Merge branch 'radvd' into 'newinfra'

[radvd] Install radvd on routers

See merge request nounous/ansible!63

plays/firewall.yml

@@ -10,6 +10,24 @@
   roles:
     - arp-proxy
 
+- hosts: crans_routeurs
+  vars:
+    subnets:
+      - name: infra
+        prefix: fd00:0:0:11::/64
+        dns:
+          - fd00::11:0:ff:fe00:9911
+      - name: adh
+        prefix: 2a0c:700:12::/64
+        dns:
+          - 2a0c:700:12::ff:fe00:9912
+      - name: adh_nat
+        prefix: 2a0c:700:13::/64
+        dns:
+          - 2a0c:700:13::ff:fe00:9913
+  roles:
+    - radvd
+
 # Deploy firewall
 - hosts: crans_routeurs
   vars:

roles/radvd/handlers/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Restart radvd service
+  service:
+    name: radvd
+    state: restarted

roles/radvd/tasks/main.yml

@@ -0,0 +1,18 @@
+---
+- name: Install radvd
+  apt:
+    name: radvd
+    state: present
+    update_cache: true
+  register: apt_result
+  retries: 3
+  until: apt_result is succeeded
+
+- name: Deploy radvd configuration
+  template:
+    src: radvd.conf.j2
+    dest: /etc/radvd.conf
+    mode: 0644
+    owner: root
+    group: root
+  notify: Restart radvd service

roles/radvd/templates/radvd.conf.j2

@@ -0,0 +1,19 @@
+{% for subnet in subnets %}
+interface {{ interfaces[subnet.name] }} {
+	AdvSendAdvert on;
+	AdvDefaultPreference high;
+	MaxRtrAdvInterval 30;
+
+	prefix {{ subnet.prefix }} {
+		AdvRouterAddr on;
+	};
+
+	# La zone DNS
+	DNSSL {{ subnet.name | replace('_', '-') }}.crans.org {};
+
+	# Les DNS récursifs
+{% for dns in subnet.dns %}
+	RDNSS {{ dns }} {};
+{% endfor %}
+};
+{% endfor %}