From 458cd1cf581f8a366612e7e6dee68286d5fff81a Mon Sep 17 00:00:00 2001 From: catvayor Date: Sun, 28 Apr 2024 22:58:42 +0200 Subject: [PATCH 1/6] feat(interfaces): Refactored --- junos/interfaces.nix | 128 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) create mode 100644 junos/interfaces.nix diff --git a/junos/interfaces.nix b/junos/interfaces.nix new file mode 100644 index 0000000..f5094a8 --- /dev/null +++ b/junos/interfaces.nix @@ -0,0 +1,128 @@ +{ lib, config, ... }: +with lib; +let + interface = + { name, config, ... }: + let + intf-name = name; + unit = + { name, config, ... }: + { + options = { + enable = mkEnableOption "the logical interface ${intf-name}.${name}" // { default = true; }; + family = { + ethernet-switching = { + enable = mkEnableOption "the ethernet on the logical interface ${intf-name}.${name}"; + interface-mode = mkOption { + type = types.nullOr ( + types.enum [ + "trunk" + "access" + ] + ); + default = null; + }; + vlans = mkOption { + type = types.listOf (types.either types.str types.ints.unsigned); + default = [ ]; + }; + }; + #TODO : DHCP + inet = { + enable = mkEnableOption "the IPv4 configuration of the logical interface ${intf-name}.${name}"; + address = mkOption { + type = types.listOf types.str; + default = [ ]; + }; + }; + inet6 = { + enable = mkEnableOption "the IPv6 configuration of the logical interface ${intf-name}.${name}"; + address = mkOption { + type = types.listOf types.str; + default = [ ]; + }; + }; + }; + xml = mkOption { + type = types.str; + visible = false; + readOnly = true; + }; + }; + config.xml = + let + members = map ( + vlan: "${builtins.toString vlan}" + ) config.family.ethernet-switching.vlans; + eth = optionalString config.family.ethernet-switching.enable '' + + ${config.family.ethernet-switching.interface-mode} + ${builtins.concatStringsSep "" members} + default + + ''; + + addr4 = map (addr: "${addr}") config.family.inet.address; + inet = optionalString config.family.inet.enable '' + +
${builtins.concatStringsSep "" addr4}
+ + ''; + + addr6 = map (addr: "${addr}") config.family.inet6.address; + inet6 = optionalString config.family.inet6.enable '' + +
${builtins.concatStringsSep "" addr6}
+ + ''; + in + '' + + ${name} + ${optionalString (!config.enable) ""} + + ${eth}${inet}${inet6} + + ''; + }; + in + { + options = { + enable = mkEnableOption "the physical interface ${intf-name}"; + unit = mkOption { type = types.attrsOf (types.submodule unit); default = {}; }; + xml = mkOption { + type = types.str; + visible = false; + readOnly = true; + }; + }; + config.xml = + let + units = attrsets.mapAttrsToList (_: unit: unit.xml) config.unit; + in + '' + + ${name} + ${optionalString (!config.enable) ""} + ${builtins.concatStringsSep "" units} + + ''; + }; +in +{ + options = { + interfaces = mkOption { type = types.attrsOf (types.submodule interface); }; + netconf.xmls.interfaces = mkOption { + type = types.str; + visible = false; + readOnly = true; + }; + }; + config.netconf.xmls.interfaces = '' + + ${ + builtins.concatStringsSep "" (attrsets.mapAttrsToList (_: intf: intf.xml) config.interfaces) + } + + ''; +} From 