forked from zentralwerk/network
config: nixify everything
This commit is contained in:
parent
6446c6b8a3
commit
32c0def45b
|
@ -1 +1,3 @@
|
||||||
contact.md
|
/contact.md
|
||||||
|
/config/secrets-production.nix
|
||||||
|
/config/secrets-production.nix.old
|
||||||
|
|
|
@ -34,8 +34,8 @@ Wir, ein kleiner Kreis von Menschen die das Netzwerk im Zentralwerk betreuen, ha
|
||||||
- [x] Einlesen der Salt-Daten in Nix
|
- [x] Einlesen der Salt-Daten in Nix
|
||||||
- [x] Containererstellung
|
- [x] Containererstellung
|
||||||
- [x] Migration der Container
|
- [x] Migration der Container
|
||||||
- [ ] device-scripts auf Site Config umstellen
|
- [x] device-scripts auf Site Config umstellen
|
||||||
- [ ] Site Config ohne Entschlüsselung dumpen, Salt-Daten löschen
|
- [x] Site Config ohne Entschlüsselung dumpen, Salt-Daten löschen
|
||||||
|
|
||||||
### Development Setup
|
### Development Setup
|
||||||
|
|
||||||
|
@ -77,8 +77,8 @@ auch `/etc/nixos` so dass `nixos-rebuild switch` problemlos
|
||||||
klappt. Ausserdem ist dieser lokale Checkout in der `nix registry`
|
klappt. Ausserdem ist dieser lokale Checkout in der `nix registry`
|
||||||
eingetragen, was von bspw. von `build-container` verwendet wird.
|
eingetragen, was von bspw. von `build-container` verwendet wird.
|
||||||
|
|
||||||
Der Flake-input `zentralwerk-network-key` ist mit einem lokalen
|
Ausserdem wurden dort `nix run .#switch-to-production` und immer
|
||||||
Repository überschrieben, weshalb die `flake.lock` dirty ist.
|
wieder `.#decrypt-secrets` ausgeführt.
|
||||||
|
|
||||||
### LXC-Containers auf Server
|
### LXC-Containers auf Server
|
||||||
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,8 @@
|
||||||
|
{
|
||||||
|
imports = [
|
||||||
|
./config.nix
|
||||||
|
./secrets.nix
|
||||||
|
|
||||||
|
./vlan.nix
|
||||||
|
];
|
||||||
|
}
|
|
@ -0,0 +1,59 @@
|
||||||
|
-----BEGIN PGP MESSAGE-----
|
||||||
|
|
||||||
|
hQEMA2PKcvDMvlKLAQf6Axl7IpRsbhFaX8dJDQHlJrdK8LWP71VrUF/ukeF5qfjz
|
||||||
|
1CKM04e/RWQ8dUK7OKIgbKhirI8dcleMB+gCu2Y45vXauqsVSaKTOV+ZyZZ3f1Hs
|
||||||
|
gmHSxxKVoyMtCj+9dKGGTkNMgsB/0eIxTOc+dNrQb6FHpJjMBOzaDUI8N5AOeA+B
|
||||||
|
IwJO+fco1dIj0I6sym3UHzovY3teQoGhBszzs60pjp77eJpiuIfEFZH0karWixX3
|
||||||
|
Ktqn8q2+rD6+SVRcNADxnjiZ9dk4Ec7fFTqjCmZLwjiJDV0guhGPmc7ewsWnJA/z
|
||||||
|
