{"id":38111050,"url":"https://github.com/matan129/dn42","last_synced_at":"2026-01-16T21:59:11.677Z","repository":{"id":91137752,"uuid":"461562325","full_name":"matan129/dn42","owner":"matan129","description":"Baby Internet","archived":false,"fork":false,"pushed_at":"2022-05-08T19:45:27.000Z","size":80,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-01-26T08:45:37.456Z","etag":null,"topics":["ansible","bgp","bird","dn42","looking-glass","networking"],"latest_commit_sha":null,"homepage":"https://lg.dn42.matan.cloud","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/matan129.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-02-20T17:27:41.000Z","updated_at":"2023-06-16T10:07:46.000Z","dependencies_parsed_at":"2023-03-14T19:30:37.638Z","dependency_job_id":null,"html_url":"https://github.com/matan129/dn42","commit_stats":{"total_commits":40,"total_committers":2,"mean_commits":20.0,"dds":"0.050000000000000044","last_synced_commit":"6c1af79db4ad154bbfafd7b6e0517e09191b9d5d"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/matan129/dn42","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matan129%2Fdn42","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matan129%2Fdn42/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matan129%2Fdn42/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matan129%2Fdn42/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/matan129","download_url":"https://codeload.github.com/matan129/dn42/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matan129%2Fdn42/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28484530,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","bgp","bird","dn42","looking-glass","networking"],"created_at":"2026-01-16T21:59:11.002Z","updated_at":"2026-01-16T21:59:11.669Z","avatar_url":"https://github.com/matan129.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DN42 Setup\n\nThis repo contains tooling to set up my DN42 AS, AS4242420906 (aka `PASTEN-NET`).\n\n[**Looking Glass**](https://lg.dn42.matan.cloud)\n\nThe stack is -\n\n* Bird2\n* Multiple peers over Wireguard\n* ROA checks, periodically updated\n* Full support for DN42 HTTPS\n* Full support for DN42 DNS with Bind9\n* Looking Glass ([bird-lg-go](https://github.com/xddxdd/bird-lg-go) by xddxdd) + [Caddy](https://caddyserver.com/) reverse proxy with [Let's Encrypt](https://letsencrypt.org/) TLS\n\nUnsupported things for now:\n* IPv6\n* Non-Wireguard peers\n* Babel/OSPF\n\nThis setup is tested with Ubuntu Server 22.04 LTS.\n\nInside the `ansible` dir you'll find all the roles and playbooks, in standard Ansible layout.\nThere's a handy `Makefile` to simplify the commands.\n\n## Using this for your own AS\n\nIf you want to run this repo for your own AS, you'll have to change these files:\n* [inventory](https://github.com/matan129/dn42/blob/master/ansible/inventory) - change to your own hosts. `spanner` is just a nickname of my server, you can change it as well.\n* [as.yml](https://github.com/matan129/dn42/blob/master/ansible/group_vars/all/as.yml) - holds your ASN and your CIDR blocks.\n* [peers.yml](https://github.com/matan129/dn42/blob/master/ansible/host_vars/spanner/peers.yml) \u0026 [spanner.yml](https://github.com/matan129/dn42/blob/master/ansible/host_vars/spanner/spanner.yml) - `internal_ip` is the DN42 IP of your node. The rest is details about the peered ASes. \n* [wireguard.yml](https://github.com/matan129/dn42/blob/master/ansible/host_vars/spanner/wireguard.yml) - use your private Wireguard key (all the peers are configured with the corresponding public key).\n* ~~[dn42_deploy](https://github.com/matan129/dn42/blob/master/ansible/roles/clone_registry/files/dn42_deploy) - this is an SSH key that's used to clone the [DN42 registry](https://git.dn42.dev/). The clone is used to generate ROA files for Bird. So, sign up for the registry and use your own SSH key.~~\n  Currently, we use Burble's ROA endpoint so this key is not needed for now.\n\nUse `ansible-vault` to encrypt the private keys. \n\n### [Makefile](https://github.com/matan129/dn42/blob/master/ansible/Makefile) Targets\n\n\n* `play-\u003cPLAYBOOK NAME\u003e` - see each playbook for reference\n\nUtils:\n* `print-pubkeys` - extracts the Wireguard public keys from the `wg_private_key` hostvar (i.e. [wireguard.yml](https://github.com/matan129/dn42/blob/master/ansible/host_vars/spanner/wireguard.yml)).\n* `encrypt-string` / `encrypt-file` - uses `ansible-vault` to encrypt content.\n\n### Environment Variables\nThe makefile needs these environment variables:\n\n* `VAULT_PASS_COMMAND` - Used to echo the `ansible-vault` password. For example `echo my-secret-password` or `lpass show ...` (if using Lastpass).\n* `ANSIBLE_PLAYBOOK_ARGS` (optional) - extra args for `ansible-playbook`, like `--private-key /path/to/key`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatan129%2Fdn42","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatan129%2Fdn42","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatan129%2Fdn42/lists"}