From 0f1cbb3a118f4973c3a589539fcb2a2da4eab6b7 Mon Sep 17 00:00:00 2001 From: lare Date: Mon, 16 Jan 2023 18:01:23 +0100 Subject: [PATCH] allow multiple peerings per mntner and node (not per ASN) --- nodes/main.py | 30 +++++++++++++------------- nodes/node.config.sample.jsonc | 10 ++++----- nodes/templates/bgp-peer.template.conf | 8 +++---- 3 files changed, 24 insertions(+), 24 deletions(-) diff --git a/nodes/main.py b/nodes/main.py index 253de93..0a5861e 100644 --- a/nodes/main.py +++ b/nodes/main.py @@ -130,52 +130,52 @@ class PeeringManager: def __generate_wg_conf(self, peering: dict): return render_template("wireguard.template.conf", peering=peering) - def __generate_bird_conf(self, peering:dict): + def __generate_bird_conf(self, peering: dict): return render_template("bgp-peer.template.conf", peering=peering) def __install_peering(self, mode: str, peering: dict): if mode == "add": wg_conf = self.__generate_wg_conf(peering) bgp_conf = self.__generate_bird_conf(peering) - with open(f"{self.__config['wg-configs']}/dn42_{peering['MNT'][:-4].lower()}.conf", "w") as wg_file: + with open(f"{self.__config['wg-configs']}/dn42_{peering['MNT'][:-4].lower()}_{peering['asn'][-4:]}.conf", "w") as wg_file: wg_file.write(wg_conf) - wg_enable = subprocess.run(self.__config["wg-commands"]["enable"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + wg_enable = subprocess.run(self.__config["wg-commands"]["enable"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(wg_enable) - wg_up = subprocess.run(self.__config["wg-commands"]["up"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + wg_up = subprocess.run(self.__config["wg-commands"]["up"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(wg_up) time.sleep(5) - with open(f"{self.__config['bird-peers']}/dn42_{peering['MNT'][:-4].lower()}.conf", "w") as bgp_file: + with open(f"{self.__config['bird-peers']}/dn42_{peering['MNT'][:-4].lower()}_{peering['asn'][-4:]}.conf", "w") as bgp_file: bgp_file.write(bgp_conf) - bgp_reload = subprocess.run(self.__config["bird-reload"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + bgp_reload = subprocess.run(self.__config["bird-reload"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(bgp_reload) return 200 elif mode == "update": wg_conf = self.__generate_wg_conf(peering) bgp_conf = self.__generate_bird_conf(peering) - with open(f"{self.__config['wg-configs']}/dn42_{peering['MNT'][:-4].lower()}.conf", "w") as wg_file: + with open(f"{self.__config['wg-configs']}/dn42_{peering['MNT'][:-4].lower()}_{peering['asn'][-4:]}.conf", "w") as wg_file: wg_file.write(wg_conf) - wg_down = subprocess.run(self.__config["wg-commands"]["down"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + wg_down = subprocess.run(self.__config["wg-commands"]["down"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(wg_down) - wg_up = subprocess.run(self.__config["wg-commands"]["up"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + wg_up = subprocess.run(self.__config["wg-commands"]["up"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(wg_up) time.sleep(5) - with open(f"{self.__config['bird-peers']}/dn42_{peering['MNT'][:-4].lower()}.conf", "w") as bgp_file: + with open(f"{self.__config['bird-peers']}/dn42_{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}.conf", "w") as bgp_file: bgp_file.write(bgp_conf) - bgp_reload = subprocess.run(self.__config["bird-reload"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + bgp_reload = subprocess.run(self.__config["bird-reload"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(bgp_reload) return 200 elif mode == "delete": - os.remove(f"{self.__config['bird-peers']}/dn42_{peering['MNT'][:-4].lower()}.conf") - bgp_reload = subprocess.run(self.__config["bird-reload"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + os.remove(f"{self.