DGNum/Netconf-Module
7
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Activity

Compare commits

base: DGNum:xml-gen
Branches Tags
DGNum:master
DGNum:xml-gen
..
compare: DGNum:master
Branches Tags
DGNum:master
DGNum:xml-gen

2 commits
xml-gen ... master

Author SHA1 Message Date
catvayor
e10e63518b
feat: all vlans to potos 2024-12-18 13:08:39 +01:00
catvayor
0bb363716d
feat: vlan-hypervisor to potos 2024-12-16 22:54:52 +01:00
10 changed files with 189 additions and 249 deletions
Show stats Expand all files Collapse all files

33
default.nix
View file

@ -1,13 +1,13 @@
{
pkgs ? (import <nixpkgs> { }),
}:
let let
sources = import ./npins;
pkgs = import sources.kat-pkgs { };
lib = pkgs.lib; lib = pkgs.lib;
hive_mod = hive_mod =
{ {
lib, lib,
config, config,
name, name,
xml,
... ...
}: }:
let let
@ -32,17 +32,21 @@ let
}; };
}; };
config.deployment = rec { config.deployment = rec {
rpc = xml.generate "config-${name}_rpc.xml" { rpc = pkgs.writeText "config-${name}_rpc.xml" ''
rpc = [ <rpc>
{ <edit-config>
edit-config = { <config>
config.configuration = config.netconf.xml; ${config.netconf.xmls.configuration}
target.candidate = ""; </config>
}; <target>
} <candidate/>
{ commit = { }; } </target>
]; </edit-config>
}; </rpc>
<rpc>
<commit/>
</rpc>
'';
cmd = pkgs.writeShellApplication { cmd = pkgs.writeShellApplication {
name = "deploy-${name}.sh"; name = "deploy-${name}.sh";
runtimeInputs = with pkgs; [ openssh ]; runtimeInputs = with pkgs; [ openssh ];
@ -56,7 +60,6 @@ let
cfg = pkgs.lib.evalModules { cfg = pkgs.lib.evalModules {
specialArgs = { specialArgs = {
inherit name; inherit name;
xml = pkgs.formats.xml { };
}; };
modules = [ modules = [
./junos ./junos

16
junos/default.nix
View file

@ -1,7 +1,6 @@
{ {
lib, lib,
config, config,
xml,
... ...
}: }:
let let
@ -11,6 +10,7 @@ let
; ;
inherit (lib.types) inherit (lib.types)
bool bool
str
attrsOf attrsOf
submodule submodule
; ;
@ -33,8 +33,9 @@ in
./system.nix ./system.nix
]; ];
options = { options = {
netconf.xml = mkOption { netconf.xmls.configuration = mkOption {
type = xml.type; type = str;
readOnly = true;
description = '' description = ''
The full configuration to send to a JunOS. The full configuration to send to a JunOS.
''; '';
@ -64,4 +65,13 @@ in
mkIntf = _: _: { }; mkIntf = _: _: { };
in in
mapAttrs mkIntf config.netconf.mandatoryInterfaces; mapAttrs mkIntf config.netconf.mandatoryInterfaces;
config.netconf.xmls.configuration = ''
<configuration>
${config.netconf.xmls.system}
${config.netconf.xmls.interfaces}
${config.netconf.xmls.protocols}
${config.netconf.xmls.vlans}
${config.netconf.xmls.poe}
</configuration>
'';
} }

