Role service-bird + service-bird-icvpn: add systemd unit + timer to update roa+peers+tinc hosts

This commit is contained in:
Tobias Hachmer 2017-10-03 23:31:15 +02:00
parent 0fa92eef1c
commit 224a61a481
4 changed files with 54 additions and 2 deletions

View file

@ -39,7 +39,7 @@
file: file:
path: "{{ item }}" path: "{{ item }}"
mode: 0640 mode: 0640
owner: bird owner: admin
group: bird group: bird
notify: notify:
- reload bird4 - reload bird4
@ -51,10 +51,34 @@
file: file:
path: "{{ item }}" path: "{{ item }}"
mode: 0640 mode: 0640
owner: bird owner: admin
group: bird group: bird
notify: notify:
- reload bird6 - reload bird6
with_items: with_items:
- /etc/bird/icvpn_ipv6_peers.conf - /etc/bird/icvpn_ipv6_peers.conf
- /etc/bird/icvpn_ipv6_roa.conf - /etc/bird/icvpn_ipv6_roa.conf
- name: write systemd unit icvpn-update.service
template:
src: icvpn-update.service.j2
dest: /etc/systemd/system/icvpn-update.service
owner: root
group: root
mode: 0644
notify: reload systemd
- name: write systemd timer icvpn-update.timer
template:
src: icvpn-update.timer.j2
dest: /etc/systemd/system/icvpn-update.timer
owner: root
group: root
mode: 0644
notify: reload systemd
- name: configure systemd unit/timer icvpn-update
systemd:
name: icvpn-update.timer
enabled: yes
state: started

View file

@ -0,0 +1,10 @@
#
# {{ ansible_managed }}
#
[Unit]
Description=Update tinc hosts and bgp peers for icvpn
[Service]
ExecStart=/home/admin/clones/backend-scripts/gen_icvpn_bgp_gw.sh
User=admin
Group=admin

View file

@ -0,0 +1,12 @@
#
# {{ ansible_managed }}
#
[Unit]
Description=Timer which schedules icvpn-update.service
[Timer]
OnBootSec=1h
OnUnitActiveSec=2d
[Install]
WantedBy=timers.target

View file

@ -8,6 +8,12 @@
- bird-bgp - bird-bgp
- bird-doc - bird-doc
- name: set directory permissions for /etc/bird
file:
path: /etc/bird
state: directory
mode: 0755
- name: write bird configuration - name: write bird configuration
template: template:
src: bird{{ item }}.conf.j2 src: bird{{ item }}.conf.j2