chore(fmt): applied nixfmt
This commit is contained in:
parent
f084f0e1ad
commit
813e4d24a5
3 changed files with 262 additions and 190 deletions
30
default.nix
30
default.nix
|
|
@ -1,4 +1,6 @@
|
||||||
{ pkgs ? (import <nixpkgs> {}) }:
|
{
|
||||||
|
pkgs ? (import <nixpkgs> { }),
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
moduleEX2300 = import ./moduleMaker.nix [
|
moduleEX2300 = import ./moduleMaker.nix [
|
||||||
"ge-0/0/0"
|
"ge-0/0/0"
|
||||||
|
|
@ -62,17 +64,21 @@ let
|
||||||
|
|
||||||
"me0"
|
"me0"
|
||||||
];
|
];
|
||||||
evaluator = name: module_inst:
|
evaluator =
|
||||||
let cfg = pkgs.lib.evalModules {
|
name: module_inst:
|
||||||
specialArgs = { inherit pkgs name; };
|
let
|
||||||
modules = [
|
cfg = pkgs.lib.evalModules {
|
||||||
moduleEX2300
|
specialArgs = {
|
||||||
module_inst
|
inherit pkgs name;
|
||||||
];
|
};
|
||||||
};
|
modules = [
|
||||||
in "ln -s ${cfg.config.deployement.cmd} $out/${name}";
|
moduleEX2300
|
||||||
|
module_inst
|
||||||
|
];
|
||||||
|
};
|
||||||
|
in
|
||||||
|
"ln -s ${cfg.config.deployement.cmd} $out/${name}";
|
||||||
hive = import ./netconf-hive.nix;
|
hive = import ./netconf-hive.nix;
|
||||||
cmds = builtins.attrValues (builtins.mapAttrs evaluator hive);
|
cmds = builtins.attrValues (builtins.mapAttrs evaluator hive);
|
||||||
in
|
in
|
||||||
pkgs.runCommand "netconf-deploy" {}
|
pkgs.runCommand "netconf-deploy" { } (builtins.concatStringsSep "\n" ([ "mkdir $out" ] ++ cmds))
|
||||||
(builtins.concatStringsSep "\n" ([ "mkdir $out" ] ++ cmds))
|
|
||||||
|
|
|
||||||
398
moduleMaker.nix
398
moduleMaker.nix
|
|
@ -1,189 +1,241 @@
|
||||||
interfaces:
|
interfaces:
|
||||||
{ name, lib, pkgs, config, ... }:
|
{
|
||||||
let cfg = config;
|
name,
|
||||||
in with lib; {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
config,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config;
|
||||||
|
in
|
||||||
|
with lib;
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
deployement = {
|
deployement = {
|
||||||
targetHost = mkOption {
|
targetHost = mkOption { type = types.str; };
|
||||||
type = types.str;
|
|
||||||
};
|
|
||||||
cmd = mkOption {
|
cmd = mkOption {
|
||||||
type = types.package;
|
type = types.package;
|
||||||
readOnly = true;
|
readOnly = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
vlans = let
|
vlans =
|
||||||
range_type.options = {
|
let
|
||||||
begin = mkOption { type = types.ints.unsigned; };
|
range_type.options = {
|
||||||
end = mkOption { type = types.ints.unsigned; };
|
begin = mkOption { type = types.ints.unsigned; };
|
||||||
};
|
end = mkOption { type = types.ints.unsigned; };
|
||||||
vlan_type.options = {
|
|
||||||
ids = mkOption {
|
|
||||||
type = types.either
|
|
||||||
types.ints.unsigned
|
|
||||||
(types.listOf (types.either types.ints.unsigned (types.submodule range_type)));
|
|
||||||
default = [ ];
|
|
||||||
};
|
};
|
||||||
management = mkOption {
|
vlan_type.options = {
|
||||||
# FIXME : support ipv4, either static or dhcp (with the coffee)
|
ids = mkOption {
|
||||||
type = types.nullOr types.str;
|
type = types.either types.ints.unsigned (
|
||||||
default = null;
|
types.listOf (types.either types.ints.unsigned (types.submodule range_type))
|
||||||
description = ''
|
);
|
||||||
IP address with wich to permit management on this vlan.
|
default = [ ];
|
||||||
Only one vlan can set an IP (this module limitation, not switch).
|
};
|
||||||
'';
|
management = mkOption {
|
||||||
|
# FIXME : support ipv4, either static or dhcp (with the coffee)
|
||||||
|
type = types.nullOr types.str;
|
||||||
|
default = null;
|
||||||
|
description = ''
|
||||||
|
IP address with wich to permit management on this vlan.
|
||||||
|
Only one vlan can set an IP (this module limitation, not switch).
