From 5d8432a7d5b50b8ab4dad6d4d0a7e0befb9cca1c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Asbj=C3=B8rn=20Sloth=20T=C3=B8nnesen?= <asbjorn@labitat.dk>
Date: Wed, 6 Sep 2023 17:05:15 +0000
Subject: space_server: add graceful reboot script
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[esmil: call the script just reboot-graceful]
Signed-off-by: Asbjørn Sloth Tønnesen <asbjorn@labitat.dk>
Signed-off-by: Emil Renner Berthing <esmil@labitat.dk>
---
 roles/space_server/files/reboot-graceful.sh | 34 +++++++++++++++++++++++++++++
 roles/space_server/tasks/main.yml           | 10 +++++++++
 2 files changed, 44 insertions(+)
 create mode 100644 roles/space_server/files/reboot-graceful.sh

diff --git a/roles/space_server/files/reboot-graceful.sh b/roles/space_server/files/reboot-graceful.sh
new file mode 100644
index 0000000..3fb117a
--- /dev/null
+++ b/roles/space_server/files/reboot-graceful.sh
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+# Background:
+#   RFC 8327 / BCP 214
+#     Mitigating the Negative Impact of Maintenance through
+#     BGP Session Culling
+#     https://datatracker.ietf.org/doc/html/rfc8327
+
+disable_bgp_local_peers() {
+	# peers that are multi-homed, and wishes advance
+	# notice before reboots, so BGP can do it's thing
+	# and re-route traffic.
+
+	# asbjorn
+	birdc disable asbjorn_ipv4
+	birdc disable asbjorn_ipv6
+}
+
+enable_bgp_culling() {
+	# BGP culling through nftables is assumed
+	# unnecessary at this time, as there properly
+	# aren't any multi-hop sessions routed across
+	# the space server, except maybe BGP.tools feeds.
+	true # implement when needed
+}
+
+disable_bgp_local_peers
+enable_bgp_culling
+
+# wait for routes to be withdrawn and synced
+sleep 5
+
+# reboot system
+exec systemctl reboot
diff --git a/roles/space_server/tasks/main.yml b/roles/space_server/tasks/main.yml
index 829481b..0a9487c 100644
--- a/roles/space_server/tasks/main.yml
+++ b/roles/space_server/tasks/main.yml
@@ -45,6 +45,16 @@
   tags:
   - pam
 
+- name: Add graceful reboot script
+  copy:
+    dest: '/usr/local/sbin/reboot-graceful'
+    src: reboot-graceful.sh
+    owner: root
+    group: root
+    mode: 0755
+  tags:
+  - reboot
+
 - import_tasks: kernel.yml
   tags: kernel
 - import_tasks: gettys.yml
-- 
cgit v1.2.1