From 0a8c59335a7f4e75f085348e125678d05019f147 Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Tue, 28 May 2019 02:09:35 +0300
Subject: [PATCH] add ifstated role and enable it on proxy group

---
 group_vars/proxy.yml                     |  2 ++
 playbooks/proxy.yml                      |  1 +
 roles/ifstated/files/ifstated-proxy.conf |  6 ++++++
 roles/ifstated/handlers/main.yml         |  5 +++++
 roles/ifstated/tasks/main.yml            | 15 +++++++++++++++
 5 files changed, 29 insertions(+)
 create mode 100644 roles/ifstated/files/ifstated-proxy.conf
 create mode 100644 roles/ifstated/handlers/main.yml
 create mode 100644 roles/ifstated/tasks/main.yml

diff --git a/group_vars/proxy.yml b/group_vars/proxy.yml
index 6b4eb21..c1783a1 100644
--- a/group_vars/proxy.yml
+++ b/group_vars/proxy.yml
@@ -37,6 +37,8 @@ network_carp_interfaces:
     pass: "{{ carp154_pass }}"
     advskew: "{{ carp154_advskew }}"
 
+ifstated_config: ifstated-proxy.conf
+
 firewall_raw:
   - pass quick proto carp
 firewall_in:
diff --git a/playbooks/proxy.yml b/playbooks/proxy.yml
index 960236e..601fa32 100644
--- a/playbooks/proxy.yml
+++ b/playbooks/proxy.yml
@@ -11,6 +11,7 @@
 
   roles:
     - base
+    - ifstated
     - nginx/server
     - role: nginx/site
       site: foo.sh
diff --git a/roles/ifstated/files/ifstated-proxy.conf b/roles/ifstated/files/ifstated-proxy.conf
new file mode 100644
index 0000000..b847be4
--- /dev/null
+++ b/roles/ifstated/files/ifstated-proxy.conf
@@ -0,0 +1,6 @@
+
+# flush routes when external carp goes up
+if carp153.link.up
+    run 'route -q flush ; route add default $(cat /etc/mygate)'
+if carp154.link.up
+    run 'route -q flush ; route add default $(cat /etc/mygate)'
diff --git a/roles/ifstated/handlers/main.yml b/roles/ifstated/handlers/main.yml
new file mode 100644
index 0000000..2c4213f
--- /dev/null
+++ b/roles/ifstated/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: restart ifstated
+  service:
+    name: ifstated
+    state: restarted
diff --git a/roles/ifstated/tasks/main.yml b/roles/ifstated/tasks/main.yml
new file mode 100644
index 0000000..27abc1d
--- /dev/null
+++ b/roles/ifstated/tasks/main.yml
@@ -0,0 +1,15 @@
+---
+- name: copy ifstated config
+  copy:
+    dest: /etc/ifstated.conf
+    src: "{{ ifstated_config }}"
+    mode: 0644
+    owner: root
+    group: "{{ ansible_wheel }}"
+  notify: restart ifstated
+
+- name: enable ifstated
+  service:
+    name: ifstated
+    state: started
+    enabled: true