887dbbc6c8faa6cb187f4679025429f2d72786d6 Mon Sep 17 00:00:00 2001 From: catvayor Date: Mon, 29 Apr 2024 15:47:03 +0200 Subject: [PATCH 2/6] feat(vlans): Refactor --- junos/vlans.nix | 74 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 junos/vlans.nix diff --git a/junos/vlans.nix b/junos/vlans.nix new file mode 100644 index 0000000..805c7fb --- /dev/null +++ b/junos/vlans.nix @@ -0,0 +1,74 @@ +{ lib, config, ... }: +with lib; +let + vlan = + { name, config, ... }: + { + options = { + id = mkOption { + type = types.nullOr types.ints.unsigned; + default = null; + }; + id-list = mkOption { + type = + let + range_type = + { config, ... }: + { + config.__toString = _: "${toString config.begin}-${toString config.end}"; + options = { + begin = mkOption { type = types.ints.unsigned; }; + end = mkOption { type = types.ints.unsigned; }; + __toString = mkOption { + visible = false; + internal = true; + readOnly = true; + type = types.unspecified; + }; + }; + }; + in + types.listOf (types.either types.ints.unsigned (types.submodule range_type)); + default = [ ]; + }; + l3-interface = mkOption { + type = types.nullOr types.str; + default = null; + }; + xml = mkOption { + type = types.str; + readOnly = true; + visible = false; + }; + }; + config.xml = + let + id = optionalString (!isNull config.id) "${toString config.id}"; + id-list = concatStringsSep "" (map (vlan: "${toString vlan}") config.id-list); + l3-intf = optionalString ( + !isNull config.l3-interface + ) "${config.l3-interface}"; + in + '' + + ${name} + ${id}${id-list}${l3-intf} + + ''; + }; +in +{ + options = { + vlans = mkOption { type = types.attrsOf (types.submodule vlan); }; + netconf.xmls.vlans = mkOption { + type = types.str; + visible = false; + readOnly = true; + }; + }; + config.netconf.xmls.vlans = '' + + ${builtins.concatStringsSep "" (attrsets.mapAttrsToList (_: vlan: vlan.xml) config.vlans)} + + ''; +} From 5018ab847cf19546bafa38a5fc6d05f088063e59 Mon Sep 17 00:00:00 2001 From: catvayor Date: Tue, 30 Apr 2024 16:47:55 +0200 Subject: [PATCH 3/6] feat(protocols): Refactor --- junos/protocols.nix | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 junos/protocols.nix diff --git a/junos/protocols.nix b/junos/protocols.nix new file mode 100644 index 0000000..334d6d5 --- /dev/null +++ b/junos/protocols.nix @@ -0,0 +1,23 @@ +{ lib, config, ... }: +with lib; +{ + options = { + protocols.rstp = mkOption { type = types.listOf types.str; }; + netconf.xmls.protocols = mkOption { + type = types.str; + visible = false; + readOnly = true; + }; + }; + config.netconf.xmls.protocols = + let + rstps = map (intf: "${intf}") config.protocols.rstp; + in + '' + + + ${concatStringsSep "" rstps} + + + ''; +} From 986d814c650708c68f2a9c545f015b8937d27225 Mon Sep 17 00:00:00 2001 From: catvayor Date: Tue, 30 Apr 2024 20:08:07 +0200 Subject: [PATCH 4/6] feat(rpc): Finished refactor --- default.nix | 107 ++++++++------------ ex2300.nix | 62 ++++++++++++ junos/default.nix | 36 +++++++ moduleMaker.nix | 241 ---------------------------------------------- netconf-hive.nix | 141 ++++++++++++++++++--------- 5 files changed, 233 insertions(+), 354 deletions(-) create mode 100644 