feat(hackdays): all switches GO

.forgejo/workflows/eval-nodes.yaml

@@ -362,6 +362,234 @@ jobs:
       name: Cache storage01
       run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
         errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays01:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays01
+      name: Eval swHackdays01
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays01
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays01
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays02:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays02
+      name: Eval swHackdays02
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays02
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays02
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays03:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays03
+      name: Eval swHackdays03
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays03
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays03
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays04:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays04
+      name: Eval swHackdays04
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays04
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays04
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays05:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays05
+      name: Eval swHackdays05
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays05
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays05
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays06:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays06
+      name: Eval swHackdays06
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays06
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays06
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays07:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays07
+      name: Eval swHackdays07
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays07
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays07
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays08:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays08
+      name: Eval swHackdays08
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays08
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays08
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays09:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays09
+      name: Eval swHackdays09
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays09
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays09
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays10:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays10
+      name: Eval swHackdays10
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays10
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays10
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays11:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays11
+      name: Eval swHackdays11
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays11
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays11
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
+  swHackdays12:
+    runs-on: nix-infra
+    steps:
+    - uses: actions/checkout@v3
+    - env:
+        BUILD_NODE: swHackdays12
+      name: Eval swHackdays12
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\nDRV=$(instantiate-node)\necho \"DRV=$DRV\" >> $GITHUB_ENV\n'"
+    - name: Build swHackdays12
+      run: "STORE_PATH=\"$(nix-store --realise \"$DRV\")\"\necho \"STORE_PATH=$STORE_PATH\"\
+        \ >> $GITHUB_ENV\n"
+    - env:
+        STORE_ENDPOINT: https://snix-store.dgnum.eu/infra.signing/
+        STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }}
+        STORE_USER: admin
+      name: Cache swHackdays12
+      run: "nix-shell -A eval-nodes --run 'set -o pipefail\nset -o nounset\nset -o
+        errexit\npush-to-cache \"$STORE_PATH\"\n'"
   tower01:
     runs-on: nix-infra
     steps:

machines/netconf/hackdays01.nix

@@ -1,83 +0,0 @@
-# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
-#
-# SPDX-License-Identifier: EUPL-1.2
-
-{ lib, ... }:
-let
-  inherit (lib)
-    mapAttrs
-    ;
-in
-{
-  dgn-hardware.model = "EX4100-F-48P";
-  vlans = {
-    "hackdays" = {
-      id = 998;
-      l3-interface = "irb.1";
-    };
-    "uplink" = {
-      id = 999;
-      l3-interface = "irb.0";
-    };
-  };
-  dgn-profiles = {
-    "client" = {
-      interfaces = [
-        "ge-0/0/0"
-      ];
-      configuration = {
-        poe = true;
-        ethernet-switching = {
-          interface-mode = "access";
-          vlans = [ "hackdays" ];
-        };
-      };
-    };
-  };
-  dgn-interfaces = {
-    "ge-0/0/47".ethernet-switching = {
-      interface-mode = "access";
-      vlans = [
-        "uplink"
-      ];
-    };
-  };
-
-  system.services.dhcp-local-server.group."hackdays".interfaces = [ "irb.1" ];
-  access.address-assignment.pool."hackdays".family.inet = {
-    network = "192.168.4.0/22";
-    ranges = [
-      {
-        low = "192.168.4.2";
-        high = "192.168.7.250";
-      }
-    ];
-    dhcp-attributes = {
-      maximum-lease-time = 7200;
-      router = [ "192.168.4.1" ];
-    };
-  };
-  routing-options.static.route = [
-    {
-      destination = "0.0.0.0/0";
-      next-hop = "192.168.0.1";
-    }
-  ];
-
-  # dgn-interfaces is oversimplified for irb
-  interfaces."irb" = {
-    enable = true;
-    unit =
-      mapAttrs
-        (_: addr: {
-          family.inet = {
-            enable = true;
-            addresses = [ addr ];
-          };
-        })
-        {
-          "0" = "192.168.0.2/22";
-          "1" = "192.168.4.1/22";
-        };
-  };
-}

machines/netconf/swHackdays01.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 1;
+  };
+}

machines/netconf/swHackdays02.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 2;
+  };
+}

machines/netconf/swHackdays03.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 3;
+  };
+}

machines/netconf/swHackdays04.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 4;
+  };
+}

