vlans + all interface (excluded mgmt)
This commit is contained in:
parent
c3b7fdb968
commit
9fe7846c8f
1 changed files with 151 additions and 79 deletions
230
configMaker.nix
230
configMaker.nix
|
@ -1,15 +1,17 @@
|
|||
let module_inst = {
|
||||
interfaces = {
|
||||
interfaces =
|
||||
let AP = { # AP
|
||||
interface-mode = "trunk";
|
||||
vlans = [ "users" "admin" ];
|
||||
};
|
||||
in {
|
||||
# TODO: management
|
||||
"ge-0/0/0" = { # upstream
|
||||
interface-mode = "trunk";
|
||||
vlans = [ "all" ];
|
||||
dhcp_trusted = true;
|
||||
};
|
||||
"ge-0/0/1" = { # AP
|
||||
interface-mode = "trunk";
|
||||
vlans = [ "users" "admin" ];
|
||||
};
|
||||
"ge-0/0/1" = AP;
|
||||
"ge-0/0/2" = { # thurne 1
|
||||
interface-mode = "access";
|
||||
vlans = [ 3045 ];
|
||||
|
@ -18,89 +20,159 @@ let module_inst = {
|
|||
interface-mode = "access";
|
||||
vlans = [ 3046 ];
|
||||
};
|
||||
"ge-0/0/4" = AP;
|
||||
"ge-0/0/5" = AP;
|
||||
"ge-0/0/6" = AP;
|
||||
"ge-0/0/7" = AP;
|
||||
"ge-0/0/8" = AP;
|
||||
"ge-0/0/9" = AP;
|
||||
"ge-0/0/10" = AP;
|
||||
"ge-0/0/11" = AP;
|
||||
"ge-0/0/12" = AP;
|
||||
"ge-0/0/13" = AP;
|
||||
"ge-0/0/14" = AP;
|
||||
"ge-0/0/15" = AP;
|
||||
"ge-0/0/16" = AP;
|
||||
"ge-0/0/17" = AP;
|
||||
"ge-0/0/18" = AP;
|
||||
"ge-0/0/19" = AP;
|
||||
"ge-0/0/20" = AP;
|
||||
"ge-0/0/21" = AP;
|
||||
"ge-0/0/22" = AP;
|
||||
"ge-0/0/23" = AP;
|
||||
"ge-0/0/24" = AP;
|
||||
"ge-0/0/25" = AP;
|
||||
"ge-0/0/26" = AP;
|
||||
"ge-0/0/27" = AP;
|
||||
"ge-0/0/28" = AP;
|
||||
"ge-0/0/29" = AP;
|
||||
"ge-0/0/30" = AP;
|
||||
"ge-0/0/31" = AP;
|
||||
"ge-0/0/32" = AP;
|
||||
"ge-0/0/33" = AP;
|
||||
"ge-0/0/34" = AP;
|
||||
"ge-0/0/35" = AP;
|
||||
"ge-0/0/36" = AP;
|
||||
"ge-0/0/37" = AP;
|
||||
"ge-0/0/38" = AP;
|
||||
"ge-0/0/39" = AP;
|
||||
"ge-0/0/40" = AP;
|
||||
"ge-0/0/41" = AP;
|
||||
"ge-0/0/42" = AP;
|
||||
"ge-0/0/43" = AP;
|
||||
"ge-0/0/44" = AP;
|
||||
"ge-0/0/45" = AP;
|
||||
"ge-0/0/46" = AP;
|
||||
"ge-0/0/47" = AP;
|
||||
|
||||
"ge-0/1/0" = AP;
|
||||
"ge-0/1/1" = AP;
|
||||
"ge-0/1/2" = AP;
|
||||
"ge-0/1/3" = AP;
|
||||
|
||||
"xe-0/1/0" = AP;
|
||||
"xe-0/1/1" = AP;
|
||||
"xe-0/1/2" = AP;
|
||||
"xe-0/1/3" = AP;
|
||||
};
|
||||
vlans = {
|
||||
"users" = [ { begin = 3045; end = 4095; } ];
|
||||
"users" = [ { begin = 3045; end = 4094; } ];
|
||||
"admin" = [ 3000 ];
|
||||
};
|
||||
};
|
||||
module = { lib, config, ... }: with lib; {
|
||||
# NOTE: dhcp should be configured at vlan level, but this is not very satisfying,
|
||||
# so this module tries to configured dhcp-trust on interfaces
|
||||
# -> this implies that interfaces change the config of their vlans
|
||||
options = {
|
||||
interfaces =
|
||||
let vlan_type = types.either (types.strMatching "[^\n\r]+") (types.ints.unsigned);
|
||||
interface = {config, ...}: {