93
junos/interfaces.nix
View file

@ -1,17 +1,10 @@
{ { lib, config, ... }:
lib,
config,
xml,
...
}:
let let
inherit (lib) inherit (lib)
mkEnableOption mkEnableOption
mkOption mkOption
optionalString optionalString
mapAttrsToList mapAttrsToList
mkMerge
mkIf
; ;
inherit (lib.types) inherit (lib.types)
enum enum
@ -26,6 +19,7 @@ let
interface = interface =
{ name, config, ... }: { name, config, ... }:
let let
intf-name = name;
unit = unit =
{ name, config, ... }: { name, config, ... }:
{ {
@ -80,36 +74,46 @@ let
}; };
}; };
xml = mkOption { xml = mkOption {
type = xml.type; type = str;
visible = false; visible = false;
readOnly = true; readOnly = true;
}; };
}; };
config.xml = config.xml =
let let
eth = mkIf config.family.ethernet-switching.enable { members = map (
family.ethernet-switching = { vlan: "<members>${builtins.toString vlan}</members>"
interface-mode = config.family.ethernet-switching.interface-mode; ) config.family.ethernet-switching.vlans;
vlan.members = map toString config.family.ethernet-switching.vlans; eth = optionalString config.family.ethernet-switching.enable ''
storm-control.profile-name = "default"; <ethernet-switching>
}; <interface-mode>${config.family.ethernet-switching.interface-mode}</interface-mode>
}; <vlan>${builtins.concatStringsSep "" members}</vlan>
<storm-control><profile-name>default</profile-name></storm-control>
</ethernet-switching>
'';
addr4 = map (name: { inherit name; }) config.family.inet.addresses; addr4 = map (addr: "<name>${addr}</name>") config.family.inet.addresses;
inet = mkIf config.family.inet.enable { family.inet.address = addr4; }; inet = optionalString config.family.inet.enable ''
<inet>
<address>${builtins.concatStringsSep "" addr4}</address>
</inet>
'';
addr6 = map (name: { inherit name; }) config.family.inet6.addresses; addr6 = map (addr: "<name>${addr}</name>") config.family.inet6.addresses;
inet6 = mkIf config.family.inet6.enable { family.inet6.address = addr6; }; inet6 = optionalString config.family.inet6.enable ''
<inet6>
<address>${builtins.concatStringsSep "" addr6}</address>
</inet6>
'';
in in
mkMerge [ ''
{ <unit>
inherit name; <name>${name}</name>
} ${optionalString (!config.enable) "<disable/>"}
(mkIf (!config.enable) { disable = { }; }) <family>
eth ${eth}${inet}${inet6}
inet </family>
inet6 </unit>'';
];
}; };
in in
{ {
@ -123,21 +127,22 @@ let
''; '';
}; };
xml = mkOption { xml = mkOption {
type = xml.type; type = str;
visible = false; visible = false;
readOnly = true; readOnly = true;
}; };
}; };
config.xml = config.xml =
let let
unit = mapAttrsToList (_: unit: unit.xml) config.unit; units = mapAttrsToList (_: unit: unit.xml) config.unit;
in in
mkMerge [ ''
{ <interface>
inherit name unit; <name>${name}</name>
} ${optionalString (!config.enable) "<disable/>"}
(mkIf (!config.enable) { disable = { }; }) ${builtins.concatStringsSep "" units}
]; </interface>
'';
}; };
in in
{ {
@ -148,9 +153,15 @@ in
The interfaces configuration. The interfaces configuration.
''; '';
}; };
netconf.xmls.interfaces = mkOption {
type = str;
visible = false;
readOnly = true;
};
}; };
config.netconf.xml.interfaces = { config.netconf.xmls.interfaces = ''
"@operation" = "replace"; <interfaces operation="replace">
interface = mapAttrsToList (_: intf: intf.xml) config.interfaces; ${builtins.concatStringsSep "" (mapAttrsToList (_: intf: intf.xml) config.interfaces)}
}; </interfaces>
'';
} }

29
junos/poe.nix
View file

@ -1,13 +1,13 @@
{ lib, config, xml, ... }: { lib, config, ... }:
let let
inherit (lib) inherit (lib)
mkOption mkOption
mkEnableOption mkEnableOption
mapAttrsToList mapAttrsToList
mkIf optionalString
mkMerge
; ;
inherit (lib.types) inherit (lib.types)
str
attrsOf attrsOf
submodule submodule
; ;
@ -18,15 +18,14 @@ let
options = { options = {
enable = mkEnableOption "the PoE for this interface"; enable = mkEnableOption "the PoE for this interface";
xml = mkOption { xml = mkOption {
type = xml.type; type = str;
visible = false; visible = false;
readOnly = true; readOnly = true;
}; };
}; };
config.xml = mkMerge [ config.xml = ''
{ inherit name; } <interface><name>${name}</name>${optionalString (!config.enable) "<disable/>"}</interface>
(mkIf (!config.enable) { disable = { }; }) '';
];
}; };
in in
{ {
@ -38,9 +37,15 @@ in
PoE configuration of interfaces. PoE configuration of interfaces.
''; '';
}; };
netconf.xmls.poe = mkOption {
type = str;
visible = false;
readOnly = true;
};
}; };
config.netconf.xml.poe = { config.netconf.xmls.poe = ''
"@operation" = "replace"; <poe operation="replace">
interface = mapAttrsToList (_: intf: intf.xml) config.poe.interfaces; ${builtins.concatStringsSep "" (mapAttrsToList (_: intf: intf.xml) config.poe.interfaces)}
}; </poe>
'';
} }

