add dnsmasq

Signed-off-by: GnomeZworc <nicolas.boufidjeline@g3e.fr>

tasks/main.yml

@@ -30,3 +30,13 @@
     user: "root"
     minute: "*/5"
     job: "cd /opt/two && git pull > /var/log/git-pull.log 2>&1"
+
+- name: deploy dnsmasq
+  ansible.builtin.template:
+    src: etc/systemd/system/dnsmasq.j2
+    dest: "/etc/systemd/system/dnsmasq@.service"
+
+- name: deploy dnsmasq in netns
+  ansible.builtin.template:
+    src: usr/local/bin/run-dnsmasq-in-netns.sh.j2
+    dest: "/usr/local/bin/run-dnsmasq-in-netns.sh"

templates/etc/systemd/system/dnsmasq.j2

@@ -0,0 +1,11 @@
+[Unit]
+Description=dnsmasq in netns %i
+After=network.target
+
+[Service]
+Type=simple
+ExecStart=/usr/local/bin/run-dnsmasq-in-netns.sh %i
+ExecStopPost=/bin/rm -f /run/dnsmasq-%i.pid
+
+[Install]
+WantedBy=multi-user.target

templates/usr/local/bin/run-dnsmasq-in-netns.sh.j2

@@ -0,0 +1,21 @@
+#!/bin/bash
+set -e
+
+# Expects one argument: netns_bridge (e.g. vpc-00003_br-00002 or vpc1_br0)
+arg="$1"
+NETNS="${arg%%_*}"
+BRIDGE="${arg#*_}"
+
+echo "start ${NETNS} ${BRIDGE}"
+
+exec ip netns exec "$NETNS" \
+  dnsmasq \
+    --no-daemon \
+    --interface="$BRIDGE" \
+    --bind-interfaces \
+    --pid-file="/run/dnsmasq-$arg.pid" \
+    --conf-file="/etc/dnsmasq.d/$arg.conf" \
+    --no-hosts \
+    --no-resolv \
+    --log-facility="/var/log/dnsmasq-$arg.log" \
+    --no-daemon -p0