|
||||
options = {
|
||||
interface-mode = mkOption {
|
||||
type = types.enum [ "trunk" "access" ];
|
||||
#TODO: default = if ;
|
||||
};
|
||||
vlans = mkOption { type = types.listOf vlan_type; };
|
||||
dhcp_trusted = mkOption { type = types.bool; default = false; };
|
||||
|
||||
xmlGen = mkOption { type = types.uniq types.unspecified; };
|
||||
module = { lib, config, ... }: with lib; {
|
||||
# NOTE: dhcp should be configured at vlan level, but this is not very satisfying,
|
||||
# so this module tries to configured dhcp-trust on interfaces
|
||||
# -> this implies that interfaces change the config of their vlans
|
||||
options = {
|
||||
interfaces =
|
||||
let vlan_type = types.either (types.strMatching "[^\n\r]+") (types.ints.unsigned);
|
||||
interface = {config, ...}: {
|
||||
options = {
|
||||
interface-mode = mkOption {
|
||||
type = types.enum [ "trunk" "access" ];
|
||||
#TODO: default = if ;
|
||||
};
|
||||
config.xmlGen = name:
|
||||
let
|
||||
vlans = builtins.foldl'
|
||||
(acc: vlan: acc + "<members>${builtins.toString vlan}</members>")
|
||||
""
|
||||
config.vlans;
|
||||
in ''
|
||||
<interface>
|
||||
<name>${name}</name>
|
||||
<unit>
|
||||
<name>0</name>
|
||||
<family>
|
||||
<ethernet-switching>
|
||||
<interface-mode>${config.interface-mode}</interface-mode>
|
||||
<vlan>${vlans}</vlan>
|
||||
</ethernet-switching>
|
||||
</family>
|
||||
</unit>
|
||||
</interface>'';
|
||||
};
|
||||
in mkOption {
|
||||
type = types.attrsOf (types.submodule interface);
|
||||
};
|
||||
vlans = let
|
||||
range_type.options = {
|
||||
begin = mkOption { type = types.ints.unsigned; };
|
||||
end = mkOption { type = types.ints.unsigned; };
|
||||
};
|
||||
in mkOption {
|
||||
type = types.attrsOf (types.listOf (types.either types.ints.unsigned (types.submodule range_type)));
|
||||
};
|
||||
vlans = mkOption { type = types.listOf vlan_type; };
|
||||
dhcp_trusted = mkOption { type = types.bool; default = false; };
|
||||
|
||||
# NOTE, HACK: placeholder for now
|
||||
toplevel = mkOption {
|
||||
type = types.uniq types.anything;
|
||||
};
|
||||
xmlGen = mkOption { type = types.uniq types.unspecified; };
|
||||
};
|
||||
config.xmlGen = name:
|
||||
let
|
||||
vlans = builtins.foldl'
|
||||
(acc: vlan: acc + "<members>${builtins.toString vlan}</members>")
|
||||
""
|
||||
config.vlans;
|
||||
in ''
|
||||
<interface>
|
||||
<name>${name}</name>
|
||||
<unit>
|
||||
<name>0</name>
|
||||
<family>
|
||||
<ethernet-switching>
|
||||
<interface-mode>${config.interface-mode}</interface-mode>
|
||||
<vlan>${vlans}</vlan>
|
||||
</ethernet-switching>
|
||||
</family>
|
||||
</unit>
|
||||
</interface>'';
|
||||
};
|
||||
in mkOption {
|
||||
type = types.attrsOf (types.submodule interface);
|
||||
};
|
||||
vlans = let
|
||||
range_type.options = {
|
