From 1adf3a92a3c724bdf617a47c9418e42e76aaa5cc Mon Sep 17 00:00:00 2001 From: Keith Whyte Date: Thu, 30 Mar 2023 06:42:12 +0200 Subject: [PATCH] Manage tinc-up script We might want to add routes globally here, so we can avoid nat elsewwhere, Also make sure that the route to DGSM mcast is up if tinc is retarted --- modules/rhizo_base/manifests/init.pp | 7 +++++++ modules/rhizo_base/templates/tinc-up.erb | 4 ++++ 2 files changed, 11 insertions(+) create mode 100644 modules/rhizo_base/templates/tinc-up.erb diff --git a/modules/rhizo_base/manifests/init.pp b/modules/rhizo_base/manifests/init.pp index 1eef2c5..33dcbb0 100644 --- a/modules/rhizo_base/manifests/init.pp +++ b/modules/rhizo_base/manifests/init.pp @@ -686,6 +686,13 @@ schedule { 'never': content => template('rhizo_base/apcupsd.erb'), } + file { '/etc/tinc/rhizomatica/tinc-up': + ensure => 'present', + content => template('rhizo_base/tinc-up.erb'), + owner => 'root', + mode => '750' + } + $comment = $production ? { 0 => '#', 1 => '', diff --git a/modules/rhizo_base/templates/tinc-up.erb b/modules/rhizo_base/templates/tinc-up.erb new file mode 100644 index 0000000..97161c5 --- /dev/null +++ b/modules/rhizo_base/templates/tinc-up.erb @@ -0,0 +1,4 @@ +/sbin/ifconfig $INTERFACE <%= @vpn_ip_address %> netmask 255.255.0.0 +/sbin/ip route add 10.22.0.0/16 via 10.23.0.2 dev rhizomatica +/sbin/ip route add 10.60.0.0/16 via 10.23.0.2 dev rhizomatica +/sbin/ip route add 239.192.23.42 dev rhizomatica