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
in
|
||||||
in mkOption {
|
mkOption { type = types.attrsOf (types.submodule vlan_type); };
|
||||||
type = types.attrsOf (types.submodule vlan_type);
|
interfaces =
|
||||||
};
|
let
|
||||||
interfaces = let
|
template = name: {
|
||||||
template = name: {
|
enable = mkEnableOption "the interface ${name}";
|
||||||
enable = mkEnableOption "the interface ${name}";
|
interface-mode = mkOption {
|
||||||
interface-mode = mkOption {
|
type = types.nullOr (
|
||||||
type = types.nullOr (types.enum [ "trunk" "access" ]);
|
types.enum [
|
||||||
default = null;
|
"trunk"
|
||||||
|
"access"
|
||||||
|
]
|
||||||
|
);
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
|
vlans = mkOption {
|
||||||
|
type =
|
||||||
|
let
|
||||||
|
vlan_type = types.either (types.strMatching "[^\n\r]+") (types.ints.unsigned);
|
||||||
|
in
|
||||||
|
types.listOf vlan_type;
|
||||||
|
default = [ ];
|
||||||
|
};
|
||||||
|
# TODO: use this option
|
||||||
|
dhcp_trusted = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
};
|
||||||
|
management = mkOption {
|
||||||
|
# FIXME : support ipv6, either static or dhcp (with the coffee)
|
||||||
|
type = types.nullOr types.str;
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
vlans = mkOption {
|
in
|
||||||
type = let
|
builtins.listToAttrs (
|
||||||
vlan_type = types.either (types.strMatching "[^\n\r]+") (types.ints.unsigned);
|
map (name: {
|
||||||
in types.listOf vlan_type;
|
inherit name;
|
||||||
default = [ ];
|
value = template name;
|
||||||
};
|
}) interfaces
|
||||||
# TODO: use this option
|
);
|
||||||
dhcp_trusted = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
};
|
|
||||||
management = mkOption {
|
|
||||||
# FIXME : support ipv6, either static or dhcp (with the coffee)
|
|
||||||
type = types.nullOr types.str;
|
|
||||||
default = null;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
in builtins.listToAttrs (map (name: { inherit name; value = template name; }) interfaces);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config.deployement.cmd = let
|
config.deployement.cmd =
|
||||||
intf_xmlGen = name: let
|
let
|
||||||
disable_flag = if !cfg.interfaces.${name}.enable then "<disable/>" else "";
|
intf_xmlGen =
|
||||||
# FIXME : need to enforce address in reality
|
name:
|
||||||
mgmt_fam = if !builtins.isNull cfg.interfaces.${name}.management then ''
|
let
|
||||||
<inet>
|
disable_flag = if !cfg.interfaces.${name}.enable then "<disable/>" else "";
|
||||||
<address>
|
# FIXME : need to enforce address in reality
|
||||||
<name>${cfg.interfaces.${name}.management}</name>
|
mgmt_fam =
|
||||||
</address>
|
if !builtins.isNull cfg.interfaces.${name}.management then
|
||||||
</inet>'' else "";
|
''
|
||||||
members = map (vlan: "<members>${builtins.toString vlan}</members>") cfg.interfaces.${name}.vlans;
|
<inet>
|
||||||
eth_switch = if builtins.isNull cfg.interfaces.${name}.interface-mode then "" else ''
|
<address>
|
||||||
<ethernet-switching>
|
<name>${cfg.interfaces.${name}.management}</name>