ex2300.nix create mode 100644 junos/default.nix delete mode 100644 moduleMaker.nix diff --git a/default.nix b/default.nix index affa43f..fb4a671 100644 --- a/default.nix +++ b/default.nix @@ -2,82 +2,59 @@ pkgs ? (import { }), }: let - moduleEX2300 = import ./moduleMaker.nix [ - "ge-0/0/0" - "ge-0/0/1" - "ge-0/0/2" - "ge-0/0/3" - "ge-0/0/4" - "ge-0/0/5" - "ge-0/0/6" - "ge-0/0/7" - "ge-0/0/8" - "ge-0/0/9" - "ge-0/0/10" - "ge-0/0/11" - "ge-0/0/12" - "ge-0/0/13" - "ge-0/0/14" - "ge-0/0/15" - "ge-0/0/16" - "ge-0/0/17" - "ge-0/0/18" - "ge-0/0/19" - "ge-0/0/20" - "ge-0/0/21" - "ge-0/0/22" - "ge-0/0/23" - "ge-0/0/24" - "ge-0/0/25" - "ge-0/0/26" - "ge-0/0/27" - "ge-0/0/28" - "ge-0/0/29" - "ge-0/0/30" - "ge-0/0/31" - "ge-0/0/32" - "ge-0/0/33" - "ge-0/0/34" - "ge-0/0/35" - "ge-0/0/36" - "ge-0/0/37" - "ge-0/0/38" - "ge-0/0/39" - "ge-0/0/40" - "ge-0/0/41" - "ge-0/0/42" - "ge-0/0/43" - "ge-0/0/44" - "ge-0/0/45" - "ge-0/0/46" - "ge-0/0/47" - - "ge-0/1/0" - "ge-0/1/1" - "ge-0/1/2" - "ge-0/1/3" - - "xe-0/1/0" - "xe-0/1/1" - "xe-0/1/2" - "xe-0/1/3" - - "me0" - ]; + lib = pkgs.lib; + hive_mod = { lib, config, name, ... }: with lib; { + options.deployment = { + targetHost = mkOption { type = types.str; }; + rpc = mkOption { + type = types.package; + readOnly = true; + }; + cmd = mkOption { + type = types.package; + readOnly = true; + }; + }; + config.deployment = rec { + rpc = + pkgs.writeText "config-${name}_rpc.xml" '' + + + + ${config.netconf.xmls.configuration} + + + + + + + + + + ''; + cmd = pkgs.writeShellApplication { + name = "deploy-${name}.sh"; + runtimeInputs = with pkgs; [ openssh ]; + text = ''ssh "${config.deployment.targetHost}" -p 830 -s netconf < ${rpc}''; + }; + }; + }; evaluator = name: module_inst: let cfg = pkgs.lib.evalModules { specialArgs = { - inherit pkgs name; + inherit name; }; modules = [ - moduleEX2300 + ./junos + ./ex2300.nix + hive_mod module_inst ]; }; in - "ln -s ${cfg.config.deployement.cmd} $out/${name}"; + "ln -s ${lib.getExe cfg.config.deployment.cmd} $out/${name}"; hive = import ./netconf-hive.nix; cmds = builtins.attrValues (builtins.mapAttrs evaluator hive); in diff --git a/ex2300.nix b/ex2300.nix new file mode 100644 index 0000000..4165b46 --- /dev/null +++ b/ex2300.nix @@ -0,0 +1,62 @@ +{ + netconf.mandatoryInterfaces = [ + "ge-0/0/0" + "ge-0/0/1" + "ge-0/0/2" + "ge-0/0/3" + "ge-0/0/4" + "ge-0/0/5" + "ge-0/0/6" + "ge-0/0/7" + "ge-0/0/8" + "ge-0/0/9" + "ge-0/0/10" + "ge-0/0/11" + "ge-0/0/12" + "ge-0/0/13" + "ge-0/0/14" + "ge-0/0/15" + "ge-0/0/16" + "ge-0/0/17" + "ge-0/0/18" + "ge-0/0/19" + "ge-0/0/20" + "ge-0/0/21" + "ge-0/0/22" + "ge-0/0/23" + "ge-0/0/24" + "ge-0/0/25" + "ge-0/0/26" + "ge-0/0/27" + "ge-0/0/28" + "ge-0/0/29" + "ge-0/0/30" + "ge-0/0/31" + "ge-0/0/32" + "ge-0/0/33" + "ge-0/0/34" + "ge-0/0/35" + "ge-0/0/36" + "ge-0/0/37" + "ge-0/0/38" + "ge-0/0/39" + "ge-0/0/40" + "ge-0/0/41" + "ge-0/0/42" + "ge-0/0/43" + "ge-0/0/44" + "ge-0/0/45" + "ge-0/0/46" + "ge-0/0/47" + + "ge-0/1/0" + "ge-0/1/1" + "ge-0/1/2" + "ge-0/1/3" + + "xe-0/1/0" + "xe-0/1/1" + "xe-0/1/2" + "xe-0/1/3" + ]; +} diff --git a/junos/default.nix b/junos/default.nix new file mode 100644 index 