Role service-bird + service-bird-icvpn: add systemd unit + timer to update roa+peers+tinc hosts
This commit is contained in:
parent
0fa92eef1c
commit
224a61a481
4 changed files with 54 additions and 2 deletions
|
@ -39,7 +39,7 @@
|
||||||
file:
|
file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
mode: 0640
|
mode: 0640
|
||||||
owner: bird
|
owner: admin
|
||||||
group: bird
|
group: bird
|
||||||
notify:
|
notify:
|
||||||
- reload bird4
|
- reload bird4
|
||||||
|
@ -51,10 +51,34 @@
|
||||||
file:
|
file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
mode: 0640
|
mode: 0640
|
||||||
owner: bird
|
owner: admin
|
||||||
group: bird
|
group: bird
|
||||||
notify:
|
notify:
|
||||||
- reload bird6
|
- reload bird6
|
||||||
with_items:
|
with_items:
|
||||||
- /etc/bird/icvpn_ipv6_peers.conf
|
- /etc/bird/icvpn_ipv6_peers.conf
|
||||||
- /etc/bird/icvpn_ipv6_roa.conf
|
- /etc/bird/icvpn_ipv6_roa.conf
|
||||||
|
|
||||||
|
- name: write systemd unit icvpn-update.service
|
||||||
|
template:
|
||||||
|
src: icvpn-update.service.j2
|
||||||
|
dest: /etc/systemd/system/icvpn-update.service
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
notify: reload systemd
|
||||||
|
|
||||||
|
- name: write systemd timer icvpn-update.timer
|
||||||
|
template:
|
||||||
|
src: icvpn-update.timer.j2
|
||||||
|
dest: /etc/systemd/system/icvpn-update.timer
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: 0644
|
||||||
|
notify: reload systemd
|
||||||
|
|
||||||
|
- name: configure systemd unit/timer icvpn-update
|
||||||
|
systemd:
|
||||||
|
name: icvpn-update.timer
|
||||||
|
enabled: yes
|
||||||
|
state: started
|
||||||
|
|
10
roles/service-bird-icvpn/templates/icvpn-update.service.j2
Normal file
10
roles/service-bird-icvpn/templates/icvpn-update.service.j2
Normal file
|
@ -0,0 +1,10 @@
|
||||||
|
#
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
#
|
||||||
|
[Unit]
|
||||||
|
Description=Update tinc hosts and bgp peers for icvpn
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStart=/home/admin/clones/backend-scripts/gen_icvpn_bgp_gw.sh
|
||||||
|
User=admin
|
||||||
|
Group=admin
|
12
roles/service-bird-icvpn/templates/icvpn-update.timer.j2
Normal file
12
roles/service-bird-icvpn/templates/icvpn-update.timer.j2
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
#
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
#
|
||||||
|
[Unit]
|
||||||
|
Description=Timer which schedules icvpn-update.service
|
||||||
|
|
||||||
|
[Timer]
|
||||||
|
OnBootSec=1h
|
||||||
|
OnUnitActiveSec=2d
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=timers.target
|
|
@ -8,6 +8,12 @@
|
||||||
- bird-bgp
|
- bird-bgp
|
||||||
- bird-doc
|
- bird-doc
|
||||||
|
|
||||||
|
- name: set directory permissions for /etc/bird
|
||||||
|
file:
|
||||||
|
path: /etc/bird
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
- name: write bird configuration
|
- name: write bird configuration
|
||||||
template:
|
template:
|
||||||
src: bird{{ item }}.conf.j2
|
src: bird{{ item }}.conf.j2
|
||||||
|
|
Loading…
Reference in a new issue