21
junos/protocols.nix
View file

@ -2,6 +2,7 @@
let let
inherit (lib) inherit (lib)
mkOption mkOption
concatStringsSep
; ;
inherit (lib.types) inherit (lib.types)
listOf listOf
@ -16,9 +17,21 @@ in
List of interfaces on which Rapid Spanning Tree Protocol should be enabled. List of interfaces on which Rapid Spanning Tree Protocol should be enabled.
''; '';
}; };
netconf.xmls.protocols = mkOption {
type = str;
visible = false;
readOnly = true;
};
}; };
config.netconf.xml.protocols.rstp = { config.netconf.xmls.protocols =
"@operation" = "replace"; let
interface = map (name: { inherit name; }) config.protocols.rstp; rstps = map (intf: "<interface><name>${intf}</name></interface>") config.protocols.rstp;
}; in
''
<protocols>
<rstp operation="replace">
${concatStringsSep "" rstps}
</rstp>
</protocols>
'';
} }

54
junos/system.nix
View file

@ -6,6 +6,7 @@ let
length length
hasPrefix hasPrefix
filter filter
concatStrings
concatStringsSep concatStringsSep
; ;
inherit (lib.types) inherit (lib.types)
@ -49,34 +50,39 @@ in
}; };
}; };
}; };
netconf.xmls.system = mkOption {
type = str;
visible = false;
readOnly = true;
};
}; };
config.netconf.xml.system = config.netconf.xmls.system =
let let
ssh-keys1 = map (splitString " ") config.system.root-authentication.ssh-keys; ssh-keys1 = map (splitString " ") config.system.root-authentication.ssh-keys;
ssh-keys2 = map (key: if length key < 3 then key ++ [ "foo@bar" ] else key) ssh-keys1; ssh-keys2 = map (key: if length key < 3 then key ++ [ "foo@bar" ] else key) ssh-keys1;
ssh-keys = map (concatStringsSep " ") ssh-keys2; ssh-keys = map (concatStringsSep " ") ssh-keys2;
ssh-edsca = map (name: { inherit name; }) (filter (hasPrefix "ssh-edsca ") ssh-keys); edsca = map (key: "<ssh-edsca><name>${key}</name></ssh-edsca>") (
ssh-rsa = map (name: { inherit name; }) (filter (hasPrefix "ssh-rsa ") ssh-keys); filter (hasPrefix "ssh-edsca ") ssh-keys
ssh-ed25519 = map (name: { inherit name; }) (filter (hasPrefix "ssh-ed25519 ") ssh-keys); );
rsa = map (key: "<ssh-rsa><name>${key}</name></ssh-rsa>") (filter (hasPrefix "ssh-rsa ") ssh-keys);
ed25519 = map (key: "<ssh-ed25519><name>${key}</name></ssh-ed25519>") (
filter (hasPrefix "ssh-ed25519 ") ssh-keys
);
in in
{ ''
host-name = { <system>
"@operation" = "replace"; <host-name operation="replace">${config.system.host-name}</host-name>
"#text" = config.system.host-name; <root-authentication operation="replace">
}; <encrypted-password>${config.system.root-authentication.hashedPasswd}</encrypted-password>
root-authentication = { ${concatStrings (edsca ++ rsa ++ ed25519)}
"@operation" = "replace"; </root-authentication>
encrypted-password = config.system.root-authentication.hashedPasswd; <services operation="replace">
inherit ssh-edsca ssh-rsa ssh-ed25519; <ssh><root-login>${config.system.services.ssh.root-login}</root-login></ssh>
}; <netconf>
services = { <ssh><port>${toString config.system.services.netconf.port}</port></ssh>
"@operation" = "replace"; <rfc-compliant/><yang-compliant/>
ssh.root-login = config.system.services.ssh.root-login; </netconf>
netconf = { </services>
ssh.port = config.system.services.netconf.port; </system>
rfc-compliant = {}; '';
yang-compliant = {};
};
};
};
} }

46
junos/vlans.nix
View file

@ -1,11 +1,11 @@
{ lib, config, xml, ... }: { lib, config, ... }:
let let
inherit (lib) inherit (lib)
mkOption mkOption
optionalString
assertMsg assertMsg
concatStringsSep
mapAttrsToList mapAttrsToList
mkMerge
mkIf
; ;
inherit (lib.types) inherit (lib.types)
nullOr nullOr
@ -80,28 +80,30 @@ let
''; '';
}; };
xml = mkOption { xml = mkOption {
type = xml.type; type = str;
readOnly = true; readOnly = true;
visible = false; visible = false;
}; };
}; };
config.xml = config.xml =
let let
id = mkIf (!isNull config.id) { vlan-id = toString config.id; }; id = optionalString (!isNull config.id) "<vlan-id>${toString config.id}</vlan-id>";
id-list = mkIf (config.id-list != [ ]) { id-list = concatStringsSep "" (
vlan-id-list = map toString config.id-list; map (vlan: "<vlan-id-list>${toString vlan}</vlan-id-list>") config.id-list
}; );
l3-intf = mkIf (!isNull config.l3-interface) { inherit (config) l3-interface; }; l3-intf = optionalString (
!isNull config.l3-interface
) "<l3-interface>${config.l3-interface}</l3-interface>";
in in
assert assertMsg ( assert assertMsg (
config.id == null || config.id-list == [ ] config.id == null || config.id-list == [ ]
) "vlans.${name}.id and vlans.${name}.id-list are incompatible."; ) "vlans.${name}.id and vlans.${name}.id-list are incompatible.";
mkMerge [ ''
{ inherit name; } <vlan>
id <name>${name}</name>
id-list ${id}${id-list}${l3-intf}
l3-intf </vlan>
]; '';
}; };
in in
{ {
@ -113,9 +115,15 @@ in
instead of just using their IDs. instead of just using their IDs.
''; '';
}; };
netconf.xmls.vlans = mkOption {
type = str;
visible = false;
readOnly = true;
};
}; };
config.netconf.xml.vlans = { config.netconf.xmls.vlans = ''
"@operation" = "replace"; <vlans operation="replace">
vlan = mapAttrsToList (_: vlan: vlan.xml) config.vlans; ${builtins.concatStringsSep "" (mapAttrsToList (_: vlan: vlan.xml) config.vlans)}
}; </vlans>
'';
} }

43
netconf-hive.nix
View file

@ -15,6 +15,7 @@ let
]; ];
"ap-staging".id = 2000; "ap-staging".id = 2000;
"hypervisor".id = 2001;
}; };
AP = { AP = {
poe = true; poe = true;
@ -118,9 +119,9 @@ in
}; };
# netcore01 (Potos) # netcore01 (Potos)
"xe-0/1/2".ethernet-switching = { "xe-0/1/2".ethernet-switching = {
interface-mode = "access"; interface-mode = "trunk";
vlans = [ vlans = [
"ap-staging" "all"
]; ];
}; };
# uplink # uplink
@ -172,39 +173,25 @@ in
dgn-interfaces = dgn-interfaces =
let let
admin-intf.ethernet-switching = { hypervisor.ethernet-switching = {
interface-mode = "trunk"; interface-mode = "access";
vlans = [ "all" ]; vlans = [ "hypervisor" ];
}; };
in in
{ {
"xe-0/1/0" = admin-intf; "xe-0/2/0".ethernet-switching = {
"ge-0/1/0" = admin-intf;
"et-0/1/0" = admin-intf;
"xe-0/1/1" = admin-intf;
"ge-0/1/1" = admin-intf;
"et-0/1/1" = admin-intf;
"xe-0/1/2" = admin-intf;
"ge-0/1/2" = admin-intf;
"et-0/1/2" = admin-intf;
"xe-0/1/3" = admin-intf;
"ge-0/1/3" = admin-intf;
"et-0/1/3" = admin-intf;
"xe-0/2/0" = admin-intf;
"ge-0/2/0" = admin-intf;
"xe-0/2/1" = admin-intf;
"ge-0/2/1" = admin-intf;
"xe-0/2/2" = admin-intf;
"ge-0/2/2" = admin-intf;
"xe-0/2/3" = admin-intf;
"ge-0/2/3" = admin-intf;
"ge-0/0/47".ethernet-switching = {
interface-mode = "trunk"; interface-mode = "trunk";
vlans = [ "all" ]; vlans = [ "all" ];
}; };
"ge-0/0/0" = hypervisor;
"ge-0/0/1" = hypervisor;
"ge-0/0/2" = hypervisor;
"ge-0/0/3" = hypervisor;
"ge-0/0/4" = hypervisor;
"ge-0/0/5" = hypervisor;
"ge-0/0/47" = hypervisor;
# management # management
"me0".inet.addresses = [ "192.168.2.2/24" ]; "me0".inet.addresses = [ "192.168.2.2/24" ];
"irb".inet6.addresses = [ "fd26:baf9:d250:8000::200f/64" ]; "irb".inet6.addresses = [ "fd26:baf9:d250:8000::200f/64" ];