||||
begin = mkOption { type = types.ints.unsigned; };
|
||||
end = mkOption { type = types.ints.unsigned; };
|
||||
};
|
||||
in mkOption {
|
||||
type = types.attrsOf (types.listOf (types.either types.ints.unsigned (types.submodule range_type)));
|
||||
};
|
||||
|
||||
# NOTE, HACK: placeholder for now
|
||||
toplevel = mkOption {
|
||||
type = types.uniq types.anything;
|
||||
};
|
||||
config.toplevel =
|
||||
let
|
||||
interfaces = builtins.attrValues (builtins.mapAttrs (name: mod: mod.xmlGen name) config.interfaces);
|
||||
# { vlan = { trust = [String]; notrust = [String]; } }
|
||||
interface_names = builtins.attrNames config.interfaces;
|
||||
vlan_map = inter: vlan:
|
||||
if builtins.isString vlan then
|
||||
if config.interfaces.${inter}.dhcp_trusted then
|
||||
{ ${vlan}.trust = inter; }
|
||||
else
|
||||
{ ${vlan}.notrust = inter; }
|
||||
else
|
||||
{};
|
||||
int_map = inter: map (vlan_map inter) config.interfaces.${inter}.vlans;
|
||||
vlan_trust_table =
|
||||
builtins.zipAttrsWith (vlan: values: builtins.zipAttrsWith (_: ints: ints ) values)
|
||||
(builtins.concatMap int_map interface_names);
|
||||
in [ ''
|
||||
<interfaces>
|
||||
${builtins.concatStringsSep "" interfaces}
|
||||
</interfaces>'' vlan_trust_table];
|
||||
};
|
||||
config.toplevel =
|
||||
let
|
||||
interfaces = builtins.attrValues (builtins.mapAttrs (name: mod: mod.xmlGen name) config.interfaces);
|
||||
# { vlan = { trust = [String]; notrust = [String]; } }
|
||||
interface_names = builtins.attrNames config.interfaces;
|
||||
vlan_map = inter: vlan:
|
||||
if builtins.isString vlan then
|
||||
if config.interfaces.${inter}.dhcp_trusted then
|
||||
{ ${vlan}.trust = inter; }
|
||||
else
|
||||
{ ${vlan}.notrust = inter; }
|
||||
else
|
||||
{};
|
||||
int_map = inter: map (vlan_map inter) config.interfaces.${inter}.vlans;
|
||||
vlan_trust_table =
|
||||
builtins.zipAttrsWith (vlan: values: builtins.zipAttrsWith (_: ints: ints ) values)
|
||||
(builtins.concatMap int_map interface_names);
|
||||
vlans = map (vlan:
|
||||
let ids = map (id:
|
||||
let list = if builtins.isInt id then
|
||||
builtins.toString id
|
||||
else
|
||||
"${builtins.toString id.begin}-${builtins.toString id.end}";
|
||||
in ''<vlan-id-list>${list}</vlan-id-list>'')
|
||||
config.vlans.${vlan};
|
||||
in ''
|
||||
<vlan>
|
||||
<name>${vlan}</name>
|
||||
${builtins.concatStringsSep "\n" ids}
|
||||
</vlan>'') (builtins.attrNames config.vlans);
|
||||
in [ ''
|
||||
<interfaces>
|
||||
${builtins.concatStringsSep "\n" interfaces}
|
||||
</interfaces>
|
||||
<vlans>
|
||||
${builtins.concatStringsSep "\n" vlans}
|
||||
</vlans>'' vlan_trust_table];
|
||||
};
|
||||
in (import <nixpkgs/lib>).evalModules {
|
||||
modules = [ module module_inst ];
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue