[quagga] Added role to install quagga

network.yml

@@ -33,3 +33,33 @@
 - hosts: unifi.adm.crans.org
   roles:
     - unifi-controller
+
+# Deploy BGP server on IPv4 routers
+- hosts: gulp.adm.crans.org,odlyd.adm.crans.org
+  vars:
+    zebra:
+      password: "{{ vault_zebra_password }}"
+    bgp:
+      as: 204515
+      router_id: 158.255.113.73
+      network: 185.230.76.0/22
+      neighbor: 158.255.113.72
+      remote_as: 8218
+  roles:
+    - quagga
+    - quagga-ipv4
+
+# Deploy BGP server on IPv6 routers
+- hosts: ipv6-zayo.adm.crans.org
+  vars:
+    zebra:
+      password: "{{ vault_zebra_password }}"
+    bgp:
+      as: 204515
+      router_id: 138.231.136.200
+      network: 2a0c:700::/32
+      neighbor: 2001:1b48:2:103::bb:1
+      remote_as: 8218
+  roles:
+    - quagga
+    - quagga-ipv6

roles/quagga-ipv4/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+- name: Deploy quagga bgpd configuration
+  template:
+    src: quagga/bgpd.conf.j2
+    dest: /etc/quagga/bgpd.conf
+    mode: 0640
+    owner: quagga
+    group: quagga
+
+- name: Deploy quagga zabra configuration
+  template:
+    src: quagga/zebra.conf.j2
+    dest: /etc/quagga/zebra.conf
+    mode: 0640
+    owner: quagga
+    group: quagga

roles/quagga-ipv4/templates/quagga/bgpd.conf.j2

@@ -0,0 +1,11 @@
+! {{ ansible_managed }}
+
+router bgp {{ bgp.as }}
+no synchronization
+bgp router-id {{ bgp.router_id }}
+network {{ bgp.network }}
+neighbor {{ bgp.neighbor }} remote-as {{ bgp.remote_as }}
+
+!
+log file /var/log/quagga/bgpd.log
+log stdout

roles/quagga-ipv4/templates/quagga/zebra.conf.j2

@@ -0,0 +1,14 @@
+! {{ ansible_managed }}
+
+hostname zebra
+password {{ zebra.password }}
+enable password {{ zebra.password }}
+log file /var/log/quagga/zebra.log
+
+
+interface lo
+
+!Table Zayo
+table 26
+
+line vty

roles/quagga-ipv6/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+- name: Deploy quagga bgpd configuration
+  template:
+    src: quagga/bgpd.conf.j2
+    dest: /etc/quagga/bgpd.conf
+    mode: 0640
+    owner: quagga
+    group: quagga
+
+- name: Deploy quagga zabra configuration
+  template:
+    src: quagga/zebra.conf.j2
+    dest: /etc/quagga/zebra.conf
+    mode: 0640
+    owner: quagga
+    group: quagga

roles/quagga-ipv6/templates/quagga/bgpd.conf.j2

@@ -0,0 +1,13 @@
+! {{ ansible_managed }}
+
+router bgp {{ bgp.as }}
+no synchronization
+bgp router-id {{ bgp.router_id }}
+neighbor {{ bgp.neighbor }} remote-as {{ bgp.remote_as }}
+address-family ipv6
+network {{ bgp.network }}
+neighbor {{ bgp.neighbor }} activate
+exit-address-family
+!
+log file /var/log/quagga/bgpd.log
+log stdout

roles/quagga-ipv6/templates/quagga/zebra.conf.j2

@@ -0,0 +1,10 @@
+! {{ ansible_managed }}
+
+hostname zebra
+password {{ zebra.password }}
+enable password {{ zebra.password }}
+log file /var/log/quagga/zebra.log
+
+
+interface lo
+line vty

roles/quagga/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+- name: Install quagga
+  apt:
+    update_cache: true
+    name:
+      - quagga
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
+- name: Deploy quagga daemons configuration
+  template:
+    src: quagga/daemons.j2
+    dest: /etc/quagga/daemons
+    mode: 0644
+    owner: root
+    group: root
+
+- name: Deploy quagga debian configuration
+  template:
+    src: quagga/debian.conf.j2
+    dest: /etc/quagga/debian.conf
+    mode: 0640
+    owner: quagga
+    group: quagga

roles/quagga/templates/quagga/daemons.j2

@@ -0,0 +1,28 @@
+# {{ ansible_managed }}
+
+#   2 .. 10  = lower priorities
+# Read /usr/share/doc/quagga/README.Debian for details.
+#
+# Sample configurations for these daemons can be found in
+# /usr/share/doc/quagga/examples/.
+#
+# ATTENTION:
+#
+# When activation a daemon at the first time, a config file, even if it is
+# empty, has to be present *and* be owned by the user and group "quagga", else
+# the daemon will not be started by /etc/init.d/quagga. The permissions should
+# be u=rw,g=r,o=.
+# # When using "vtysh" such a config file is also needed. It should be owned by
+# group "quaggavty" and set to ug=rw,o= though. Check /etc/pam.d/quagga, too.
+#
+# The watchquagga daemon is always started. Per default in monitoring-only but
+# that can be changed via /etc/quagga/debian.conf.
+#
+zebra=yes
+bgpd=yes
+ospfd=no
+ospf6d=no
+ripd=no
+ripngd=no
+isisd=no
+babeld=no

roles/quagga/templates/quagga/debian.conf.j2

@@ -0,0 +1,25 @@
+# {{ ansible_managed }}
+#
+# If this option is set the /etc/init.d/quagga script automatically loads
+# the config via "vtysh -b" when the servers are started.
+# Check /etc/pam.d/quagga if you intend to use "vtysh"!
+#
+vtysh_enable=yes
+zebra_options="  --daemon -A 127.0.0.1"
+bgpd_options="   --daemon -A 127.0.0.1"
+ospfd_options="  --daemon -A 127.0.0.1"
+ospf6d_options=" --daemon -A ::1"
+ripd_options="   --daemon -A 127.0.0.1"
+ripngd_options=" --daemon -A ::1"
+isisd_options="  --daemon -A 127.0.0.1"
+babeld_options=" --daemon -A 127.0.0.1"
+#
+# Please note that watchquagga_options is an array and not a string so that
+# quotes can be used.
+#
+# The list of daemons to watch is automatically generated by the init script
+# from daemons.conf and appended to the watchquagga_options.
+# Example:
+#    watchquagga_options=("-Adz" "-r" '/sbin/service %s restart' -s '/sbin/service %s start'  -k '/sbin/service %s stop')
+watchquagga_enable=yes
+watchquagga_options=(--daemon)