First fully working proof-of-concept, only works on arch for now

This commit is contained in:
9pfs 2024-11-20 18:06:50 -08:00
parent 231ddac10e
commit b73f409ff2
Signed by: 9pfs
SSH key fingerprint: SHA256:yVO09iotyiNaBzBBvVR8ZTx7SB9VpvJPgR1Ihy1bz3Q
11 changed files with 193 additions and 7 deletions

24
bird-config.j2 Normal file
View file

@ -0,0 +1,24 @@
protocol device {
scan time 10;
};
protocol direct {
ipv4;
ipv6;
interface "dn42dummy0";
};
protocol babel int_babel {
randomize router id on;
ipv4 {
import all;
export all;
};
ipv6 {
import all;
export all;
};
interface "{% if vlan is defined %}host0.{{ vlan }}{% else %}host0{% endif %}" {
type wired;
};
};

68
deploy.yml Normal file
View file

@ -0,0 +1,68 @@
- hosts: all
remote_user: root
tasks:
- name: install debian dependencies
package:
name: nginx,bird2
state: present
when: ansible_distribution == 'Debian'
- name: install arch dependencies
pacman:
name: nginx,bird
state: present
when: ansible_distribution == 'Archlinux'
- name: see if host0 exists / if this is a systemd-nspawn container
stat:
path: /sys/class/net/host0
register: host0
- name: configure host0
template:
src: host0-network.j2
dest: /etc/systemd/network/10-host0.network
- name: configure host0 vlan .netdev
template:
src: host0-vlan-netdev.j2
dest: /etc/systemd/network/host0-vlan.netdev
when: vlan is defined
- name: configure host0 vlan .network
template:
src: host0-vlan-network.j2
dest: /etc/systemd/network/host0-vlan.network
when: vlan is defined
- name: configure dummy interface .netdev
template:
src: dn42dummy0-netdev.j2
dest: /etc/systemd/network/dn42dummy0.netdev
- name: configure dummy interface .network
template:
src: dn42dummy0-network.j2
dest: /etc/systemd/network/dn42dummy0.network
- name: add nginx config
template:
src: nginx-global.j2
dest: /etc/nginx/nginx.conf
- name: add bird config on arch
template:
src: bird-config.j2
dest: /etc/bird.conf
when: ansible_distribution == 'Archlinux'
- name: add bird config on debian
template:
src: bird-config.j2
dest: /etc/bird/bird.conf
when: ansible_distribution == 'Debian'
- name: enable and reload/start systemd-networkd
systemd:
state: reloaded
name: systemd-networkd.service
enabled: true
- name: enable and reload/start nginx
systemd:
state: reloaded
name: nginx.service
enabled: true
- name: enable and reload/start bird
systemd:
state: reloaded
name: bird.service
enabled: true

3
dn42dummy0-netdev.j2 Normal file
View file

@ -0,0 +1,3 @@
[NetDev]
Name=dn42dummy0
Kind=dummy

8
dn42dummy0-network.j2 Normal file
View file

@ -0,0 +1,8 @@
[Match]
Name=dn42dummy0
[Network]
Address=fd32:6b0:70a6:8181::81/128
{% if unicastv6 is defined %}
Address={{ unicastv6 }}/128
{% endif %}

22
dn42routes.j2 Normal file
View file

@ -0,0 +1,22 @@
[Route]
Destination=10.0.0.0/8
Gateway=_dhcp4
Metric=1024
[Route]
Destination=172.20.0.0/14
Gateway=_dhcp4
Metric=1024
[Route]
Destination=172.31.0.0/16
Gateway=_dhcp4
Metric=1024
[Route]
Destination=fd00::/8
Gateway=_ipv6ra
Metric=1024
{% if unicastv6 is defined %}
PreferredSource={{ unicastv6 }}
{% endif %}

21
host0-network.j2 Normal file
View file

@ -0,0 +1,21 @@
[Match]
Name=host0
[Network]
DHCP=true
IPv6AcceptRA=true
LinkLocalAddressing=ipv6
{% if vlan is defined %}
VLAN=br0.{{ vlan }}
{% endif %}
# These route metrics have to be higher than everything else
[DHCPv4]
RouteMetric=2048
[IPv6AcceptRA]
RouteMetric=2048
{% if vlan is undefined %}
{% include 'dn42routes.j2' %}
{% endif %}

6
host0-vlan-netdev.j2 Normal file
View file

@ -0,0 +1,6 @@
[NetDev]
Name=host0.{{ vlan }}
Kind=vlan
[VLAN]
Id={{ vlan }}

17
host0-vlan-network.j2 Normal file
View file

@ -0,0 +1,17 @@
[Match]
Name=host0.{{ vlan }}
[Network]
DHCP=true
IPv6AcceptRA=true
[DHCPv4]
RouteMetric=1024
UseRoutes=false
UseGateway=false
[IPv6AcceptRA]
UseGateway=false
UseRoutePrefix=false
{% include 'dn42routes.j2' %}

6
inventory.yml Normal file
View file

@ -0,0 +1,6 @@
all:
hosts:
us1.myip.9pfs.dn42:
ansible_host: fd32:6b0:70a6:8181::1
unicastv6: fd32:6b0:70a6:8181::1
fqdn: us1.myip.9pfs.dn42

11
nginx-global.j2 Normal file
View file

@ -0,0 +1,11 @@
worker_processes 1;
events {
worker_connections 1024;
}
http {
sendfile on;
keepalive_timeout 65;
{% include 'nginx-site.j2' %}
}

View file

@ -1,14 +1,14 @@
server { server {
listen [fd32:6b0:70a6:8181::81]:80; listen [fd32:6b0:70a6:8181::81]:80;
{% if unicastv6 is defined %} {% if unicastv6 is defined %}
listen [{{ unicastv6 }}]:80; listen [{{ unicastv6 }}]:80;
{% endif %} {% endif %}
server_name myip.9pfs.dn42; server_name myip.9pfs.dn42;
server_name *.myip.9pfs.dn42; server_name *.myip.9pfs.dn42;
server_name [fd32:6b0:70a6:8181::81]; server_name [fd32:6b0:70a6:8181::81];
{% if unicastv6 is defined %} {% if unicastv6 is defined %}
listen [{{ unicastv6 }}]; server_name [{{ unicastv6 }}];
{% endif %} {% endif %}
location = /raw { location = /raw {
return 200 '$remote_addr\n'; return 200 '$remote_addr\n';
@ -18,7 +18,7 @@ server {
location = /api { location = /api {
default_type application/json; default_type application/json;
add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Origin' '*';
return 200 '{\n\t"version": "1.0",\n\t"ip": "$remote_addr",\n\t"server": "$server_addr",\n\t"node_as": "4242422002",\n\t"node_location": "{% if country is defined %}{{ country }}{% else %}US{% endif %},\n\t"node_id": "{% if fqdn is defined %}{{ fqdn }}{% else %}myip.9pfs.dn42{% endif %}"\n}'; return 200 '{\n\t"version": "1.0",\n\t"ip": "$remote_addr",\n\t"server": "$server_addr",\n\t"node_as": "4242422002",\n\t"node_location": "{% if country is defined %}{{ country }}{% else %}US{% endif %}",\n\t"node_id": "{% if fqdn is defined %}{{ fqdn }}{% else %}myip.9pfs.dn42{% endif %}"\n}';
} }
location = / { location = / {
{% include 'nginx-html.j2' %} {% include 'nginx-html.j2' %}