From fb08fbf7c98047bce1167fdfca6afc1d7ffa731e Mon Sep 17 00:00:00 2001
From: Benjamin Graillot <graillot@crans.org>
Date: Wed, 19 Aug 2020 19:02:00 +0200
Subject: [PATCH] [radvd] Install radvd on routers

---
 plays/firewall.yml                  | 18 ++++++++++++++++++
 roles/radvd/handlers/main.yml       |  5 +++++
 roles/radvd/tasks/main.yml          | 18 ++++++++++++++++++
 roles/radvd/templates/radvd.conf.j2 | 19 +++++++++++++++++++
 4 files changed, 60 insertions(+)
 create mode 100644 roles/radvd/handlers/main.yml
 create mode 100644 roles/radvd/tasks/main.yml
 create mode 100644 roles/radvd/templates/radvd.conf.j2

diff --git a/plays/firewall.yml b/plays/firewall.yml
index c2976feb..24e1ff68 100755
--- a/plays/firewall.yml
+++ b/plays/firewall.yml
@@ -10,6 +10,24 @@
   roles:
     - arp-proxy
 
+- hosts: crans_routeurs
+  vars:
+    subnets:
+      - name: infra
+        prefix: fd00:0:0:11::/64
+        dns:
+          - fd00::11:0:ff:fe00:9911
+      - name: adh
+        prefix: 2a0c:700:12::/64
+        dns:
+          - 2a0c:700:12::ff:fe00:9912
+      - name: adh_nat
+        prefix: 2a0c:700:13::/64
+        dns:
+          - 2a0c:700:13::ff:fe00:9913
+  roles:
+    - radvd
+
 # Deploy firewall
 - hosts: crans_routeurs
   vars:
diff --git a/roles/radvd/handlers/main.yml b/roles/radvd/handlers/main.yml
new file mode 100644
index 00000000..39552d74
--- /dev/null
+++ b/roles/radvd/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Restart radvd service
+  service:
+    name: radvd
+    state: restarted
diff --git a/roles/radvd/tasks/main.yml b/roles/radvd/tasks/main.yml
new file mode 100644
index 00000000..65715038
--- /dev/null
+++ b/roles/radvd/tasks/main.yml
@@ -0,0 +1,18 @@
+---
+- name: Install radvd
+  apt:
+    name: radvd
+    state: present
+    update_cache: true
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
+- name: Deploy radvd configuration
+  template:
+    src: radvd.conf.j2
+    dest: /etc/radvd.conf
+    mode: 0644
+    owner: root
+    group: root
+  notify: Restart radvd service
diff --git a/roles/radvd/templates/radvd.conf.j2 b/roles/radvd/templates/radvd.conf.j2
new file mode 100644
index 00000000..a13cef0b
--- /dev/null
+++ b/roles/radvd/templates/radvd.conf.j2
@@ -0,0 +1,19 @@
+{% for subnet in subnets %}
+interface {{ interfaces[subnet.name] }} {
+	AdvSendAdvert on;
+	AdvDefaultPreference high;
+	MaxRtrAdvInterval 30;
+
+	prefix {{ subnet.prefix }} {
+		AdvRouterAddr on;
+	};
+
+	# La zone DNS
+	DNSSL {{ subnet.name | replace('_', '-') }}.crans.org {};
+
+	# Les DNS rÃ©cursifs
+{% for dns in subnet.dns %}
+	RDNSS {{ dns }} {};
+{% endfor %}
+};
+{% endfor %}
-- 
GitLab