0000000..a8e2e45 --- /dev/null +++ b/junos/default.nix @@ -0,0 +1,36 @@ +{ + name, + lib, + config, + ... +}: +with lib; +{ + imports = [ + ./protocols.nix + ./interfaces.nix + ./vlans.nix + ]; + options = { + netconf.xmls.configuration = mkOption { + type = types.str; + readOnly = true; + }; + netconf.mandatoryInterfaces = mkOption { type = types.listOf types.str; }; + }; + config.interfaces = + let + mkIntf = name: { + inherit name; + value.enable = mkDefault false; + }; + in + listToAttrs (map mkIntf config.netconf.mandatoryInterfaces); + config.netconf.xmls.configuration = '' + + ${config.netconf.xmls.interfaces} + ${config.netconf.xmls.protocols} + ${config.netconf.xmls.vlans} + + ''; +} diff --git a/moduleMaker.nix b/moduleMaker.nix deleted file mode 100644 index dfbe1c5..0000000 --- a/moduleMaker.nix +++ /dev/null @@ -1,241 +0,0 @@ -interfaces: -{ - name, - lib, - pkgs, - config, - ... -}: -let - cfg = config; -in -with lib; -{ - options = { - deployement = { - targetHost = mkOption { type = types.str; }; - cmd = mkOption { - type = types.package; - readOnly = true; - }; - }; - vlans = - let - range_type.options = { - begin = mkOption { type = types.ints.unsigned; }; - end = mkOption { type = types.ints.unsigned; }; - }; - vlan_type.options = { - ids = mkOption { - type = types.either types.ints.unsigned ( - types.listOf (types.either types.ints.unsigned (types.submodule range_type)) - ); - default = [ ]; - }; - management = mkOption { - # FIXME : support ipv4, either static or dhcp (with the coffee) - type = types.nullOr types.str; - default = null; - description = '' - IP address with wich to permit management on this vlan. - Only one vlan can set an IP (this module limitation, not switch). - ''; - }; - }; - in - mkOption { type = types.attrsOf (types.submodule vlan_type); }; - interfaces = - let - template = name: { - enable = mkEnableOption "the interface ${name}"; - interface-mode = mkOption { - type = types.nullOr ( - types.enum [ - "trunk" - "access" - ] - ); - default = null; - }; - vlans = mkOption { - type = - let - vlan_type = types.either (types.strMatching "[^\n\r]+") (types.ints.unsigned); - in - types.listOf vlan_type; - default = [ ]; - }; - # TODO: use this option - dhcp_trusted = mkOption { - type = types.bool; - default = false; - }; - management = mkOption { - # FIXME : support ipv6, either static or dhcp (with the coffee) - type = types.nullOr types.str; - default = null; - }; - }; - in - builtins.listToAttrs ( - map (name: { - inherit name; - value = template name; - }) interfaces - ); - }; - - config.deployement.cmd = - let - intf_xmlGen = - name: - let - disable_flag = if !cfg.interfaces.${name}.enable then "" else ""; - # FIXME : need to enforce address in reality - mgmt_fam = - if !builtins.isNull cfg.interfaces.${name}.management then - '' - -
- ${cfg.interfaces.${name}.management} -
- '' - else - ""; - members = map (vlan: "${builtins.toString vlan}") cfg.interfaces.${name}.vlans; - eth_switch = - if builtins.isNull cfg.interfaces.${name}.interface-mode then - "" - else - '' - - ${cfg.interfaces.${name}.interface-mode} - ${builtins.concatStringsSep "" members} - default - ''; - in - '' - - ${name} - ${disable_flag} - - 0 - - ${mgmt_fam} - ${eth_switch} - - - - ''; - interface_xmls = map intf_xmlGen interfaces; - rstp_gen = - name: - if cfg.interfaces.${name}.enable && !builtins.isNull cfg.interfaces.${name}.interface-mode then - "${name}" - else - ""; - rstps = map rstp_gen interfaces; - vlan_trust_table = - let - vlan_map = - inter: vlan: - if builtins.isString vlan && cfg.interfaces.${inter}.enable then - if cfg.interfaces.${inter}.dhcp_trusted then - { ${vlan}.trust = inter; } - else - { ${vlan}.notrust = inter; } - else - { }; - int_map = inter: map (vlan_map inter) cfg.interfaces.${inter}.vlans; - in - builtins.zipAttrsWith (vlan: values: builtins.zipAttrsWith (_: ints: ints) values) ( - builtins.concatMap int_map interfaces - ); - vlans = - let - id_map = - id: - let - list = - if builtins.isInt id then - builtins.toString id - else - "${builtins.toString id.begin}-${builtins.toString id.end}"; - in - ''${list}''; - vlan_map = - vlan: - let - ids = - if !builtins.isList cfg.vlans.${vlan}.ids then - [ "${builtins.toString cfg.vlans.${vlan}.ids}" ] - else - map id_map cfg.vlans.${vlan}.ids; - mgmt_flag = - if !builtins.isNull cfg.vlans.${vlan}.management then "irb.0" else ""; - in - '' - - ${vlan} - ${mgmt_flag} - ${builtins.concatStringsSep "\n" ids} - ''; - in - map vlan_map (builtins.attrNames cfg.vlans); - irb_intf = - let - addresses = map (vlan: vlan.management) (builtins.attrValues cfg.vlans); - addr = builtins.foldl' (acc: addr: if !builtins.isNull addr then addr else acc) null addresses; - in - if !builtins.isNull addr then - '' - - irb - - 0 - - -
${addr}
- - - - - '' - else - ""; - config = '' - - ${builtins.concatStringsSep "\n" interface_xmls} - ${irb_intf} - - - - ${builtins.concatStringsSep "\n" rstps} - - - - ${builtins.concatStringsSep "\n" vlans} - - ''; - rpc_requests = pkgs.writeText "config-${name}_rpc.xml" '' - - - - - ${config} - - - - - - - - - - - ''; - in - pkgs.writeShellScript "deploy-${name}.sh" '' - ${pkgs.openssh}/bin/ssh ${cfg.deployement.targetHost} -p 830 -s netconf < ${rpc_requests} - ''; -} diff --git a/netconf-hive.nix b/netconf-hive.nix index 4a531ea..0dbfe68 100644 --- a/netconf-hive.nix +++ b/netconf-hive.nix @@ -1,40 +1,60 @@ let - vlansPlan = mgmt: { - "uplink-cri".ids = 223; + vlansPlan = { + "uplink-cri".id = 223; "admin-core" = { - ids = 3000; - management = mgmt; + id = 3000; + l3-interface = "irb.0"; }; - "admin-ap".ids = 3001; - "users".ids = [ + "admin-ap".id = 3001; + "users".id-list = [ { begin = 3045; end = 4094; } ]; - "ap-staging".ids = 2000; + "ap-staging".id = 2000; }; AP = { enable = true; - interface-mode = "trunk"; - vlans = [ - "users" - "admin-ap" - ]; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "trunk"; + vlans = [ + "users" + "admin-ap" + ]; + }; }; AP-staging = { enable = true; - interface-mode = "access"; - vlans = [ "ap-staging" ]; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "access"; + vlans = [ "ap-staging" ]; + }; }; in { netcore01 = { - deployement.targetHost = "jourdan01.dgn"; + deployment.targetHost = "jourdan01.dgn"; + vlans = vlansPlan; + protocols.rstp = [ + "ge-0/0/12" + "ge-0/0/13" + "ge-0/0/14" + "ge-0/0/15" + "ge-0/0/16" + "ge-0/0/17" + "ge-0/0/42" + "ge-0/0/43" + "ge-0/0/47" - vlans = vlansPlan "fd26:baf9:d250:8000::1001/64"; + "xe-0/1/0" + "xe-0/1/1" + "ge-0/1/3" + ]; interfaces = { "ge-0/0/12" = AP; "ge-0/0/13" = AP; @@ -45,60 +65,85 @@ in "ge-0/0/42" = { enable = true; - interface-mode = "access"; - vlans = [ "admin-core" ]; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "access"; + vlans = [ "admin-core" ]; + }; }; "ge-0/0/43" = AP-staging; "ge-0/0/47" = { # ilo enable = true; - interface-mode = "access"; - vlans = [ "admin-core" ]; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "access"; + vlans = [ "admin-core" ]; + }; }; "xe-0/1/0" = { enable = true; - interface-mode = "trunk"; - vlans = [ "all" ]; - dhcp_trusted = true; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "trunk"; + vlans = [ "all" ]; + }; }; "xe-0/1/1" = { enable = true; - interface-mode = "trunk"; - vlans = [ - "users" - "admin-ap" - "admin-core" - ]; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "trunk"; + vlans = [ + "users" + "admin-ap" + "admin-core" + ]; + }; }; "ge-0/1/3" = { enable = true; - interface-mode = "trunk"; - vlans = [ "uplink-cri" ]; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "trunk"; + vlans = [ "uplink-cri" ]; + }; }; "me0" = { enable = true; - management = "192.168.42.6/24"; + unit."0".family.inet = { + enable = true; + address = [ "192.168.42.6/24" ]; + }; + }; + + "irb" = { + enable = true; + unit."0".family.inet6 = { + enable = true; + address = [ "fd26:baf9:d250:8000::1001/64" ]; + }; }; }; }; - netaccess01 = { - deployement.targetHost = "root@192.168.42.6"; + # netaccess01 = { + # deployement.targetHost = "root@192.168.42.6"; - vlans = vlansPlan "fd26:baf9:d250:8000::2001/64"; - interfaces = { - "xe-0/1/0" = { - enable = true; - interface-mode = "trunk"; - vlans = [ "all" ]; - dhcp_trusted = true; - }; + # vlans = vlansPlan "fd26:baf9:d250:8000::2001/64"; + # interfaces = { + # "xe-0/1/0" = { + # enable = true; + # interface-mode = "trunk"; + # vlans = [ "all" ]; + # dhcp_trusted = true; + # }; - "me0" = { - enable = true; - management = "192.168.42.6/24"; - }; - }; - }; + # "me0" = { + # enable = true; + # management = "192.168.42.6/24"; + # }; + # }; + # }; } From cc9c0575292bc569b2bc203462fbc5884d3a5f7d Mon Sep 17 00:00:00 2001 From: catvayor Date: Sat, 18 May 2024 10:11:36 +0200 Subject: [PATCH 5/6] feat(oob): now access to all vlan --- netconf-hive.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/netconf-hive.nix b/netconf-hive.nix index 0dbfe68..b8d4974 100644 --- a/netconf-hive.nix +++ b/netconf-hive.nix @@ -1,6 +1,7 @@ let vlansPlan = { "uplink-cri".id = 223; + "uplink-interne".id = 403; "admin-core" = { id = 3000; @@ -37,7 +38,7 @@ let }; in { - netcore01 = { + netcore02 = { deployment.targetHost = "jourdan01.dgn"; vlans = vlansPlan; protocols.rstp = [ @@ -67,8 +68,8 @@ in enable = true; unit."0".family.ethernet-switching = { enable = true; - interface-mode = "access"; - vlans = [ "admin-core" ]; + interface-mode = "trunk"; + vlans = [ "all" ]; }; }; "ge-0/0/43" = AP-staging; @@ -107,7 +108,7 @@ in