nixos-module/container/bird: add check-upstream services
This commit is contained in:
parent
d89c373dfe
commit
5f8203d901
|
@ -1,5 +1,5 @@
|
||||||
# Routing daemon configuration
|
# Routing daemon configuration
|
||||||
{ hostName, config, options, lib, ... }:
|
{ hostName, config, options, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
hostConf = config.site.hosts.${hostName};
|
hostConf = config.site.hosts.${hostName};
|
||||||
|
@ -350,4 +350,76 @@ in
|
||||||
''}
|
''}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Script that pings internet hosts every few minutes to determine if
|
||||||
|
# the upstream actually works. The associated OSPF instance will be
|
||||||
|
# enabled/disabled on state change.
|
||||||
|
systemd.services =
|
||||||
|
let
|
||||||
|
interval = 5;
|
||||||
|
targets = {
|
||||||
|
ipv4 = [
|
||||||
|
# inbert.c3d2.de
|
||||||
|
"217.197.83.184"
|
||||||
|
# ccc.de
|
||||||
|
"195.54.164.39"
|
||||||
|
# Cloud DNS services
|
||||||
|
"9.9.9.9"
|
||||||
|
"8.8.8.8"
|
||||||
|
"1.1.1.1"
|
||||||
|
];
|
||||||
|
ipv6 = [
|
||||||
|
# inbert.c3d2.de
|
||||||
|
"2001:67c:1400:2240::1"
|
||||||
|
# ccc.de
|
||||||
|
"2001:67c:20a0:2:0:164:0:39"
|
||||||
|
# Cloud DNS services
|
||||||
|
"2620:fe::9"
|
||||||
|
"2606:4700:4700::1111"
|
||||||
|
"2001:4860:4860::8888"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
instance = {
|
||||||
|
ipv4 = "ZW4_${hostName}";
|
||||||
|
ipv6 = "ZW6_${hostName}";
|
||||||
|
};
|
||||||
|
checkService = addressFamily: {
|
||||||
|
description = "Check connectivity for ${addressFamily}";
|
||||||
|
after = [ "network.target" ];
|
||||||
|
wantedBy = [ "multi-user.target" ];
|
||||||
|
serviceConfig = {
|
||||||
|
User = "bird2";
|
||||||
|
Group = "bird2";
|
||||||
|
};
|
||||||
|
path = [ pkgs.bird2 "/run/wrappers" ];
|
||||||
|
script = ''
|
||||||
|
STATE=unknown
|
||||||
|
|
||||||
|
while true; do
|
||||||
|
NEW_STATE=unknown
|
||||||
|
false \
|
||||||
|
${lib.concatMapStrings (target:
|
||||||
|
" || ping -n -s 0 -c 1 -w 1 ${target} 2>/dev/null >/dev/null \\\n"
|
||||||
|
) targets.${addressFamily}} \
|
||||||
|
&& NEW_STATE=up \
|
||||||
|
|| NEW_STATE=down
|
||||||
|
|
||||||
|
if [ $STATE != $NEW_STATE ]; then
|
||||||
|
echo "Connectivity change from $STATE to $NEW_STATE"
|
||||||
|
if [ $NEW_STATE = up ]; then
|
||||||
|
birdc enable ${instance.${addressFamily}}
|
||||||
|
else
|
||||||
|
birdc disable ${instance.${addressFamily}}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
STATE=$NEW_STATE
|
||||||
|
sleep ${toString interval}
|
||||||
|
done
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
in lib.mkIf isUpstream {
|
||||||
|
check-upstream-ipv4 = checkService "ipv4";
|
||||||
|
check-upstream-ipv6 = checkService "ipv6";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue