let module_inst = {
interfaces = {
# TODO: management
"ge-0/0/0" = { # upstream
interface-mode = "trunk";
vlans = [ "all" ];
dhcp_trusted = true;
};
"ge-0/0/1" = { # AP
interface-mode = "trunk";
vlans = [ "users" "admin" ];
};
"ge-0/0/2" = { # thurne 1
interface-mode = "access";
vlans = [ 3045 ];
};
"ge-0/0/3" = { # thurne 2
interface-mode = "access";
vlans = [ 3046 ];
};
};
vlans = {
"users" = [ { begin = 3045; end = 4095; } ];
"admin" = [ 3000 ];
};
};
module = { lib, config, ... }: with lib; {
# NOTE: dhcp should be configured at vlan level, but this is not very satisfying,
# so this module tries to configured dhcp-trust on interfaces
# -> this implies that interfaces change the config of their vlans
options = {
interfaces =
let vlan_type = types.either (types.strMatching "[^\n\r]+") (types.ints.unsigned);
interface = {config, ...}: {
options = {
interface-mode = mkOption {
type = types.enum [ "trunk" "access" ];
#TODO: default = if ;
};
vlans = mkOption { type = types.listOf vlan_type; };
dhcp_trusted = mkOption { type = types.bool; default = false; };
xmlGen = mkOption { type = types.uniq types.unspecified; };
};
config.xmlGen = name:
let
vlans = builtins.foldl'
(acc: vlan: acc + "${builtins.toString vlan}")
""
config.vlans;
in ''
${name}
0
${config.interface-mode}
${vlans}
'';
};
in mkOption {
type = types.attrsOf (types.submodule interface);
};
vlans = let
range_type.options = {
begin = mkOption { type = types.ints.unsigned; };
end = mkOption { type = types.ints.unsigned; };
};
in mkOption {
type = types.attrsOf (types.listOf (types.either types.ints.unsigned (types.submodule range_type)));
};
# NOTE, HACK: placeholder for now
toplevel = mkOption {
type = types.uniq types.anything;
};
};
config.toplevel =
let
interfaces = builtins.attrValues (builtins.mapAttrs (name: mod: mod.xmlGen name) config.interfaces);
# { vlan = { trust = [String]; notrust = [String]; } }
interface_names = builtins.attrNames config.interfaces;
vlan_map = inter: vlan:
if builtins.isString vlan then
if config.interfaces.${inter}.dhcp_trusted then
{ ${vlan}.trust = inter; }
else
{ ${vlan}.notrust = inter; }
else
{};
int_map = inter: map (vlan_map inter) config.interfaces.${inter}.vlans;
vlan_trust_table =
builtins.zipAttrsWith (vlan: values: builtins.zipAttrsWith (_: ints: ints ) values)
(builtins.concatMap int_map interface_names);
in [ ''
${builtins.concatStringsSep "" interfaces}
'' vlan_trust_table];
};
in (import ).evalModules {
modules = [ module module_inst ];
}