4;
-    ipv6;
+    ipv4 {
+        import where net ~ [ 172.20.0.0/16+, 172.31.0.0/16+, 10.0.0.0/8+ ];
+        export where net ~ [ 172.20.0.0/16+, 172.31.0.0/16+, 10.0.0.0/8+ ];
+    };
+    ipv6 {
+        import where net ~ [ fd00::/8+ ];
+        export where net ~ [ fd00::/8+ ];
+    };
     interface "igp-dummy*";
     interface "host0";
     interface "host0*";
diff --git a/inventory.yml b/inventory.yml
index 72f591e..8d5f18f 100644
--- a/inventory.yml
+++ b/inventory.yml
@@ -18,6 +18,7 @@ routers:
       unicastv6: fd32:6b0:70a6:179::2
       pop_loc: us02
       solanum_sid: '9R2'
+      ansible_host: "h-dn42-router-us02.tail9a27a.ts.net"
     us3.routers.9pfs.dn42:
       ansible_python_interpreter: "/usr/bin/python3"
       machine_type: container
diff --git a/lg.yml b/lg.yml
new file mode 100644
index 0000000..9827bf4
--- /dev/null
+++ b/lg.yml
@@ -0,0 +1,62 @@
+- name: Configure bird-lg-go on routers
+  hosts: routers
+  remote_user: root
+  tasks:
+    - name: Build looking glass destinations list
+      ansible.builtin.shell: echo {% for host in ansible_play_hosts %}{{ hostvars[host]['unicastv6'] }},{% endfor %}|sed 's/,$//'
+      register: lg_dests
+      run_once: true
+      delegate_to: 127.0.0.1
+    - name: Add Debian build dependencies
+      ansible.builtin.package:
+        name: make,git,golang-1.23
+        state: present
+      when: ansible_distribution == 'Debian'
+    - name: Make debian sane
+      ansible.builtin.file:
+        state: link
+        dest: /usr/local/bin/go
+        src: /usr/lib/go-1.23/bin/go
+      when: ansible_distribution == 'Debian'
+    - name: Add Arch build dependencies
+      ansible.builtin.pacman:
+        name: base-devel,go
+        state: present
+      when: ansible_distribution == 'Archlinux'
+    - name: Make bird-lg-go directory in /opt
+      ansible.builtin.file:
+        dest: /opt/bird-lg-go
+        state: directory
+    - name: Download bird-lg-go
+      ansible.builtin.git:
+        repo: https://github.com/xddxdd/bird-lg-go
+        dest: /opt/bird-lg-go/src
+    - name: Build bird-lg-go
+      ansible.builtin.make:
+        chdir: /opt/bird-lg-go/src
+    - name: Create proxy systemd service
+      ansible.builtin.template:
+        src: lg/proxy-service.j2
+        dest: /etc/systemd/system/bird-lg-go-proxy.service
+        mode: '0644'
+      when: ansible_service_mgr == 'systemd'
+    - name: Enable and start/reload bird-lg-go-proxy
+      ansible.builtin.systemd_service:
+        name: bird-lg-go-proxy.service
+        enabled: true
+        state: restarted
+        daemon_reload: true
+      when: ansible_service_mgr == 'systemd'
+    - name: Create frontend systemd service
+      ansible.builtin.template:
+        src: lg/frontend-service.j2
+        dest: /etc/systemd/system/bird-lg-go-frontend.service
+        mode: '0644'
+      when: ansible_service_mgr == 'systemd'
+    - name: Enable and start/reload bird-lg-go-frontend
+      ansible.builtin.systemd_service:
+        name: bird-lg-go-frontend.service
+        enabled: true
+        state: restarted
+        daemon_reload: true
+      when: ansible_service_mgr == 'systemd'
diff --git a/lg/frontend-service.j2 b/lg/frontend-service.j2
new file mode 100644
index 0000000..acab298
--- /dev/null
+++ b/lg/frontend-service.j2
@@ -0,0 +1,11 @@
+[Unit]
+Description=bird-lg-go frontend
+
+[Service]
+DynamicUser=yes
+ExecStart=/opt/bird-lg-go/src/frontend/frontend --proxy-port 8000 --listen 8001 --dns-interface whois.dn42 --whois whois.dn42 --net-specific-mode dn42 --servers {{ lg_dests.stdout }}
+Restart=on-failure
+RestartSec=60
+
+[Install]
+WantedBy=multi-user.target
diff --git a/lg/proxy-service.j2 b/lg/proxy-service.j2
new file mode 100644
index 0000000..4b56942
--- /dev/null
+++ b/lg/proxy-service.j2
@@ -0,0 +1,12 @@
+[Unit]
+Description=bird-lg-go proxy
+After=bird.service
+Before=bird-lg-go-frontend.service
+
+[Service]
+DynamicUser=yes
+User=bird
+ExecStart=/opt/bird-lg-go/src/proxy/proxy
+
+[Install]
+WantedBy=multi-user.target
diff --git a/setup.yml b/setup.yml
index 5fa02c4..3523ed0 100644
--- a/setup.yml
+++ b/setup.yml
@@ -2,6 +2,18 @@
   hosts: routers
   remote_user: root
   tasks:
+    - name: Create src/ directory on playbook host
+      ansible.builtin.file:
+        path: src
+        state: directory
+      delegate_to: 127.0.0.1
+      run_once: true
+    - name: Clone bird-lg-go locally
+      ansible.builtin.git:
+        dest: src/bird-lg-go
+        repo: https://github.com/xddxdd/bird-lg-go
+      delegate_to: 127.0.0.1
+      run_once: true
     - name: Create bird directory
       ansible.builtin.file:
         path: /etc/bird