From 8d92dc9c821ecba6fafe6d3e9cccb5d02ad79226 Mon Sep 17 00:00:00 2001
From: Markus Hauschild <markus@moepman.eu>
Date: Mon, 22 Jan 2018 21:57:19 +0100
Subject: [PATCH] gre tunnels between gateways

---
 group_vars/all/vars.yml                       | 18 +++++++++++++
 roles/mesh-interfaces/tasks/main.yml          |  4 +++
 .../templates/backbone.conf.j2                | 26 +++++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 roles/mesh-interfaces/templates/backbone.conf.j2

diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
index 46c3ffb..be01623 100644
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@@ -7,6 +7,24 @@ confluence_dbname: confluence
 confluence_dbuser: confluence
 confluence_dbpass: "{{ vault_confluence_dbpass }}"
 
+gre_prefix: 10.90.232.0/24
+gre_matrix:
+# - { id: 1, a: svcs, b: gw11 }
+# - { id: 2, a: svcs, b: gw12 }
+# - { id: 3, a: svcs, b: gw21 }
+# - { id: 4, a: svcs, b: gw22 }
+# - { id: 5, a: svcs, b: gw31 }
+# - { id: 9, a: gw11, b: gw12 }
+ - { id: 10, a: gw11, b: gw21 }
+# - { id: 11, a: gw11, b: gw22 }
+ - { id: 12, a: gw11, b: gw31 }
+# - { id: 17, a: gw12, b: gw21 }
+# - { id: 18, a: gw12, b: gw22 }
+# - { id: 19, a: gw12, b: gw31 }
+# - { id: 25, a: gw21, b: gw22 }
+ - { id: 26, a: gw21, b: gw31 }
+# - { id: 33, a: gw22, b: gw31 }
+
 ntp_servers:
 - 0.de.pool.ntp.org
 - 1.de.pool.ntp.org
diff --git a/roles/mesh-interfaces/tasks/main.yml b/roles/mesh-interfaces/tasks/main.yml
index 6b99f1b..72eb925 100644
--- a/roles/mesh-interfaces/tasks/main.yml
+++ b/roles/mesh-interfaces/tasks/main.yml
@@ -12,3 +12,7 @@
 - name: Configure mesh interfaces
   template: src=mesh.conf.j2 dest=/etc/network/interfaces.d/mesh.conf
   notify: Reload interfaces
+
+- name: Configure backbone interfaces
+  template: src=backbone.conf.j2 dest=/etc/network/interfaces.d/backbone.conf
+  notify: Reload interfaces
diff --git a/roles/mesh-interfaces/templates/backbone.conf.j2 b/roles/mesh-interfaces/templates/backbone.conf.j2
new file mode 100644
index 0000000..0b316bb
--- /dev/null
+++ b/roles/mesh-interfaces/templates/backbone.conf.j2
@@ -0,0 +1,26 @@
+# {{ ansible_managed }}
+
+{% for link in gre_matrix %}
+{% if ansible_hostname.startswith(link.a) or ansible_hostname.startswith(link.b) %}
+{% if ansible_hostname.startswith(link.a) %}
+{% set ifname = "tun-%s" % link.b %}
+{% set address = gre_prefix | ipsubnet(31, link.id * 2) | ipaddr(0) %}
+{% set peer = "%s.%s" % (link.b, site_domain) %}
+{% else %}
+{% set ifname = "tun-%s" % link.a %}
+{% set address = gre_prefix | ipsubnet(31, link.id * 2) | ipaddr(1) %}
+{% set peer = "%s.%s" % (link.a, site_domain) %}
+{% endif %}
+# {{ ifname }}
+auto {{ ifname }}
+iface {{ ifname }} inet tunnel
+	mode		gre
+	local		{{ ansible_default_ipv4.address }}
+	endpoint	{{ peer | resolve('a') }}
+	#
+	address	{{ address }}
+	ttl	64
+	mtu	1400
+
+{% endif %}
+{% endfor %}