unit."0".family.ethernet-switching = { enable = true; interface-mode = "trunk"; - vlans = [ "uplink-cri" ]; + vlans = [ "uplink-cri" "uplink-interne" ]; }; }; From 0481eeb9c669b9636e67e3b32fbf6ac3d3d668b4 Mon Sep 17 00:00:00 2001 From: catvayor Date: Wed, 22 May 2024 13:33:28 +0200 Subject: [PATCH 6/6] feat(netaccess01): Add --- default.nix | 37 ++++++++------- junos/default.nix | 12 ++--- junos/interfaces.nix | 13 +++--- junos/vlans.nix | 4 +- netconf-hive.nix | 104 ++++++++++++++++++++++++++++++++----------- 5 files changed, 118 insertions(+), 52 deletions(-) diff --git a/default.nix b/default.nix index fb4a671..a479d6b 100644 --- a/default.nix +++ b/default.nix @@ -3,21 +3,28 @@ }: let lib = pkgs.lib; - hive_mod = { lib, config, name, ... }: with lib; { - options.deployment = { - targetHost = mkOption { type = types.str; }; - rpc = mkOption { - type = types.package; - readOnly = true; + hive_mod = + { + lib, + config, + name, + ... + }: + with lib; + { + options.deployment = { + targetHost = mkOption { type = types.str; }; + rpc = mkOption { + type = types.package; + readOnly = true; + }; + cmd = mkOption { + type = types.package; + readOnly = true; + }; }; - cmd = mkOption { - type = types.package; - readOnly = true; - }; - }; - config.deployment = rec { - rpc = - pkgs.writeText "config-${name}_rpc.xml" '' + config.deployment = rec { + rpc = pkgs.writeText "config-${name}_rpc.xml" '' @@ -38,7 +45,7 @@ let text = ''ssh "${config.deployment.targetHost}" -p 830 -s netconf < ${rpc}''; }; }; - }; + }; evaluator = name: module_inst: let diff --git a/junos/default.nix b/junos/default.nix index a8e2e45..a3e9d20 100644 --- a/junos/default.nix +++ b/junos/default.nix @@ -27,10 +27,10 @@ with lib; in listToAttrs (map mkIntf config.netconf.mandatoryInterfaces); config.netconf.xmls.configuration = '' - - ${config.netconf.xmls.interfaces} - ${config.netconf.xmls.protocols} - ${config.netconf.xmls.vlans} - - ''; + + ${config.netconf.xmls.interfaces} + ${config.netconf.xmls.protocols} + ${config.netconf.xmls.vlans} + + ''; } diff --git a/junos/interfaces.nix b/junos/interfaces.nix index f5094a8..9872378 100644 --- a/junos/interfaces.nix +++ b/junos/interfaces.nix @@ -9,7 +9,9 @@ let { name, config, ... }: { options = { - enable = mkEnableOption "the logical interface ${intf-name}.${name}" // { default = true; }; + enable = mkEnableOption "the logical interface ${intf-name}.${name}" // { + default = true; + }; family = { ethernet-switching = { enable = mkEnableOption "the ethernet on the logical interface ${intf-name}.${name}"; @@ -89,7 +91,10 @@ let { options = { enable = mkEnableOption "the physical interface ${intf-name}"; - unit = mkOption { type = types.attrsOf (types.submodule unit); default = {}; }; + unit = mkOption { + type = types.attrsOf (types.submodule unit); + default = { }; + }; xml = mkOption { type = types.str; visible = false; @@ -120,9 +125,7 @@ in }; config.netconf.xmls.interfaces = '' - ${ - builtins.concatStringsSep "" (attrsets.mapAttrsToList (_: intf: intf.xml) config.interfaces) - } + ${builtins.concatStringsSep "" (attrsets.mapAttrsToList (_: intf: intf.xml) config.interfaces)} ''; } diff --git a/junos/vlans.nix b/junos/vlans.nix index 805c7fb..f98c3b9 100644 --- a/junos/vlans.nix +++ b/junos/vlans.nix @@ -44,7 +44,9 @@ let config.xml = let id = optionalString (!isNull config.id) "${toString config.id}"; - id-list = concatStringsSep "" (map (vlan: "${toString vlan}") config.id-list); + id-list = concatStringsSep "" ( + map (vlan: "${toString vlan}") config.id-list + ); l3-intf = optionalString ( !isNull config.l3-interface ) "${config.l3-interface}"; diff --git a/netconf-hive.nix b/netconf-hive.nix index b8d4974..ef8ec55 100644 --- a/netconf-hive.nix +++ b/netconf-hive.nix @@ -1,7 +1,6 @@ let vlansPlan = { "uplink-cri".id = 223; - "uplink-interne".id = 403; "admin-core" = { id = 3000; @@ -39,9 +38,21 @@ let in { netcore02 = { - deployment.targetHost = "jourdan01.dgn"; + deployment.targetHost = "netcore02.dgn"; vlans = vlansPlan; protocols.rstp = [ + "ge-0/0/0" + "ge-0/0/1" + "ge-0/0/2" + "ge-0/0/3" + "ge-0/0/4" + "ge-0/0/5" + "ge-0/0/6" + "ge-0/0/7" + "ge-0/0/8" + "ge-0/0/9" + "ge-0/0/10" + "ge-0/0/11" "ge-0/0/12" "ge-0/0/13" "ge-0/0/14" @@ -57,12 +68,24 @@ in "ge-0/1/3" ]; interfaces = { - "ge-0/0/12" = AP; - "ge-0/0/13" = AP; - "ge-0/0/14" = AP; - "ge-0/0/15" = AP; - "ge-0/0/16" = AP; - "ge-0/0/17" = AP; + "ge-0/0/0" = AP-staging; + "ge-0/0/1" = AP-staging; + "ge-0/0/2" = AP-staging; + "ge-0/0/3" = AP-staging; + "ge-0/0/4" = AP-staging; + "ge-0/0/5" = AP-staging; + "ge-0/0/6" = AP-staging; + "ge-0/0/7" = AP-staging; + "ge-0/0/8" = AP-staging; + "ge-0/0/9" = AP-staging; + "ge-0/0/10" = AP-staging; + "ge-0/0/11" = AP-staging; + "ge-0/0/12" = AP-staging; + "ge-0/0/13" = AP-staging; + "ge-0/0/14" = AP-staging; + "ge-0/0/15" = AP-staging; + "ge-0/0/16" = AP-staging; + "ge-0/0/17" = AP-staging; "ge-0/0/42" = { enable = true; @@ -108,7 +131,7 @@ in unit."0".family.ethernet-switching = { enable = true; interface-mode = "trunk"; - vlans = [ "uplink-cri" "uplink-interne" ]; + vlans = [ "uplink-cri" ]; }; }; @@ -129,22 +152,53 @@ in }; }; }; - # netaccess01 = { - # deployement.targetHost = "root@192.168.42.6"; + netaccess01 = { + deployment.targetHost = "netaccess01.dgn"; - # vlans = vlansPlan "fd26:baf9:d250:8000::2001/64"; - # interfaces = { - # "xe-0/1/0" = { - # enable = true; - # interface-mode = "trunk"; - # vlans = [ "all" ]; - # dhcp_trusted = true; - # }; + vlans = vlansPlan; - # "me0" = { - # enable = true; - # management = "192.168.42.6/24"; - # }; - # }; - # }; + protocols.rstp = [ + "ge-0/0/0" + "ge-0/0/1" + "ge-0/0/2" + "ge-0/0/3" + "ge-0/0/4" + "ge-0/0/5" + + "xe-0/1/0" + ]; + interfaces = { + "ge-0/0/0" = AP-staging; + "ge-0/0/1" = AP-staging; + "ge-0/0/2" = AP-staging; + "ge-0/0/3" = AP-staging; + "ge-0/0/4" = AP-staging; + "ge-0/0/5" = AP-staging; + + "xe-0/1/0" = { + enable = true; + unit."0".family.ethernet-switching = { + enable = true; + interface-mode = "trunk"; + vlans = [ "all" ]; + }; + }; + + "me0" = { + enable = true; + unit."0".family.inet = { + enable = true; + address = [ "192.168.42.6/24" ]; + }; + }; + + "irb" = { + enable = true; + unit."0".family.inet6 = { + enable = true; + address = [ "fd26:baf9:d250:8000::2001/64" ]; + }; + }; + }; + }; }