|
||||||
<interface-mode>${cfg.interfaces.${name}.interface-mode}</interface-mode>
|
</address>
|
||||||
<vlan>${builtins.concatStringsSep "" members}</vlan>
|
</inet>''
|
||||||
<storm-control><profile-name>default</profile-name></storm-control>
|
else
|
||||||
</ethernet-switching>'';
|
"";
|
||||||
in ''
|
members = map (vlan: "<members>${builtins.toString vlan}</members>") cfg.interfaces.${name}.vlans;
|
||||||
<interface>
|
eth_switch =
|
||||||
<name>${name}</name>
|
if builtins.isNull cfg.interfaces.${name}.interface-mode then
|
||||||
${disable_flag}
|
""
|
||||||
<unit>
|
else
|
||||||
<name>0</name>
|
''
|
||||||
<family>
|
<ethernet-switching>
|
||||||
${mgmt_fam}
|
<interface-mode>${cfg.interfaces.${name}.interface-mode}</interface-mode>
|
||||||
${eth_switch}
|
<vlan>${builtins.concatStringsSep "" members}</vlan>
|
||||||
</family>
|
<storm-control><profile-name>default</profile-name></storm-control>
|
||||||
</unit>
|
</ethernet-switching>'';
|
||||||
</interface>
|
in
|
||||||
'';
|
''
|
||||||
interface_xmls = map intf_xmlGen interfaces;
|
<interface>
|
||||||
rstp_gen = name:
|
<name>${name}</name>
|
||||||
if cfg.interfaces.${name}.enable && !builtins.isNull cfg.interfaces.${name}.interface-mode then
|
${disable_flag}
|
||||||
"<interface><name>${name}</name></interface>"
|
<unit>
|
||||||
else "";
|
<name>0</name>
|
||||||
rstps = map rstp_gen interfaces;
|
<family>
|
||||||
vlan_trust_table = let
|
${mgmt_fam}
|
||||||
vlan_map = inter: vlan:
|
${eth_switch}
|
||||||
if builtins.isString vlan && cfg.interfaces.${inter}.enable then
|
</family>
|
||||||
if cfg.interfaces.${inter}.dhcp_trusted then
|
</unit>
|
||||||
{ ${vlan}.trust = inter; }
|
</interface>
|
||||||
else
|
'';
|
||||||
{ ${vlan}.notrust = inter; }
|
interface_xmls = map intf_xmlGen interfaces;
|
||||||
|
rstp_gen =
|
||||||
|
name:
|
||||||
|
if cfg.interfaces.${name}.enable && !builtins.isNull cfg.interfaces.${name}.interface-mode then
|
||||||
|
"<interface><name>${name}</name></interface>"
|
||||||
else
|
else
|
||||||
{};
|
"";
|
||||||
int_map = inter: map (vlan_map inter) cfg.interfaces.${inter}.vlans;
|
rstps = map rstp_gen interfaces;
|
||||||
in builtins.zipAttrsWith
|
vlan_trust_table =
|
||||||
(vlan: values: builtins.zipAttrsWith (_: ints: ints ) values)
|
let
|
||||||
(builtins.concatMap int_map interfaces);
|
vlan_map =
|
||||||
vlans = let
|
inter: vlan:
|
||||||
id_map = id: let
|
if builtins.isString vlan && cfg.interfaces.${inter}.enable then
|
||||||
list =
|
if cfg.interfaces.${inter}.dhcp_trusted then
|
||||||
if builtins.isInt id then
|
{ ${vlan}.trust = inter; }
|
||||||
builtins.toString id
|
else
|
||||||
else
|
{ ${vlan}.notrust = inter; }
|
||||||
"${builtins.toString id.begin}-${builtins.toString id.end}";
|
else
|
||||||
in ''<vlan-id-list>${list}</vlan-id-list>'';
|
{ };
|
||||||
vlan_map = vlan: let
|
int_map = inter: map (vlan_map inter) cfg.interfaces.${inter}.vlans;
|
||||||
ids = if !builtins.isList cfg.vlans.${vlan}.ids then
|
in
|
||||||
[ "<vlan-id>${builtins.toString cfg.vlans.${vlan}.ids}</vlan-id>" ]
