From 8c14c5d2c66b5c9fe8304511fa68a02784fdecad Mon Sep 17 00:00:00 2001
From: catvayor <catvayor@katvayor.net>
Date: Mon, 13 May 2024 17:25:36 +0200
Subject: [PATCH] refactor(vlans): list vlans and their parameters in a
 separate file

---
 machines/vault01/networking.nix | 27 ++++++++++++++-------------
 machines/vault01/user_vlans.nix | 14 ++++++++++++++
 2 files changed, 28 insertions(+), 13 deletions(-)
 create mode 100644 machines/vault01/user_vlans.nix

diff --git a/machines/vault01/networking.nix b/machines/vault01/networking.nix
index fb87530..96fa294 100644
--- a/machines/vault01/networking.nix
+++ b/machines/vault01/networking.nix
@@ -37,15 +37,16 @@ let
     };
 
   mkUserVlan =
-    id:
-    let
-      # on alloue 10.0.0.0/17 aux thurnés, avec un /27 chacun, on garde 10.0.0.0/27 pour nous (routeur et autres)
-      vlan = 4094 - id;
-      prefix24nb = (id + 1) / 8;
-      prefix27nb = (id + 1 - prefix24nb * 8) * 32;
-    in
     {
-      name = "vlan-user-${builtins.toString vlan}";
+      vlan,
+      netIP,
+      servIP,
+      prefixLength,
+      interfaceName,
+      ...
+    }:
+    {
+      name = interfaceName;
       value = {
         Id = vlan;
         address = [ ];
@@ -59,7 +60,7 @@ let
           addresses = [
             {
               addressConfig = {
-                Address = "10.0.${builtins.toString prefix24nb}.${builtins.toString (prefix27nb + 1)}/27";
+                Address = "${servIP}/${toString prefixLength}";
                 AddPrefixRoute = false;
               };
             }
@@ -67,7 +68,7 @@ let
           routes = [
             {
               routeConfig = {
-                Destination = "10.0.${builtins.toString prefix24nb}.${builtins.toString prefix27nb}/27";
+                Destination = "${netIP}/${toString prefixLength}";
                 Table = "user";
               };
             }
@@ -75,9 +76,9 @@ let
           routingPolicyRules = [
             {
               routingPolicyRuleConfig = {
-                From = "10.0.${builtins.toString prefix24nb}.${builtins.toString prefix27nb}/27";
+                From = "${netIP}/${toString prefixLength}";
                 To = "10.0.0.0/27";
-                IncomingInterface = "vlan-user-${builtins.toString vlan}";
+                IncomingInterface = interfaceName;
                 Table = "user";
               };
             }
@@ -118,7 +119,7 @@ let
 
       extraNetwork.networkConfig.DHCPServer = "yes";
     };
-  } // builtins.listToAttrs (builtins.genList mkUserVlan 850); # 850 when we can
+  } // builtins.listToAttrs (map mkUserVlan (import ./user_vlans.nix));
 in
 
 {
diff --git a/machines/vault01/user_vlans.nix b/machines/vault01/user_vlans.nix
new file mode 100644
index 0000000..59ec3a0
--- /dev/null
+++ b/machines/vault01/user_vlans.nix
@@ -0,0 +1,14 @@
+let
+  mkUserVlan = id: rec {
+    # on alloue 10.0.0.0/17 aux thurnés, avec un /27 chacun, on garde 10.0.0.0/27 pour nous (routeur et autres)
+    vlan = 4094 - id;
+    prefix24nb = (id + 1) / 8;
+    prefix27nb = (id + 1 - prefix24nb * 8) * 32;
+    prefixLength = 27;
+    netIP = "10.0.${toString prefix24nb}.${toString prefix27nb}";
+    servIP = "10.0.${toString prefix24nb}.${toString (prefix27nb + 1)}";
+    broadIP = "10.0.${toString prefix24nb}.${toString (prefix27nb + 31)}";
+    interfaceName = "vlan-user-${toString vlan}";
+  };
+in
+builtins.genList mkUserVlan 850