nixos-module/container/bird: add check-upstream services

This commit is contained in:
Astro 2021-05-05 17:35:44 +02:00
parent d89c373dfe
commit 5f8203d901
1 changed files with 73 additions and 1 deletions

View File

@ -1,5 +1,5 @@
# Routing daemon configuration # Routing daemon configuration
{ hostName, config, options, lib, ... }: { hostName, config, options, lib, pkgs, ... }:
let let
hostConf = config.site.hosts.${hostName}; hostConf = config.site.hosts.${hostName};
@ -350,4 +350,76 @@ in
''} ''}
''; '';
}; };
# Script that pings internet hosts every few minutes to determine if
# the upstream actually works. The associated OSPF instance will be
# enabled/disabled on state change.
systemd.services =
let
interval = 5;
targets = {
ipv4 = [
# inbert.c3d2.de
"217.197.83.184"
# ccc.de
"195.54.164.39"
# Cloud DNS services
"9.9.9.9"
"8.8.8.8"
"1.1.1.1"
];
ipv6 = [
# inbert.c3d2.de
"2001:67c:1400:2240::1"
# ccc.de
"2001:67c:20a0:2:0:164:0:39"
# Cloud DNS services
"2620:fe::9"
"2606:4700:4700::1111"
"2001:4860:4860::8888"
];
};
instance = {
ipv4 = "ZW4_${hostName}";
ipv6 = "ZW6_${hostName}";
};
checkService = addressFamily: {
description = "Check connectivity for ${addressFamily}";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "bird2";
Group = "bird2";
};
path = [ pkgs.bird2 "/run/wrappers" ];
script = ''
STATE=unknown
while true; do
NEW_STATE=unknown
false \
${lib.concatMapStrings (target:
" || ping -n -s 0 -c 1 -w 1 ${target} 2>/dev/null >/dev/null \\\n"
) targets.${addressFamily}} \
&& NEW_STATE=up \
|| NEW_STATE=down
if [ $STATE != $NEW_STATE ]; then
echo "Connectivity change from $STATE to $NEW_STATE"
if [ $NEW_STATE = up ]; then
birdc enable ${instance.${addressFamily}}
else
birdc disable ${instance.${addressFamily}}
fi
fi
STATE=$NEW_STATE
sleep ${toString interval}
done
'';
};
in lib.mkIf isUpstream {
check-upstream-ipv4 = checkService "ipv4";
check-upstream-ipv6 = checkService "ipv6";
};
} }