|
builtins.zipAttrsWith (vlan: values: builtins.zipAttrsWith (_: ints: ints) values) (
|
||||||
else map id_map cfg.vlans.${vlan}.ids;
|
builtins.concatMap int_map interfaces
|
||||||
mgmt_flag = if !builtins.isNull cfg.vlans.${vlan}.management
|
);
|
||||||
then "<l3-interface>irb.0</l3-interface>" else "";
|
vlans =
|
||||||
in ''
|
let
|
||||||
<vlan>
|
id_map =
|
||||||
<name>${vlan}</name>
|
id:
|
||||||
${mgmt_flag}
|
let
|
||||||
${builtins.concatStringsSep "\n" ids}
|
list =
|
||||||
</vlan>'';
|
if builtins.isInt id then
|
||||||
in map vlan_map (builtins.attrNames cfg.vlans);
|
builtins.toString id
|
||||||
irb_intf = let
|
else
|
||||||
addresses = map (vlan: vlan.management) (builtins.attrValues cfg.vlans);
|
"${builtins.toString id.begin}-${builtins.toString id.end}";
|
||||||
addr = builtins.foldl' (acc: addr: if !builtins.isNull addr then addr else acc) null addresses;
|
in
|
||||||
in if !builtins.isNull addr then ''
|
''<vlan-id-list>${list}</vlan-id-list>'';
|
||||||
<interface>
|
vlan_map =
|
||||||
<name>irb</name>
|
vlan:
|
||||||
<unit>
|
let
|
||||||
<name>0</name>
|
ids =
|
||||||
<family>
|
if !builtins.isList cfg.vlans.${vlan}.ids then
|
||||||
<inet6>
|
[ "<vlan-id>${builtins.toString cfg.vlans.${vlan}.ids}</vlan-id>" ]
|
||||||
<address><name>${addr}</name></address>
|
else
|
||||||
</inet6>
|
map id_map cfg.vlans.${vlan}.ids;
|
||||||
</family>
|
mgmt_flag =
|
||||||
</unit>
|
if !builtins.isNull cfg.vlans.${vlan}.management then "<l3-interface>irb.0</l3-interface>" else "";
|
||||||
</interface>
|
in
|
||||||
''
|
''
|
||||||
else "";
|
<vlan>
|
||||||
config = ''
|
<name>${vlan}</name>
|
||||||
<interfaces operation="replace">
|
${mgmt_flag}
|
||||||
${builtins.concatStringsSep "\n" interface_xmls}
|
${builtins.concatStringsSep "\n" ids}
|
||||||
${irb_intf}
|
</vlan>'';
|
||||||
</interfaces>
|
in
|
||||||
<protocols>
|
map vlan_map (builtins.attrNames cfg.vlans);
|
||||||
<rstp operation="replace">
|
irb_intf =
|
||||||
${builtins.concatStringsSep "\n" rstps}
|
let
|
||||||
</rstp>
|
addresses = map (vlan: vlan.management) (builtins.attrValues cfg.vlans);
|
||||||
</protocols>
|
addr = builtins.foldl' (acc: addr: if !builtins.isNull addr then addr else acc) null addresses;
|
||||||
<vlans operation="replace">
|
in
|
||||||
${builtins.concatStringsSep "\n" vlans}
|
if !builtins.isNull addr then
|
||||||
</vlans>
|
''
|
||||||
'';
|
<interface>
|
||||||
rpc_requests = pkgs.writeText "config-${name}_rpc.xml" ''
|
<name>irb</name>
|
||||||
<rpc>
|
<unit>
|
||||||
<edit-config>
|
<name>0</name>
|
||||||
<config>
|
<family>
|
||||||
<configuration>
|
<inet6>
|
||||||
${config}
|
<address><name>${addr}</name></address>
|
||||||
</configuration>
|
</inet6>
|
||||||
</config>
|
</family>
|
||||||
<target>
|
</unit>
|
||||||
<candidate/>
|
</interface>
|
||||||
</target>
|
''
|
||||||
</edit-config>
|
else
|
||||||
</rpc>
|
"";
|
||||||
<rpc>
|
config = ''
|
||||||
<commit/>
|
<interfaces operation="replace">
|
||||||
</rpc>
|
${builtins.concatStringsSep "\n" interface_xmls}
|
||||||
