refactor(vlans): list vlans and their parameters in a separate file

2024-05-13 17:25:36 +02:00 · 2024-05-13 17:25:36 +02:00 · 8c14c5d2c6
parent f22580dd26
commit 8c14c5d2c6
2 changed files with 28 additions and 13 deletions
--- a/machines/vault01/networking.nix
+++ b/machines/vault01/networking.nix
@ -37,15 +37,16 @@ let
    };
  mkUserVlan =
    id:
    let
      # on alloue 10.0.0.0/17 aux thurnés, avec un /27 chacun, on garde 10.0.0.0/27 pour nous (routeur et autres)
      vlan = 4094 - id;
      prefix24nb = (id + 1) / 8;
      prefix27nb = (id + 1 - prefix24nb * 8) * 32;
    in
    {
-      name = "vlan-user-${builtins.toString vlan}";
+      vlan,
      netIP,
      servIP,
      prefixLength,
      interfaceName,
      ...
    }:
    {
      name = interfaceName;
      value = {
        Id = vlan;
        address = [ ];
@ -59,7 +60,7 @@ let
          addresses = [
            {
              addressConfig = {
-                Address = "10.0.${builtins.toString prefix24nb}.${builtins.toString (prefix27nb + 1)}/27";
+                Address = "${servIP}/${toString prefixLength}";
                AddPrefixRoute = false;
              };
            }
@ -67,7 +68,7 @@ let
          routes = [
            {
              routeConfig = {
-                Destination = "10.0.${builtins.toString prefix24nb}.${builtins.toString prefix27nb}/27";
+                Destination = "${netIP}/${toString prefixLength}";
                Table = "user";
              };
            }
@ -75,9 +76,9 @@ let
          routingPolicyRules = [
            {
              routingPolicyRuleConfig = {
-                From = "10.0.${builtins.toString prefix24nb}.${builtins.toString prefix27nb}/27";
+                From = "${netIP}/${toString prefixLength}";
                To = "10.0.0.0/27";
-                IncomingInterface = "vlan-user-${builtins.toString vlan}";
+                IncomingInterface = interfaceName;
                Table = "user";
              };
            }
@ -118,7 +119,7 @@ let
      extraNetwork.networkConfig.DHCPServer = "yes";
    };
-  } // builtins.listToAttrs (builtins.genList mkUserVlan 850); # 850 when we can
+  } // builtins.listToAttrs (map mkUserVlan (import ./user_vlans.nix));
 in
 {
--- a/machines/vault01/user_vlans.nix
+++ b/machines/vault01/user_vlans.nix
@ -0,0 +1,14 @@
 let
  mkUserVlan = id: rec {
    # on alloue 10.0.0.0/17 aux thurnés, avec un /27 chacun, on garde 10.0.0.0/27 pour nous (routeur et autres)
    vlan = 4094 - id;
    prefix24nb = (id + 1) / 8;
    prefix27nb = (id + 1 - prefix24nb * 8) * 32;
    prefixLength = 27;
    netIP = "10.0.${toString prefix24nb}.${toString prefix27nb}";
    servIP = "10.0.${toString prefix24nb}.${toString (prefix27nb + 1)}";
    broadIP = "10.0.${toString prefix24nb}.${toString (prefix27nb + 31)}";
    interfaceName = "vlan-user-${toString vlan}";
  };
 in
 builtins.genList mkUserVlan 850