More betterer with FRR

Signed-off-by: Frank Villaro-Dixon <frank@villaro-dixon.eu>

ansible/configure-server.yml

@@ -1,6 +1,7 @@
 ---
 - hosts: pi
   gather_facts: no
+  tags: pihw
   tasks:
   ## LCD STUFF
   - name: Enable i2c on boot/config.txt
@@ -109,7 +110,6 @@
 
 - hosts: all
   tasks:
-
   - name: Disable systemd LLMNR
     lineinfile:
       dest: /etc/systemd/resolved.conf
@@ -134,7 +134,7 @@
   - name: Configure chrony
     template:
       src: files/chrony.conf.j2
-      dest: /etc/chrony.conf
+      dest: "{{ '/etc/chrony/chrony.conf' if ansible_facts['distribution'] == 'Ubuntu' else '/etc/chrony.conf' }}"
       owner: root
       group: root
       mode: 0644
@@ -152,3 +152,38 @@
     service:
       name: chronyd
       state: restarted
+
+## BGP STUFF
+- hosts: all
+  tags: bgp
+  tasks:
+  - name: install FRR
+    package:
+      name: frr
+      state: present
+    when: ansible_facts['distribution'] == 'Ubuntu'
+    #XXX for arch install it manually with yay
+
+  - name: Enable FRR bgp daemon
+    lineinfile:
+      dest: /etc/frr/daemons
+      regexp: "^bgpd=no"
+      line: "bgpd=yes"
+      state: present
+
+  - name: Copy frr config
+    ansible.builtin.template:
+      src: files/frr.conf.j2
+      dest: /etc/frr/frr.conf
+      owner: frr
+      group: frr
+      mode: 0640
+    notify: restart frr
+
+
+
+  handlers:
+  - name: restart frr
+    systemd:
+      name: frr
+      state: restarted

ansible/files/chrony.conf.j2

@@ -19,12 +19,19 @@
 pool pool.ntp.infomaniak.ch iburst
 server ntp11.metas.ch
 server ntp-p1.obspm.fr
+server tock.zg.ch
 
 {% if ansible_hostname == "chronos" %}
+## Chronos is a stratum 1 server. Peers with ntp-s2
+server ntp-s2.lan.k3s.fr iburst
 refclock PPS /dev/pps0 refid PPS
 refclock SHM 0 refid GPS poll 2 precision 1e-3 offset 0.128
 {% else %}
+## NTP s2 is a VM. Peers with chronos and other NTP S1 servers
 server chronos.lan.k3s.fr iburst
+server ntp-s2-1.itu.ch
+server ntp.sceen.net
+server ntp1.as34288.net
 {% endif %}
 
 #######################################################################

ansible/files/frr.conf.j2

@@ -0,0 +1,36 @@
+!
+frr version 10.0.1
+frr defaults traditional
+hostname {{ ansible_hostname }}
+log syslog informational
+service integrated-vtysh-config
+!
+router bgp {{ bgp_asn }}
+ bgp router-id {{ ansible_default_ipv4.address }}
+ bgp bestpath as-path multipath-relax
+ bgp bestpath compare-routerid
+ neighbor pg-leaf peer-group
+ neighbor pg-leaf remote-as external
+ neighbor pg-leaf capability extended-nexthop
+ neighbor {{ bgp_router_ipv6 }} peer-group pg-leaf
+ !
+ address-family ipv4 unicast
+  redistribute connected route-map map-bgp-iface
+  neighbor pg-leaf soft-reconfiguration inbound
+ exit-address-family
+ !
+ address-family ipv6 unicast
+  redistribute kernel
+  redistribute connected route-map map-bgp-iface
+  neighbor pg-leaf activate
+  neighbor pg-leaf soft-reconfiguration inbound
+  neighbor pg-leaf route-map map-bgp-iface out
+ exit-address-family
+exit
+!
+route-map map-bgp-iface permit 10
+ match interface lo
+exit
+!
+end
+

ansible/inventory.yml

@@ -1,7 +1,20 @@
 pi:
   hosts:
-    192.168.10.155: #chronos.k3s.fr:
+    chronos.lan.k3s.fr:
+      bgp_router_ipv6: 2a01:e0a:431:b521:7683:c2ff:fe4d:4818
+      bgp_asn: 64600
+      bgp_router_asn: 65100
+      bgp_ipv6: 2a01:e0a:431:b527::a123/128
 vms:
   hosts:
-    192.168.43.15: #ntp-s2.lan.k3s.fr
+    ntp-s2-cra.lan.k3s.fr:
+      bgp_router_ipv6: 2a01:e0a:431:b522:7683:c2ff:fe4d:4818
+      bgp_asn: 64601
+      bgp_router_asn: 65100
+      bgp_ipv6: 2a01:e0a:431:b527::b123/128
+    ntp-s2-ces.lan.k3s.fr:
+      bgp_router_ipv6: 2a0e:e701:122c:42::1
+      bgp_asn: 64602
+      bgp_router_asn: 65000
+      bgp_ipv6: 2a0e:e701:122c:fff0::a123/128