81
npins/default.nix
View file

@ -1,81 +0,0 @@
# Generated by npins. Do not modify; will be overwritten regularly
let
data = builtins.fromJSON (builtins.readFile ./sources.json);
version = data.version;
mkSource =
spec:
assert spec ? type;
let
path =
if spec.type == "Git" then
mkGitSource spec
else if spec.type == "GitRelease" then
mkGitSource spec
else if spec.type == "PyPi" then
mkPyPiSource spec
else if spec.type == "Channel" then
mkChannelSource spec
else
builtins.throw "Unknown source type ${spec.type}";
in
spec // { outPath = path; };
mkGitSource =
{
repository,
revision,
url ? null,
hash,
branch ? null,
...
}:
assert repository ? type;
# At the moment, either it is a plain git repository (which has an url), or it is a GitHub/GitLab repository
# In the latter case, there we will always be an url to the tarball
if url != null then
(builtins.fetchTarball {
inherit url;
sha256 = hash; # FIXME: check nix version & use SRI hashes
})
else
assert repository.type == "Git";
let
urlToName =
url: rev:
let
matched = builtins.match "^.*/([^/]*)(\\.git)?$" repository.url;
short = builtins.substring 0 7 rev;
appendShort = if (builtins.match "[a-f0-9]*" rev) != null then "-${short}" else "";
in
"${if matched == null then "source" else builtins.head matched}${appendShort}";
name = urlToName repository.url revision;
in
builtins.fetchGit {
url = repository.url;
rev = revision;
inherit name;
allRefs = true;
# hash = hash;
};
mkPyPiSource =
{ url, hash, ... }:
builtins.fetchurl {
inherit url;
sha256 = hash;
};
mkChannelSource =
{ url, hash, ... }:
builtins.fetchTarball {
inherit url;
sha256 = hash;
};
in
if version == 3 then
builtins.mapAttrs (_: mkSource) data.pins
else
throw "Unsupported format version ${toString version} in sources.json. Try running `npins upgrade`"

22
npins/sources.json
View file

@ -1,22 +0,0 @@
{
"pins": {
"kat-pkgs": {
"type": "Git",
"repository": {
"type": "Git",
"url": "https://git.dgnum.eu/lbailly/kat-pkgs.git"
},
"branch": "master",
"revision": "191cb1dacb273078455b86006941386642681644",
"url": null,
"hash": "14rwcg92mnyb0azac27v05k72lm62pgl43cqj0np711sssjkmhv1"
},
"nixpkgs": {
"type": "Channel",
"name": "nixpkgs-unstable",
"url": "https://releases.nixos.org/nixpkgs/nixpkgs-25.05pre720687.5a48e3c2e435/nixexprs.tar.xz",
"hash": "06g8b0ga935dnziyzhxznwcx1vb2clc84hcxwrcqb26lgjgwsgbf"
}
},
"version": 3
}