machines/netconf/swHackdays05.nix

@@ -0,0 +1,22 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{ lib, ... }:
+let
+  inherit (lib) genList;
+in
+{
+  dgn-hackdays = {
+    enable = true;
+    portConfig = false;
+    index = 5;
+  };
+  dgn-profiles = {
+    "client".interfaces = genList (i: "ge-0/0/${toString i}") 45 ++ [ "ge-0/0/46" ];
+    "uplink".interfaces = [
+      "ge-0/0/45"
+      "ge-0/0/47"
+    ];
+  };
+}

machines/netconf/swHackdays06.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 6;
+  };
+}

machines/netconf/swHackdays07.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 7;
+  };
+}

machines/netconf/swHackdays08.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 8;
+  };
+}

machines/netconf/swHackdays09.nix

@@ -0,0 +1,22 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{ lib, ... }:
+let
+  inherit (lib) genList;
+in
+{
+  dgn-hackdays = {
+    enable = true;
+    portConfig = false;
+    index = 9;
+  };
+  dgn-profiles = {
+    "client".interfaces = genList (i: "ge-0/0/${toString i}") 45 ++ [ "ge-0/0/46" ];
+    "uplink".interfaces = [
+      "ge-0/0/45"
+      "ge-0/0/47"
+    ];
+  };
+}

machines/netconf/swHackdays10.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 10;
+  };
+}

machines/netconf/swHackdays11.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 11;
+  };
+}

machines/netconf/swHackdays12.nix

@@ -0,0 +1,10 @@
+# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+{
+  dgn-hackdays = {
+    enable = true;
+    index = 12;
+  };
+}

meta/nodes/netconf.nix

@@ -3,7 +3,8 @@
 # SPDX-License-Identifier: EUPL-1.2
 { lib, ... }:
 let
-  inherit (lib) mapAttrs;
+  inherit (lib) fixedWidthNumber mapAttrs;
+  inherit (lib.extra) genFuse;
 
   hashedPassword = "$2b$05$3h26h8rJ5yks1vJYXZG.fuHagYBwrVMlGR7iFmsV1FTJlMUj97fl2";
   mkSwitch =
@@ -33,35 +34,38 @@ let
     };
 in
 {
-  nodes = mapAttrs (_: mkSwitch) {
-    netcore01 = {
-      site = "pot01";
-      ip = "fd26:baf9:d250:8000::1010";
-      entry = "root@vault01.hyp01.infra.dgnum.eu";
-    };
+  nodes = mapAttrs (_: mkSwitch) (
+    {
+      netcore01 = {
+        site = "pot01";
+        ip = "fd26:baf9:d250:8000::1010";
+        entry = "root@vault01.hyp01.infra.dgnum.eu";
+      };
 
-    netcore02 = {
-      site = "pot01";
-      ip = "fd26:baf9:d250:8000::100f";
-      entry = "root@vault01.hyp01.infra.dgnum.eu";
-    };
+      netcore02 = {
+        site = "pot01";
+        ip = "fd26:baf9:d250:8000::100f";
+        entry = "root@vault01.hyp01.infra.dgnum.eu";
+      };
 
-    Jaccess01 = {
-      site = "hyp01";
-      ip = "fd26:baf9:d250:8000::1001";
-      entry = "root@vault01.hyp01.infra.dgnum.eu";
-    };
+      Jaccess01 = {
+        site = "hyp01";
+        ip = "fd26:baf9:d250:8000::1001";
+        entry = "root@vault01.hyp01.infra.dgnum.eu";
+      };
 
-    Jaccess04 = {
-      site = "hyp02";
-      ip = "fd26:baf9:d250:8000::2001";
-      entry = "root@vault01.hyp01.infra.dgnum.eu";
-    };
-
-    hackdays01 = {
-      site = "none";
-      ip = "192.168.4.1";
-      entry = "root@vault01.hyp01.infra.dgnum.eu";
-    };
-  };
+      Jaccess04 = {
+        site = "hyp02";
+        ip = "fd26:baf9:d250:8000::2001";
+        entry = "root@vault01.hyp01.infra.dgnum.eu";
+      };
+    }
+    // genFuse (i: {
+      "swHackdays${fixedWidthNumber 2 (i + 1)}" = {
+        site = "none";
+        ip = "192.168.0.${toString (i + 2)}";
+        entry = "root@vault01.hyp01.infra.dgnum.eu";
+      };
+    }) 12
+  );
 }