DGNum/infrastructure
11
6
Fork 2
Code Issues 21 Pull requests 21 Projects 1 Releases Packages Wiki Activity Actions
infrastructure/meta/isp/default.nix
Tom Hubrecht 92890e2228
All checks were successful
Check meta / check_dns (push) Successful in 15s
Details
Check meta / check_dns (pull_request) Successful in 15s
Details
Check meta / check_meta (pull_request) Successful in 15s
Details
Check workflows / check_workflows (pull_request) Successful in 16s
Details
Build all the nodes / netaccess01 (pull_request) Successful in 19s
Details
Build all the nodes / netcore01 (pull_request) Successful in 19s
Details
Check meta / check_meta (push) Successful in 28s
Details
Build all the nodes / netcore02 (pull_request) Successful in 20s
Details
Run pre-commit on all files / pre-commit (push) Successful in 55s
Details
Build all the nodes / ap01 (pull_request) Successful in 1m9s
Details
Build all the nodes / bridge01 (pull_request) Successful in 1m25s
Details
Build the shell / build-shell (pull_request) Successful in 38s
Details
Build all the nodes / hypervisor03 (pull_request) Successful in 1m32s
Details
Build all the nodes / build01 (pull_request) Successful in 1m39s
Details
Build all the nodes / hypervisor01 (pull_request) Successful in 1m43s
Details
Build all the nodes / hypervisor02 (pull_request) Successful in 1m44s
Details
Run pre-commit on all files / pre-commit (pull_request) Successful in 38s
Details
Build all the nodes / rescue01 (pull_request) Successful in 1m35s
Details
Build all the nodes / geo02 (pull_request) Successful in 1m51s
Details
Build all the nodes / geo01 (pull_request) Successful in 1m51s
Details
Build all the nodes / tower01 (pull_request) Successful in 1m36s
Details
Build all the nodes / storage01 (pull_request) Successful in 1m46s
Details
Build all the nodes / web03 (pull_request) Successful in 1m40s
Details
Build all the nodes / web02 (pull_request) Successful in 1m48s
Details
Build all the nodes / vault01 (pull_request) Successful in 1m55s
Details
Build all the nodes / web01 (pull_request) Successful in 2m0s
Details
Build all the nodes / compute01 (pull_request) Successful in 2m42s
Details
feat(meta/isp): Init vlans
2025-03-02 18:00:46 +01:00

131 lines
3.3 KiB
Nix
Raw Blame History

# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
# SPDX-FileCopyrightText: 2025 Lubin Bailly <lubin.bailly@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2
{ config, lib, ... }:
let
inherit (lib) genList listToAttrs nameValuePair;
mkCIDR = address: prefix: "${address}/${builtins.toString prefix}";
in
{
imports = [ ./module.nix ];
isp = {
vlans =
{
uplink-cri = {
id = 223;
settings = {
address = [ (mkCIDR "10.120.33.250" 30) ];
routes = [
{
PreferredSource = builtins.head config.network.vault01.addresses.ipv4;
Gateway = "10.120.33.249";
}
];
linkConfig.MTUBytes = 1500;
};
};
admin = {
id = 3000;
settings = {
address = [ "fd26:baf9:d250:8000::1/64" ];
};
};
admin-ap = {
id = 3001;
settings = {
address = [
"fd26:baf9:d250:8001::1/64"
# FIXME: ipv4 is temporary for APs in production
"10.0.253.1/24"
];
networkConfig = {
IPv6SendRA = true;
DHCPServer = "yes";
};
ipv6Prefixes = [
{
AddressAutoconfiguration = false;
OnLink = false;
Prefix = "fd26:baf9:d250:8001::/64";
}
];
};
internal = {
network = "10.0.253.0";
prefix = 24;
};
};
apro = {
id = 2000;
settings = {
address = [ "10.0.255.1/24" ];
networkConfig.DHCPServer = "yes";
linkConfig.MTUBytes = 1500;
};
};
hypervisor = {
id = 2001;
settings = {
address = [ "10.0.254.1/24" ];
networkConfig.DHCPServer = "yes";
linkConfig.MTUBytes = 1500;
};
internal = {
network = "10.0.254.0";
prefix = 24;
};
};
}
// listToAttrs (
genList (
base:
let
id = (4096 - 2) - base;
range24 = (base + 1) / 8;
range27 = (base + 1 - range24 * 8) * 32;
in
nameValuePair "user-${builtins.toString id}" rec {
inherit id;
internal = {
network = "10.0.${builtins.toString range24}.${builtins.toString range27}";
address = "10.0.${builtins.toString range24}.${builtins.toString (range27 + 1)}";
prefix = 27;
};
settings = {
networkConfig = {
LinkLocalAddressing = "no";
DHCPServer = "yes";
};
linkConfig = {
Promiscuous = true;
MTUBytes = 1500;
};
addresses = [
{
Address = mkCIDR internal.address internal.prefix;
AddPrefixRoute = false;
}
];
routes = [
{
Destination = mkCIDR internal.network internal.prefix;
Table = "user";
}
];
};
userOnly = true;
}
) 850
);
};
}
Reference in a new issue View git blame Copy permalink