-class roles::bgp {
- $bgp_peers = $::hostname ? {
- bilbao => '2001:41c9:2:13c::/128 89.16.162.0/32',
- boman => '',
- default => undef,
- }
+class roles::bgp(
+ Array[Stdlib::IP::Address] $peers,
+){
+ ferm::rule::simple { 'dsa-bgp':
+ description => 'Allow BGP from peers',
+ port => 'bgp',
+ saddr => $peers,
+ }
- if ! $bgp_peers {
- fail("Do not have bgp_peers set for $::hostname.")
- }
-
- @ferm::rule { 'dsa-bgp':
- description => 'Allow BGP from peers',
- domain => '(ip ip6)',
- rule => "&SERVICE_RANGE(tcp, bgp, ($bgp_peers))"
- }
+ file { '/etc/network/interfaces.d/anycasted':
+ content => template('roles/anycast/interfaces.erb')
+ }
}