diff --git a/config/net/mgmt.nix b/config/net/mgmt.nix index cd764f7..b61f801 100644 --- a/config/net/mgmt.nix +++ b/config/net/mgmt.nix @@ -96,6 +96,8 @@ switch-d1 = "10.0.0.13"; switch-dach = "10.0.0.17"; switch-b3 = "10.0.0.18"; + switch-ds1 = "10.0.0.20"; + switch-ds2 = "10.0.0.21"; }; hosts6 = { dn42 = { diff --git a/config/secrets-production.nix.gpg b/config/secrets-production.nix.gpg index d15e81b..fffd36d 100644 --- a/config/secrets-production.nix.gpg +++ b/config/secrets-production.nix.gpg @@ -1,71 +1,72 @@ -----BEGIN PGP MESSAGE----- -hQEMA2PKcvDMvlKLAQf/TbiQ8YxFmvGbvToa+mSrXZGIkkWZRyy1QabSzJCxKmJU -jPTij+zVuaSpnl1MVkag+LR9L+UYATgLn9qC4EZTAPzghCJVPyMKUFelhVRZHrk3 -21JRG4nMBGBelTQOSCdgy7iEUeWy8DQez2IFv4usTPzDXo3F5pWk8mPWdMCllS/q -RMCCbMAPYeEmcc01pSuET2vrf7C4+nUjJWvdzWM6ABoW06AJALxOCJLqCSTwAM1f -CK4NnP3BVbjOJmtFUFqCXj89Oj8r4f6Ks4tQpKox1a8vwQo3Dqi84V/E8MWNuwrE -mGmBbf6D2nBV6NO6B3Ylp5LEFBO3v5SFh7YKKpdDuNLqAX9RNPXehTsgion+Iw6W -LlD/786ieiCQ5gj8ucsMtx42/f038Kx9W3cIPFWIe2M9J66KxbvooUYtCL2M29Um -QCej85fLEVLsedYIiIrDlXBPiNnkkAn4FLkfTdRFa3Ybqycai83ecfgp/Ij44QrA -M18rdgw9EsYAPJdp2wfZdaBMaVssjSUUIxRPY+0jMyFIAaWFsB19cnomXR5aMzWt -1ol5TuUQPXjkMOUIWMdUHAxmBPQMtftbyGlpWkjNeMVk48nAIwHwPW5Ig1x5BlZx -mcEfIHu8xbpzRqvAUvZqq27h67aNwB1lXXJd9kVL29U47dwiNbvR4ALEuS4NO5l+ -Jqar/sPBjTYFxsUd1YjhWp+SznwPWatskyeAUphSCG6I37MW0ehstvjtMb9N7yMT -KBiQpI+FZnnsFNAtYs9AfmoGdo34yIhXicQ7wUVXoaE9RpiXhP0NUuM5URL1TMXn -l1lIBfXBBugNhicxQLhQRhWJr8KuusADdiuFJMh/tBvMJgPV6DwgJASQacgVcCWP -P/yEhVVptKii1FL48ahPopELZEGnBP2xV+vBdI9hZKRVSbmTkhckwXj3OyivhczY -S17zrbTXMprYz1enmt5CuDHCXfqBBhUvLEs0mVgAVihVloEwfZFfdh5L4WopG3kM -hmt5UMPOJGAf0aKG4Q5FBXF/38yAMWEsuljIoSqJd6XYb7a40Cg2UUF1XXVU+9xQ -FkQEPyeyh3extR5Yh5f1tWfrktnPtD5n0w7zgkR4M77CXCj3nYZqLAsvlFGQDu8/ -kBLg5bybl4IguDYDKy0ZTgyF0crk6UI5nOPL7cbbXYnurSorbc140sZZX4N/WVNm -1Z+aEkg8gy0YaupC2xiMdBXLK/ZDSm1jaxGbkmIs5O0nwgkjpXmxXHIXUjmGHCVs -OIW7a4j7yzVOYeHqtDRfYuQWtpHo4j8CB4wBzEt2NsLqmwnIPs+PwBzi4nS8ylG9 -BDOS7F8eYXEb7RE5eoNsIbHufla9LMGPbk/7jmvDgGCcoaGBZXQMypRNmc/N+y/U -JvON7csCFEb34H0MVnkTSXjqPezEVoIz+4eNC4kRJOfrEJ4JJCoE66zgrcCzzRQ8 -s3X8xgcBUITCD1CCKOEGvL4AccL89D7eBwVrToK1F+oG1N7nLK4u6rPuaNeFSa+S -PkqhncDXy/5yQusWrepseqyZYTGS7WM9UumzYYmkKjkoEsn5YUZ4u9gfgO7YJ5Dp -xLo90bIRigUIJTFupIzgDKwPeyQ3L1H8fT93LrSTvqgETxoA4y68O+pOb//cldwl -dOT1W9GjagV8kEjg+40Is+db2tDoxSzECXgfIuI2DcZNiqsiQu4jgcaAOtwBRHUB -1+oS+LMNo1QYEC9BzIWQ6RXUX7QFO0Ohk//bp0Z4IMicdhV6MIUuCXjg7/KJuQUH -VreQJQ06LauL2dkH2MekstQhhGjDrvNevlU8nf2/s+eyE47LwbJeWFDauH8BG/k7 -0lqAgun11aucEphylfhEXrenIJE5gXzQU2sh0uzdZix3teqWLSE0SFiInKewacUP -pRRcKnVtsQjucTU9VR5RJTnNnEYyLiw0OOBhBPnJcqEu3EZeC8qQ05ohF9/Tund/ -SPQ+MdD3oL29pvwS5TxUqnBTjUCfcvr9LH8xS8XLb5u+EoINYM42ik0l4mn5C7t6 -hdjHkfawFp1/8ItEs9F7nD79i6dHs1iQrztBjTonZibROWRcsbXye5ygbKc/oq1n -uA3YAPosrdr8ssX2ofm2QWSAuZqehzWeUan8glAazMZODLXOFx3/vWWSyCqBD6xK -QAm9Yk+N9pp4UqG4xcWjZAzt62y9NSIFyARCKbfvBS7h5Obb04Iqzjilo4DQbfG2 -yqCT/F4Q+OYO/Ko/gKvkrZkIZ+jVg1vLXOCmcNETOhEyod4zfDAKVoGHl7ZOZMBs -ZYplzxSxBWnZWDKcAcxG3vc6nvZIOk3QINoCpL2qmKyWl91MV3Jha4MfCQeTHCPu -Ym0JTZ1KtW+gFAcHJWr4SxpdINHL9G2oz42djCYicNRTJdrrKTluZKUa/D4+fSw9 -3v+ERM6MmYvczZw7aac3Dg1xMEJEgwA/OCihO/qKK5BLkQtTVfuXAySlBDYGZ4b6 -5+1ehZ8ZTp4ne1kisdIeCxx880bOTeS0EJzF0NReXTebHRd3OrSG8AREgXka9Or9 -vUX1ODN5up7sQIk38IcG4X5ibOm/jEfRrUiu7RIjSfoBCJkR5jhPKPBrPzBiyVMS -i8mKnQxPbyRcGHMEFtVEsBduz3nmw/U0x8n2RVBbptVd0K/ff79da8VxkdNn/c5x -5up/g03sf2YVqLHJNH1FP95BobtoYtcPk9tXCvBOl5ru5s8T0GQ6LTMvfWOgzMwo -V/Ph1GbpWYr9qXvVO3/9ysnlxLTTOjKUVCnOA3hY2eXgIUPPB0nEwVMe8JzXF8z7 -81rT1B4HV00yrRZs7gMzLUcBa+0GeM6X0F0D2Sxx5rsGzQRTevvCMwWBDBCLgtMu -Z+fwPghO0KuaKVqrPXdBLwGf7L+hwVED+9r0bXTulHpbs2SbYrr4tM1jt5E+kkDf -OSXeVX/ACgsYgGUJgW3/URYuLD6lWk1+Ir9iat4Y3PEnkWo+H4X3Qtabxw5IOlUF -hQy07O/omjwlhK6jd9u1PGw2KSXOU24Rjmj4OPZ94g4nUulbyY7YEVj5QB/dhOKe -m2ilIxk57oJAblzW50Oyl6dp6TY4S6sqwGJqEiCpdU4WhRRQKXGdtHOVpOxWq3cO -tET8l08INpboRFv2kySko/luzWgIDB68HI7EWBUTBHzkbAg41jvzbzAVLUuN2FyI -Vn8QGpxDtwHa9CQXNSlj0aiMleZ64TC7X8BlcsvNSUPQk0k1Mc6fnSywsbo85nGj -sql7U7R0TXkrkTgHKphnJJhqufixZs5Ha2f+T9hfEq9yMpmehXh3+aFvcmBZ9gNq -h/aQ7qpNWjiUYj7ocuAwOcfxr18UlmzFB/euv/fFbklfCwB3LEMHRTj7v48DndbW -zPHTwnJdTA81JP1KRQaf706i/Vnko3SwTHtrHbcyXnUrV2z+yS9pRn9qK57zCgRJ -qkAcr49BqDgV6h+BGE+xtcUm+ukfcJ9ptDA28qEeLtc/pBGL5sLxgSyZ+XOIBdU7 -R9t7cWIkG3vu8b5t/h6/UHAkpzlj0mrTN/V0+qnam9UjBcPwAvYk8whhxw1vm4Rf -JQSaEfSzdhHuA2WTLD0PU1hfz73X8GjciQwJLh4If4EzIbPMN7Ma8e08gkyIshCJ -5MRrrBIClkwPZwk6jYZIWKFTRjMp2HTKaae0kAuhbB5aMa9gtBz6yvw5pj9O2eYs -dr4LZRYRLF49i7fyjgstq7qzxKhc0rzFzOY8uHPCTKwQRmn9cm0T7I95clA851zK -sDqcwLKklmsmZNSmy69AvbBNHS2IFigkl+4L9Xl0mUS8lBcHSoc09j803hDDjb7s -qEkRWKgK0XLywTL58wJWPLwAZDTGmt60QkO5YIMHN4Y0k+V+UC5nDEZDoRu3D1iI -Qx/RtGfVOoDIqq94vdLAdcxRIQGosFaPwov94IAp5hv3Tpqes/1psQWh707e+XvE -417rqVT01rumD/qNy9PIkElwpcaKqHcN/BnAN+YgndhOAfNLd1IMx0GzRzwolpUv -d5sWvR7zVRnI4hUcUMVLFWu8OHidUK2Y3wO5AIWihj/dyM6ZVVmO4+YgIT4c9nZU -ndlXahBeML6FgNWgOJzIHO4+RyH/6JVot24+b48AMJ00UHJFO7YmR75NiKznX8bR -XRCPnIipzhEhlsbaAcdNm7tSeR1R6zMXeAgBRTNZvFVjtesHa/jBFn9YtKoVuEcM -72Sv31BdTZSODPGSeIxS9p2WvKndYi3UcKuQwnfVQa4ePopvAnIJ -=M+e1 +hQEMA2PKcvDMvlKLAQf7BaGnH9Sd9+ybgvMSSTwWpyx1/phUuumCG+AAn053/n1h +cyGBpazoGpmgjFRz5BHuYLPAvjgBLn+5l5xGzssEYLhw4y+9ZlOJFGvXDKPvWQsR +z7SYX7/J2szqWoE+I+jOEY5DDX+lVXPzGnX+B3VoBh16716myB6yWWr9EUSQucxz +4aNcSG27qR+a/DslhA7P0AuMKe0ZOSFuiB4WN7SFukgOjqI7GjIk6nrHsGMFMPYn +LpjrRwaolNp04N5PtBqARZvYX1Tvaz1b33Vxm+VDvNiE+A4x/WzZhnKTS8ynWZ6A +TUO5Epwg0PmYTa44AwgfC9+e6OlisWA8voojAY0p59LqAUeyJwu0U4gfVYRQMXFa +IQsIneufAwOG3tVnucRynMcs1I8SjHy0IYqNmnmTq8uZXV7LujTyR9gfNptE5WPv +Xjay6uVXFQZZzSV4PFTtrgWrS69X/4nustUgk5hqh3YrTce8aQmAWs0hqmM2Hpun +NY5HZVi1+BrAYp/OarWM4NycxM1bnXjIdDeOt/3RBfnthG5xo4mJlETS1Z0TJAfb +jIoHFpLsu6TkpZdBRd9anMsjsocl+C082HrDGIiFWwCiF5Mt67z3eApixbLe0wUv +IU9AfXvuHPmqRQ0Pe0u7Enqggy6A/ePZJXOerjmwcb/rgryCGWoVIFQZaEkLldmA +FPaLt/qv8hjp/MaIFljBlge6eUl44rAy29HuRzp8lMJLXv47bxeBPiocEgbn3ZNL +SXsqAdVxBk6OwToUrQgKsuNmGaABTiL3QH/ctD9cLIZXgLUMPxomSzyqwO/XLE7C +2mVP5s8ubkORI7O2cTnBAK9wzUKT6JgNtw9MiMYNfvrh1+av9JgPBkkU+OOnuCHk +FK4lnmTZs/KrrgmZzGG9oP+0dtJviJn2o9hZle7dr5OPsvp2VktSsA+HphuET3xM +e7vuvTY2X3zlTmClW5oeP7J2b9i+XbzqeRvIqSj9C6pbcW3CrQmIgPIyvy4zL6rd +eDlIc87Ju0hn0eU5qD21+6TOcAl67xVzTh9HB2igZgOJfFXiiL/DjvqSlgc6Amjm +RNtc+h2opRAoX3CNtWElyOu28kqrgB692nqpzW7C7F8jZZuTpJsW47FXKNTrvr/9 +pJ5fgIMdZoBf/kz0VOOB2WYGEJ6dAyALFIFC++m1bmMe6kgVhLBq8ikxmxTh5PY8 +sLccesTu0Pz+CR3HknPtAZ3nmqAIfsyMrOYcOAp5EwdqIXka+p3Ye0+JpIkjsX+L +ta8I687GCKiGSPtbwHBoW+vn7JHd/h7aB47bbX2Ze/zibkgs7OFa193qBy9yyBZp +6rvdT6W+UTx25Y/HXIU6l+FoUXOcMgW0+IeAK3+zV8qbXAkDhwWUs21rQuwR3v6D +Rz5jCgG1S6z1G4mFd+itueg+z3MDDRhXp1XgKl1ZZe0RJUFi4MG34I5svKq+J+b2 +Yh6CSLXK2di2ovQ11qVnSEH+h95r1QqsMQ8nyk+ei/l3wYBdKBZ3QN6IkYU7bfhB +xZm2kvwZBiD1JWFHj5PhYvHWRMW3ahVxfKDXow6gdWWHkpT9gbHtQf5pBBN2aDLD +BxCImbQ7MUYiO7+uz8xdgo08sFasDwbklJBSN/n9pK2LUIoPrxjvFx4ItfT/Mx67 +NvZE/HirlVFIlMK8vcsRT5TnSBWphkUuPQ9I+usc+d6PawDW03MBBDhKP5CEpCnV +Ieq5g89POMPbmbWCKXhu/FSQrCReFpjK5o2ezabgI0Nvqxy6ZKg61VRhd5sg6Uim +MZVS7v3dA5v76T8+VkjeX7KpOat20Cbb6PF2OY61C1msF0Dr+1pXFRRFfveQJ6PL +iENUJghjSOYTBOjz5ycRLY72qnVuhOizkP2GR8f33JttP9gsZvYrnFYGV/Et+jIn +MBIWWAFsZ8GvENIaJYcTMUScCO+e00+y2IkxPP48IHQy6zzVkiMflWH7pSINRYKy +LaZVX5Q4T5b2vijnj87LhtfLDRBQ1dx6fjZCS2aURssxlWHnlX28+1xFzVdxtnTH +89ucch3d7zn2sCG66JGqE3L7xIvEo3eVcJ44aM9hyMQTggFnulTuTp9fxlJP7Q4Y +Cf7dblOwBLGIDvlJID5NgHP9WLspFGXgHinFZpGUsGJF7EkNGZZXJRqxXf+wd6zi +JUsP/69SnEH1Fe318ZyIBEK5dLR/L/cW49Ms/rTLA1sR8Yxwkrb9nO40OSLBPTbi +aZciYK+NSJiigrad75d0HWGkS7SDKzEp3mnPLUnH4H9+MF/fRrViE0Hi9bzAY3eZ +/gGFLVaMRCbRNEcXkhBVrz51yPsIGs2dbW2PLvxPbVSql/9/JsEcpT1c3kyJf6f0 +GZ7MWseBwVof8yv+FlnEQrdqKVPdenH+M3K9GNh4YnACz3d5wXaG5nziPzW2ze73 +5TYJ9cln9FNFmSg0nPbFxlRvUVPLB2NdH3FLG1KcAXr0CniPk7tZOBD1WB3xUbA4 +bOSY9t8w5RTj6ATQ8b1tbI97w+BzM/+BFiIaume8PAQ4LwxGGZohLDDpYgF29AGO +A/JDMOhdplnWfmg6X32yAYrY2QlbspRciHvUaw7otogIhipvacMQoh5Ucb0ZJCHo +dGByqsZom7Tq3mBJn15oS/c2lTwiBL7ZyPeElmx6TP8bi/kvvu/G2PeDdPgPQdZ/ +ExWUA0xUPoPJpDI9/BIBRH5+vR5ay8P0XHZ09MSSM/Iqzf+3TGCDHXxwNhP6zbkx +9mWR7rKYYoZz5mO2S6Bcz/cbMLalFfl+3N1UmfiJNVUuCjDAiY6SiyHf0c2Q9CxL +okrFgMS9hBZuCHBJbsBAzePZDYZBfq9o3ZWmRFJPBMx/x54fGLSnIB5nJ1YZUlvg +0bBsdt7Im6wITYUSkMcirm14dSVOvodSVCk3twmCLs14FG3RPojMf7ZemVjyvBXR +GQcTdKEwZaIEMRDL5tiVjZ8062inhRn4oqrcuhSYfuBP0oSOPeXnbOwj25cP6eHk +E7Y7CnifoNUJ0gADJUJJQCasF0Y9KzM8wzRBfBvcTlSvBJhUp0f37sPjYzt1vo8n +Z5E2MmEtzGEA+94/l2SdMib76SG4R4k1M56+eKb28EvGC8cdhLC8Yx8gURCnb+BM +AMAcXPE7VBm/cULO2WmJZV2evHjjtQlnpD10yTZD2SVEKW5MKE5y3gHE3UOI7TaA +KW2bKqRA60jJ6NMAYX3Yb+o4BQErtXcv4ObKnLCbHrrOb/0YPFWwjLAdx39sR8Bj +i+YQ4+OQMCFqzErHWs5OQ4PpDqeetNs33LukzJ7SnhMgzlG8d3Q12mwKHSBGb+1I +uKWQN1ygyQtKDieTNocxhZvBstqJJTS9EVZqNFyIauiVhG55g198WF6LYid4dE+4 +UakrcA6pzSYg+ajpHceHDQzcdN/hwpHTeFvKCrDTdpT/pMJIVsurDVMqaSRXw0KP +pMW1ZpcJev8+BV/RZJFR+LQsc1AOQqNMlnTXXuwQclrYatgf8WsA602AuRi7OWaV +oWwXJUu02j6WQxtsJR4uKEruZszL8iJQzesbX3DcfzV5JFIz8leJ0Kg97F+fWd17 +bYwv6RSHplAPEgZJ+SFjvB4YxG9uJxHZ3CAVkA5t2Ho6Wj39c6BjyLR0K5fWyPQ/ +e8StxFgprC9RlAy6C/gqhOrF/9HJdux0JZgDhgv48fqZdy1yhOmX+lT7PWlX5de5 +VX33gRUrC2rGDHmtIACjXPSGCDLueIQtNQj+8TU5edHzs58If7OCyf5HM/COBX7W +wNHKwMsFCFgSX1xcO4RYW0/3Zi4jfALVkBTU9qZERZ1at05CKlJbtuSncxIIGF5C +PcT5gvhV8gUoqBQD93mmj6JGBov4A4DoRluqs86OQTxreUFOMR5hHJCSKmQCNDq7 +4dbOJ9MLlN6wUv4Gc0c+cmxPFK55mOU/7df2pzKp63SHibRSlrW3ln85Ue1x2mUn +YG7l59Mkq7qAEX7BavmszxyryFYI1Za8e6J8eeFcUOoSZxCA3XG3I7uExyIKUXwP +CdZlsOESVJCaBYhNsYTP+/oXJTTAwdHu9SpeZA4trZufusEKJknbdmmswnLJZTfZ +Urn59p30TpenzQzwAD4tz9RkiktbYJfaRzI0nUvMVEk39hdvjLPqqRy8p0kQvF75 ++B6J4ax86MaejPZZtApi/7OTo6zHwtcTEex1hC7mWcD03n2wOIiIHpDuxhim5gys +EMFdfjlpytZ9iE8rR2AUD4byRfQmdBLIqlFQCR1Ml8jalPXC2cqDojh0rNd/ZVlW +F+zghrNGinwfraIsw0onBw== +=4c3i -----END PGP MESSAGE----- diff --git a/config/secrets.nix b/config/secrets.nix index 75da96b..56c19a8 100644 --- a/config/secrets.nix +++ b/config/secrets.nix @@ -68,6 +68,8 @@ switch-c3d2-main.password = "encrypted"; switch-d1.password = "encrypted"; switch-dach.password = "encrypted"; + switch-ds1.password = "encrypted"; + switch-ds2.password = "encrypted"; upstream4.interfaces.up4-pppoe.upstream = { user = "encrypted"; diff --git a/config/switch.nix b/config/switch.nix index da3292f..93d44cf 100644 --- a/config/switch.nix +++ b/config/switch.nix @@ -8,9 +8,16 @@ links = { switch-a2.ports = [ "7" ]; - priv25.ports = [ "2" "3" "4" "5" ]; + # Panel A2: Foyer + switch-ds1.ports = [ "3" ]; + # Panel A6: kl Saal hinten + switch-ds2.ports = [ "8" ]; + priv25.ports = [ + "2" + "4" + "5" + ]; priv31.ports = [ "6" ]; - pub.ports = [ "8" ]; iso4.ports = [ "1" ]; }; }; @@ -286,6 +293,87 @@ c3d2.ports = [ "20" ]; }; }; + + switch-ds1 = { + role = "switch"; + model = "3com-5500G"; + location = "Foyer"; + interfaces = { mgmt.type = "phys"; }; + + links = { + # Public + pub.ports = [ + "GigabitEthernet1/0/1" + "GigabitEthernet1/0/2" + "GigabitEthernet1/0/3" + "GigabitEthernet1/0/4" + "GigabitEthernet1/0/5" + "GigabitEthernet1/0/6" + "GigabitEthernet1/0/7" + "GigabitEthernet1/0/8" + "GigabitEthernet1/0/9" + "GigabitEthernet1/0/10" + "GigabitEthernet1/0/11" + "GigabitEthernet1/0/12" + "GigabitEthernet1/0/13" + "GigabitEthernet1/0/14" + "GigabitEthernet1/0/15" + "GigabitEthernet1/0/16" + "GigabitEthernet1/0/17" + "GigabitEthernet1/0/18" + "GigabitEthernet1/0/19" + "GigabitEthernet1/0/20" + ]; + # Uplink + switch-a1.ports = [ "GigabitEthernet1/0/24" ]; + # Freifunk + bmx.ports = [ + "GigabitEthernet1/0/21" + "GigabitEthernet1/0/22" + "GigabitEthernet1/0/23" + ]; + }; + }; + + switch-ds2 = { + role = "switch"; + model = "3com-5500G"; + location = "Vor dem Kl Saal"; + interfaces = { mgmt.type = "phys"; }; + + links = { + # Public + pub.ports = [ + "GigabitEthernet1/0/1" + "GigabitEthernet1/0/2" + "GigabitEthernet1/0/3" + "GigabitEthernet1/0/4" + "GigabitEthernet1/0/5" + "GigabitEthernet1/0/6" + "GigabitEthernet1/0/7" + "GigabitEthernet1/0/8" + "GigabitEthernet1/0/9" + "GigabitEthernet1/0/10" + "GigabitEthernet1/0/11" + "GigabitEthernet1/0/12" + "GigabitEthernet1/0/13" + "GigabitEthernet1/0/14" + "GigabitEthernet1/0/15" + "GigabitEthernet1/0/16" + "GigabitEthernet1/0/17" + "GigabitEthernet1/0/18" + "GigabitEthernet1/0/19" + "GigabitEthernet1/0/20" + ]; + # Uplink + switch-a1.ports = [ "GigabitEthernet1/0/24" ]; + # Freifunk + bmx.ports = [ + "GigabitEthernet1/0/21" + "GigabitEthernet1/0/22" + "GigabitEthernet1/0/23" + ]; + }; + }; }; } - diff --git a/nix/pkgs/switches/3com-5500G.nix b/nix/pkgs/switches/3com-5500G.nix new file mode 100644 index 000000000..6b2b663 --- /dev/null +++ b/nix/pkgs/switches/3com-5500G.nix @@ -0,0 +1,180 @@ +{ self, pkgs, hostName, config, hostConfig +, sort, sortBy, sortNetsByVlan +, ... }: + +with pkgs; +with lib; + +'' + #! ${expect}/bin/expect -f + + ${if hostConfig.firstboot + then '' + spawn sudo ${uucp}/bin/cu -s 19200 -l /dev/ttyUSB0 + send "\r" + '' + else '' + spawn ${inetutils}/bin/telnet ${config.site.net.mgmt.hosts4.${hostName}} + + expect "Password:" + send "${hostConfig.password}\r" + '' + } + expect ">" + send "system-view\r" + expect "]" + + send "sysname ${hostName}\r" + expect "]" + + send "user-interface vty 0 4\r" + expect "ui-vty0-4]" + send "screen-length 0\r" + expect "ui-vty0-4]" + send "user privilege level 3\r" + expect "ui-vty0-4]" + send "set authentication password simple ${hostConfig.password}\r" + expect "ui-vty0-4]" + send "quit\r" + expect "${hostName}]" + + send "local-user admin\r" + expect -- "-luser-admin]" + send "password simple ${hostConfig.password}\r" + expect -- "-luser-admin]" + send "quit\r" + expect "${hostName}]" + + # Enable logging + send "info-center enable\r" + expect "]" + send "info-center loghost ${config.site.net.mgmt.hosts4.logging} channel loghost facility local6\r" + expect "]" + send "info-center source default channel loghost log level informational\r" + expect "]" + + ${concatMapStrings (net: + let + netConfig = config.site.net.${net}; + vlan = toString netConfig.vlan; + inherit (config.site.net.${net}) hosts4; + hostAddr4 = hosts4.${hostName}; + prefixLength = elemAt ( + builtins.split "/" netConfig.subnet4 + ) 2; + netmask = self.lib.netmasks.${prefixLength}; + in + if netConfig.vlan != null + then '' + send "vlan ${vlan}\r" + expect -- "-vlan${vlan}]" + send "name ${net}\r" + expect -- "-vlan${vlan}]" + ${optionalString (net == "mgmt") '' + # Actually only used for mgmt_vlan, switches are not routers + send "interface Vlan-interface ${vlan}\r" + expect "]" + ${optionalString (hosts4 ? ${hostName}) '' + send "ip address ${hostAddr4} ${netmask}\r" + expect "]" + ''} + ''} + send "quit\r" + expect "${hostName}]" + '' + else "" + ) (sortNetsByVlan (builtins.attrNames config.site.net)) + } + + ${concatMapStrings (name: + let + linkConfig = hostConfig.links.${name}; + isAccess = config.site.net ? ${name}; + netConfig = config.site.net.${name}; + isTrunk = !isAccess; + isBond = isTrunk && builtins.length linkConfig.ports > 1; + in + if isTrunk + then '' + ${optionalString isBond '' + send "link-aggregation group ${linkConfig.group} mode static\r" + expect { + "This aggregation will be modified to static mode. Continue ?" { + send "Y\r" + } + "]" {} + } + send "link-aggregation group ${linkConfig.group} description ${name}\r" + expect "]" + ''} + ${concatMapStrings (port: '' + send "interface ${port}\r" + expect "]" + send "undo stp edged-port\r" + expect "]" + ${if isBond + then '' + send "lacp enable\r" + expect "]" + send "undo port link-aggregation group\r" + expect "]" + send "port link-aggregation group ${linkConfig.group}\r" + '' else '' + send "undo lacp enable\r" + ''} + expect "]" + send "jumboframe enable\r" + expect "]" + + send "port link-type trunk\r" + expect "]" + # Set dummy default vlan + send "port trunk pvid vlan 4094\r" + expect "]" + # Deconfigure all but mgmt vlan + send "undo port trunk permit vlan 2 to 4094\r" + expect "]" + ${concatMapStrings (vlan: '' + send "port trunk permit vlan ${toString vlan}\r" + expect "]" + '') (sort linkConfig.vlans)} + send "undo shutdown\r" + expect "]" + send "quit\r" + expect "${hostName}]" + '') (sort linkConfig.ports)} + '' else + concatMapStrings (port: '' + send "interface ${port}\r" + expect "]" + send "undo port link-aggregation group\r" + expect "]" + send "port link-type access\r" + expect "]" + ${if name == "mgmt" + then '' + send "undo port access vlan\r" + expect "]" + '' else '' + send "port access vlan ${toString netConfig.vlan}\r" + expect "]" + ''} + send "undo shutdown\r" + expect "]" + send "quit\r" + expect "${hostName}]" + '') (sort linkConfig.ports) + ) (sortBy (link: hostConfig.links.${link}.ports) + (builtins.attrNames hostConfig.links) + )} + + send "save main\r" + expect "Y/N]" + send "YES\r" + expect "press the enter key):" + send "\r" + expect "]" + send "quit\r" + expect ">" + send "quit\r" +''