'';
|
${irb_intf}
|
||||||
in pkgs.writeShellScript "deploy-${name}.sh" ''
|
</interfaces>
|
||||||
|
<protocols>
|
||||||
|
<rstp operation="replace">
|
||||||
|
${builtins.concatStringsSep "\n" rstps}
|
||||||
|
</rstp>
|
||||||
|
</protocols>
|
||||||
|
<vlans operation="replace">
|
||||||
|
${builtins.concatStringsSep "\n" vlans}
|
||||||
|
</vlans>
|
||||||
|
'';
|
||||||
|
rpc_requests = pkgs.writeText "config-${name}_rpc.xml" ''
|
||||||
|
<rpc>
|
||||||
|
<edit-config>
|
||||||
|
<config>
|
||||||
|
<configuration>
|
||||||
|
${config}
|
||||||
|
</configuration>
|
||||||
|
</config>
|
||||||
|
<target>
|
||||||
|
<candidate/>
|
||||||
|
</target>
|
||||||
|
</edit-config>
|
||||||
|
</rpc>
|
||||||
|
<rpc>
|
||||||
|
<commit/>
|
||||||
|
</rpc>
|
||||||
|
'';
|
||||||
|
in
|
||||||
|
pkgs.writeShellScript "deploy-${name}.sh" ''
|
||||||
${pkgs.openssh}/bin/ssh ${cfg.deployement.targetHost} -p 830 -s netconf < ${rpc_requests}
|
${pkgs.openssh}/bin/ssh ${cfg.deployement.targetHost} -p 830 -s netconf < ${rpc_requests}
|
||||||
''
|
'';
|
||||||
;
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -7,21 +7,30 @@ let
|
||||||
management = mgmt;
|
management = mgmt;
|
||||||
};
|
};
|
||||||
"admin-ap".ids = 3001;
|
"admin-ap".ids = 3001;
|
||||||
"users".ids = [ { begin = 3045; end = 4094; } ];
|
"users".ids = [
|
||||||
|
{
|
||||||
|
begin = 3045;
|
||||||
|
end = 4094;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
"ap-staging".ids = 2000;
|
"ap-staging".ids = 2000;
|
||||||
};
|
};
|
||||||
AP = {
|
AP = {
|
||||||
enable = true;
|
enable = true;
|
||||||
interface-mode = "trunk";
|
interface-mode = "trunk";
|
||||||
vlans = [ "users" "admin-ap" ];
|
vlans = [
|
||||||
|
"users"
|
||||||
|
"admin-ap"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
AP-staging = {
|
AP-staging = {
|
||||||
enable = true;
|
enable = true;
|
||||||
interface-mode = "access";
|
interface-mode = "access";
|
||||||
vlans = [ "ap-staging" ];
|
vlans = [ "ap-staging" ];
|
||||||
};
|
};
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
netcore01 = {
|
netcore01 = {
|
||||||
deployement.targetHost = "jourdan01.dgn";
|
deployement.targetHost = "jourdan01.dgn";
|
||||||
|
|
||||||
|
|
@ -40,7 +49,8 @@ in {
|
||||||
vlans = [ "admin-core" ];
|
vlans = [ "admin-core" ];
|
||||||
};
|
};
|
||||||
"ge-0/0/43" = AP-staging;
|
"ge-0/0/43" = AP-staging;
|
||||||
"ge-0/0/47" = { # ilo
|
"ge-0/0/47" = {
|
||||||
|
# ilo
|
||||||
enable = true;
|
enable = true;
|
||||||
interface-mode = "access";
|
interface-mode = "access";
|
||||||
vlans = [ "admin-core" ];
|
vlans = [ "admin-core" ];
|
||||||
|
|
@ -55,7 +65,11 @@ in {
|
||||||
"xe-0/1/1" = {
|
"xe-0/1/1" = {
|
||||||
enable = true;
|
enable = true;
|
||||||
interface-mode = "trunk";
|
interface-mode = "trunk";
|
||||||
vlans = [ "users" "admin-ap" "admin-core" ];
|
vlans = [
|
||||||
|
"users"
|
||||||
|
"admin-ap"
|
||||||
|
"admin-core"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
"ge-0/1/3" = {
|
"ge-0/1/3" = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue