Fixes for first running config

hosts.yml

@@ -19,6 +19,7 @@ all:
               ffrl_ipv4: 185.66.193.107
               ffrl_ipv6: 2a03:2260:121:7000::107
               ffrl_ipv6_net: "2a03:2260:121:7000::"
+              ffrl_router_id: 10.188.255.7
               gre_bb_a_ak_ber_ipv4: 100.64.6.25
               gre_bb_b_ak_ber_ipv4: 100.64.6.31
               gre_bb_a_ix_dus_ipv4: 100.64.6.29

roles/00-system-set-bird/tasks/main.yml

@@ -0,0 +1,15 @@
+- name: Copy Bird Config
+  ansible.builtin.template:
+    src: bird.conf.j2
+    dest: /etc/bird/bird.conf
+    owner: root
+    group: root
+    mode: '0644'
+
+- name: Copy Bird6 Config
+  ansible.builtin.template:
+    src: bird6.conf.j2
+    dest: /etc/bird/bird6.conf
+    owner: root
+    group: root
+    mode: '0644'

roles/00-system-set-bird/templates/bird.conf.j2

@@ -0,0 +1,93 @@
+/*
+ *      This is an example configuration file.
+ */
+
+# Yes, even shell-like comments work...
+
+# Configure logging
+#log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
+#log stderr all;
+#log "tmp" all;
+#log syslog all;
+
+#debug protocols all;
+
+# Override router ID
+router id {{ ffrl_router_id }};
+
+
+protocol direct {
+        interface "*";
+};
+
+protocol kernel {
+        device routes;
+        import all;
+        export all;
+        kernel table 42;
+};
+
+protocol device {
+        scan time 8;
+};
+
+function is_default() {
+        return (net ~ [0.0.0.0/0]);
+};
+
+# own network
+function is_self_net() {
+    return (net ~ [ 10.188.0.0/16+ ]);
+}
+
+# freifunk ip ranges in general
+function is_freifunk() {
+  return net ~ [ 10.0.0.0/8+,
+    104.0.0.0/8+
+  ];
+}
+
+filter hostroute {
+        if net ~ {{ ffrl_ipv4 }}/32 then accept;
+        reject;
+};
+
+# Uplink über ff Rheinland
+template bgp uplink {
+        local as 65066;
+        import where is_default();
+        export filter hostroute;
+        next hop self;
+        multihop 64;
+        default bgp_local_pref 200;
+};
+
+protocol bgp ffrl_bb_a_ak_ber from uplink {
+        source address 100.64.6.25;
+        neighbor 100.64.6.24 as 201701;
+};
+
+protocol bgp ffrl_bb_b_ak_ber from uplink {
+        source address 100.64.6.31;
+        neighbor 100.64.6.30 as 201701;
+};
+
+protocol bgp ffrl_bb_a_ix_dus from uplink {
+        source address 100.64.6.29;
+        neighbor 100.64.6.28 as 201701;
+};
+
+protocol bgp ffrl_bb_b_ix_dus from uplink {
+        source address 100.64.6.35;
+        neighbor 100.64.6.34 as 201701;
+};
+
+protocol bgp ffrl_bb_a_fra3_fra from uplink {
+        source address 100.64.6.27;
+        neighbor 100.64.6.26 as 201701;
+};
+
+protocol bgp ffrl_bb_b_fra3_fra from uplink {
+        source address 100.64.6.33;
+        neighbor 100.64.6.32 as 201701;
+};

roles/00-system-set-bird/templates/bird6.conf.j2

@@ -0,0 +1,89 @@
+# Configure logging
+#log syslog { debug, trace, info, remote, warning, error, auth, fatal, bug };
+#log stderr all;
+#log "tmp" all;
+#log syslog all;
+
+#debug protocols all;
+
+# Override router ID
+router id {{ ffrl_router_id }};
+
+protocol direct {
+        interface "bat0", "gre-*", "lo";  # Restrict network interfaces it works with
+
+}
+
+
+protocol kernel {
+        device routes;
+        import all;
+        export all;             # Default is export none
+        kernel table 42;                # Kernel table to synchronize with (default: main)
+}
+
+protocol device {
+        scan time 10;           # Scan interfaces every 10 seconds
+}
+
+function is_default() {
+        return (net ~ [::/0]);
+}
+
+# own networks
+function is_self_net() {
+return net ~ [ fda0:747e:ab29:7405::/64+ ];
+}
+
+# freifunk ip ranges in general
+function is_freifunk() {
+return net ~ [ fc00::/7{48,64},
+2001:bf7::/32+];
+}
+
+filter hostroute {
+        if net ~ {{ ffrl_ipv6_net }}/52 then accept;
+        reject;
+}
+
+
+
+# Uplink zum FF Rheinland
+template bgp uplink {
+        local as 65066;
+        import where is_default();
+        export filter hostroute;
+        gateway recursive;
+}
+
+
+protocol bgp ffrl_bb_a_ak_ber from uplink {
+        source address 2a03:2260:0:30c::2;
+        neighbor 2a03:2260:0:30c::1 as 201701;
+}
+
+protocol bgp ffrl_bb_b_ak_ber from uplink {
+        source address 2a03:2260:0:30f::2;
+        neighbor 2a03:2260:0:30f::1 as 201701;
+}
+
+
+protocol bgp ffrl_bb_a_ix_dus from uplink {
+        source address 2a03:2260:0:30e::2;
+        neighbor 2a03:2260:0:30e::1 as 201701;
+}
+
+protocol bgp ffrl_bb_b_ix_dus from uplink {
+        source address 2a03:2260:0:311::2;
+        neighbor 2a03:2260:0:311::1 as 201701;
+}
+
+protocol bgp ffrl_bb_a_fra3_fra from uplink {
+        source address 2a03:2260:0:30d::2;
+        neighbor 2a03:2260:0:30d::1 as 201701;
+}
+
+protocol bgp ffrl_bb_b_fra3_fra from uplink {
+        source address 2a03:2260:0:310::2;
+        neighbor 2a03:2260:0:310::1 as 201701;
+}

roles/00-system-set-network/tasks/main.yml

@@ -15,7 +15,7 @@
     dest: /etc/networkd-dispatcher/off.d/50-ifdown-hooks.sh
     owner: root
     group: root
-    mode: '0644'
+    mode: '0775'
 
 - name: Add ifUP Scripts via networkd-dispatcher
   ansible.builtin.template:
@@ -23,4 +23,4 @@
     dest: /etc/networkd-dispatcher/routable.d/50-ifup-hooks.sh
     owner: root
     group: root
-    mode: '0644'
+    mode: '0775'

roles/00-system-set-network/tasks/templates/01-ffrl-gre.yaml.j2

@@ -53,3 +53,4 @@ network:
      addresses:
      - {{ ffrl_ipv4 }}/32
      - {{ ffrl_ipv6 }}/52
+     - 127.0.0.1/8

roles/11-create-cronjob/tasks/main.yml

@@ -7,7 +7,7 @@
     dest: /opt/freifunk/sn_startup.sh
     owner: root
     group: root
-    mode: '0644'
+    mode: '0775'
 
 - name: Cron Job to run after boot
   ansible.builtin.cron:

system-setup.yml

@@ -5,6 +5,7 @@
     - 00-system-set-hostname
     - 00-create-sudo-user
     - 00-system-set-network
+    - 00-system-set-bird
     - 01-system-install-packages
     - 11-create-cronjob