__config['bird-peers']}/dn42_{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}.conf") + bgp_reload = subprocess.run(self.__config["bird-reload"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(bgp_reload) time.sleep(5) - wg_down = subprocess.run(self.__config["wg-commands"]["down"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + wg_down = subprocess.run(self.__config["wg-commands"]["down"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(wg_down) - wg_disable = subprocess.run(self.__config["wg-commands"]["disable"].replace("{MNT}",peering['MNT'][:-4].lower()).split(" ")) + wg_disable = subprocess.run(self.__config["wg-commands"]["disable"].replace("{PEERING}",f"{peering['MNT'][:-4].lower()}_{peering['ASN'][-4:]}").split(" ")) print(wg_disable) return 200 diff --git a/nodes/node.config.sample.jsonc b/nodes/node.config.sample.jsonc index b6414e1..e4007f1 100644 --- a/nodes/node.config.sample.jsonc +++ b/nodes/node.config.sample.jsonc @@ -9,11 +9,11 @@ "production": true, //optional, default true; "debug-mode": false, // optional; whethet to enable debugging; default false "wg-configs": "/etc/wireguard/", // optional, default: "/etc/wireguard/"; directory where the wireguard configs are located - "wg-commands": { // {MNT} will get replaced with the lowercase mnter without "-MNT" - "enable": "systemctl enable wg-quick@dn42_{MNT}", //command to execute for enabling the wg-interface - "up": "systemctl start wg-quick@dn42_{MNT}", //command to execute for starting the wg-interface - "down": "systemctl stop wg-quick@dn42_{MNT}", //command to execute for stopping the wg-interface - "disable": "systemctl disable wg-quick@dn42_{MNT}" //command to execute for disabling the wg-interface + "wg-commands": { // {PEERING} will get replaced with the lowercase mnter without "-MNT" followed by the last four digits of the ASn + "enable": "./wg-services.sh enable {PEERING}", //command to execute for enabling the wg-interface + "up": "./wg-services.sh start {PEERING}", //command to execute for starting the wg-interface + "down": "./wg-services.sh stop {PEERING}", //command to execute for stopping the wg-interface + "disable": "./wg-services.sh disable {PEERING}" //command to execute for disabling the wg-interface }, "bird-peers": "/etc/bird/peers/", // optional, default: "/etc/bird/peers/"; directory where bird peers are to be located "bird-reload": "birdc configure", // optional, default: "birdc configure"; command to reconfigure bird or other bgp daemon diff --git a/nodes/templates/bgp-peer.template.conf b/nodes/templates/bgp-peer.template.conf index 6671f56..0a943e4 100644 --- a/nodes/templates/bgp-peer.template.conf +++ b/nodes/templates/bgp-peer.template.conf @@ -1,7 +1,7 @@ {% if peering["bgp_mp"] %} -protocol bgp dn42_{{peering["MNT"][:-4].lower()}} from dnpeers { +protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering["ASN"][-4:]}} from dnpeers { neighbor {{peering["ipv6ll"]}} as {{peering["ASN"]}}; - interface "dn42_{{peering['MNT'][:-4].lower()}}"; + interface "dn42_{{peering['MNT'][:-4].lower()}}_{{peering['ASN'][-4:]}}"; passive off; ipv4 { @@ -20,14 +20,14 @@ protocol bgp dn42_{{peering["MNT"][:-4].lower()}} from dnpeers { }; }; {%else%} -protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_4 from dnpeers { +protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering['ASN'][-4:]}}_4 from dnpeers { neighbor {{peering["ipv4"]}} as {{peering["ASN"]}}; passive off; #import where dn42_import_filter(x,y,z); #export where dn42_export_filter(x,y,z); }; -protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_6 from dnpeers { +protocol bgp dn42_{{peering["MNT"][:-4].lower()}}_{{peering['ASN'][-4:]}}_6 from dnpeers { neighbor {{peering["ipv6"]}} as {{peering["ASN"]}}; passive off; #import where dn42_import_filter(x,y,z);