An Ansible role to install and configure Pathvector & Bird (Bird2 or Bird3) from official CZ.NIC repositories with automatic UniFi detection and support.
- Installs Bird2 or Bird3 from official CZ.NIC repositories
- Automatic OS detection (Debian/Ubuntu) with proper repository configuration
- Automatic detection of UniFi vs standard Debian systems
- Persistent UniFi on-boot scripts that survive firmware updates
- Standard APT installation for Debian/Ubuntu systems
- BGP AS-path prepend optimization script
- Support for mixed infrastructure (UniFi + Debian in same playbook)
- Supported Systems:
- Debian 11 (Bullseye), 12 (Bookworm)
- Ubuntu 22.04 (Jammy), 24.04 (Noble)
- UniFi devices with 4.x firmware and
/data/on_boot.d/support installed via unifios-utilities
- Ansible: 2.9+
- Python: 3.6+ (with
requests,ipaddress,ruamel.yamlfor prepend script)
ansible-galaxy role install unredacted.pathvector---
- hosts: routers
become: yes
roles:
- unredacted.pathvectorThe role automatically detects if it's running on a UniFi system or standard Debian/Ubuntu.
Place your Pathvector configuration files in your playbook's files/ directory:
playbook/
└── files/
├── router1.yml
├── router2.yml
└── unifi-gateway.yml
Files should be named after the inventory hostname (e.g., router1.yml for host router1).
# files/router1.yml
asn: 65001
router-id: 192.168.1.1
source4: 203.0.113.1
source6: 2001:db8::1
prefixes:
- 203.0.113.0/24
- 2001:db8::/32
rtr-server: rtr.rpki.cloudflare.com:8282
templates:
upstream:
interpret-communities: true
filter-max-prefix: true
filter-rpki: true
filter-bogon-routes: true
filter-bogon-asns: true
peers:
cogent:
asn: 174
template: upstream
neighbors:
- 38.140.0.1
- 2001:550:1::1bird_version: "bird2" # Choose "bird2" or "bird3"
bird_install_from_official: true # Install from CZ.NIC official repos
bird_gpg_key_url: "https://pkg.labs.nic.cz/gpg" # CZ.NIC GPG key URLpathvector_config_path: "/etc/pathvector.yml" # Config destination
pathvector_debug: false # Enable debug output
pathvector_run_script: false # Run prepend optimization
pathvector_script_flags: "" # Prepend script flagspathvector_unifi_script_name: "1-unifi-pathvector-setup.sh" # On-boot script name
pathvector_unifi_run_immediately: false # Install immediately
pathvector_unifi_autostart_services: false # Auto-start servicespathvector_pgp_key_url: "https://repo.pathvector.io/pgp.asc"
pathvector_repo_url: "https://repo.pathvector.io/apt/"
pathvector_repo_dist: "stable"
pathvector_repo_component: "main"- Bird: Official CZ.NIC Labs packages from https://pkg.labs.nic.cz/
- GPG Key fingerprint:
9C71 D59C D4CE 8BD2 966A 7A3E AB6A 3031 2401 9B64
- GPG Key fingerprint:
- Pathvector: Official packages from https://repo.pathvector.io/
- Deploys a persistent on-boot script to
/data/on_boot.d/ - Copies your configuration to
/data/on_boot.d/pathvector.yml - On boot, the script:
- Installs bird2 and pathvector (if needed)
- Copies config from persistent storage to
/etc/ - Runs
pathvector generate - Logs to
/var/log/unifi-pathvector-setup.log
- Adds CZ.NIC official Bird repository (configures based on OS release)
- Adds Pathvector repository
- Installs chosen Bird version (bird2 or bird3) and pathvector packages
- Deploys configuration to
/etc/pathvector.yml - Starts and enables bird service
- hosts: routers
become: yes
roles:
- unredacted.pathvector
vars:
bird_version: "bird3"- hosts: routers
become: yes
roles:
- unredacted.pathvector
vars:
bird_install_from_official: false # Will use distro's bird2 package- hosts: unifi_devices
become: yes
roles:
- unredacted.pathvector
vars:
pathvector_unifi_run_immediately: true
pathvector_unifi_autostart_services: true- hosts: routers
become: yes
roles:
- unredacted.pathvector
vars:
pathvector_run_script: true
pathvector_script_flags: "--prepends 2,1,0 --ignore router1.yml"# Works automatically with both UniFi and Debian hosts
- hosts: all_routers
become: yes
roles:
- unredacted.pathvectorpathvector_debug: trueGPL-3.0
Zach - Unredacted