LgErzyAXI/g6sY2G47g7KdbBFzzk5YWepW2MuH+ZjdLrAaEGjqZQ2k6OXlQkjFQK
|
||||||
|
AgP/u+KUPMd1o20QO/OX9jb6SzjKgr8rk+bM5ZnCJq0nxGLJQQZzb2Kq5/1KCIC+
|
||||||
|
2B8plQmQaR/wTUGjyrgwgzBGbGBUENk52AOgehrHb2A3vH7cEEpqdSZDRUoCovqa
|
||||||
|
amg5lIBYKeIQSL2WQjXYGfr+Mu82iAn4Rdvd2I5GRNlC3E12KKGQXDgrXhDKzAyF
|
||||||
|
6KD7zoLQlvK9fQp34ECUGaG0Qps+tOfXUIX+h+9rSQ10e/ZJfitFCsGg4CVunvsI
|
||||||
|
WzuDofIhQCmt8tOr2db5B5xGjylCCWnLlW2/j+Rrx2FzpIHrs6+2vcXkYQ7EFjnS
|
||||||
|
xMzPrudHUiLbv+CiciOcRe63DyG5wP31skJvAm7eQRaHaPXMEZFRSJ1xG06XEygg
|
||||||
|
a1RwBubnqRRONBvGy7u7b/Daj74Xk5Z6S3P9oBn5pDk25Na8xnJqz9jN21khE0w7
|
||||||
|
ARIHU6rybCVfUccCfBzaGF/5LIS4Q/7L2uAu+MWRDg2uJr4N/pkYMs8Pi/vqLNCw
|
||||||
|
XVV8jeilzIYqEAGp1thBfHiMO8kMKmQKxadETxTy7vCfS3jqcl19xTobH0non5Ie
|
||||||
|
HMONaE/AKhSUHNK14fEH0HipgCwpy79P4MjFC8e5z5YoCsAqqzKmJJ6jv0lzpaA6
|
||||||
|
iEamAg+0g1XhqTEHUnnC3RONnaY+VGAXSOXpH4cOlVocX2C/N9U6mev2/KN+xgC5
|
||||||
|
PytsfKPRoiLagHrxGN6LekaiiQrrjFOgPGE5pwMnI0ODWDl+Yun8CmXwjq2oQudF
|
||||||
|
Xe/eKtJmtEiZGWuPn5yUp/j3xyKue6sH4NIoFBcQUYX07yaPRetZITykjpYdYBxX
|
||||||
|
RzSLD7pYDXMrtjuP4MsvjT0WD/XE9086p2CDjDv0mQfQpc40LyiJw4djFRkTsBaB
|
||||||
|
zdv9gAYSuRfigpx+ygCvUZjLpSDHqixWdIJeo9NjIcbELjirQvxNGKew1JJBAPZJ
|
||||||
|
6BdElR9WCHBx7jdVYaG5PXqiWtiXgFX2hs5+d0yFRHPRZo2xG3nBpJbE1ixqLSMQ
|
||||||
|
aXK0YO2sH+Z7i1aIZpMkJF5FRNYb02jgGt89OciweU8vPeckw7lkVNxtHjsfKukB
|
||||||
|
moZIDbQ2K5IvpJoYMvOwsMTFyB6biJXcSsVEuvfxbzM9nunqeAoHKJM7A23R1Xw7
|
||||||
|
8fyYgN8EhxWl4bfk/sOVceAcVd+48oXr0dxbWw3OpxAeUJ6p9J4r/dKQopDW1VqV
|
||||||
|
u1t404j6JkzLaKLZ6cXg0yl/jLmuOyQQRzNT6CA36K7/n5QRgNPpQ4P4sbesWMnw
|
||||||
|
G04n6kkz29uX91SPaJkhliaXctotxCcSqz3ryNrz2isn8n4zuVgD7O/GKeSZobqD
|
||||||
|
hv7IBY5Th1F4yQ94U0u8nkr2OVccsXohXxsRXN38/qLqT2I8R00evrnwhPZE9JFn
|
||||||
|
dfJAMXCxtkwxuLYosrKyUTDbARLGAhP4RD9BXOijH0ec2lS/RKdcz0PI9Lz9zrzS
|
||||||
|
Oq1JmxqYBi+jlxPuCqPHP1QY2LRXq5Ckr4hXsiKVbnMTpW0eL9raNva/NleaSzaH
|
||||||
|
ovNyYVYzdGgBdM3IYcnm8bpuJHeuxHWkyw2buRUktxNGT//VXeAz0yyLuMVr1D20
|
||||||
|
fDrHPI1hEukcIw8Z1s0Bg0wkUfRDBEWG4aL9GruAV9WyyMAAudtAXDfjO7Wo2vkI
|
||||||
|
qdByXSsQw4pOUlLmOaFdf1Jr2pQYtQPsxJcyuyxBJ8pextUTtKIENRW8ENYHI7af
|
||||||
|
C7fL3DMdWkpH04nGmmiv/kisZ01q+13x/t83ENv049Z65rV9lr01C08I1xrQuxf8
|
||||||
|
rCKkcRNAXw0aVRoi7k4111mpzCWCqYCU6rbvlF3q5PyR5mYk7/m2k1lhgp4JSgfM
|
||||||
|
zJT9uGLKjP0XiubV8poJNqRuMkHAMsmD2GjqJRmhfDXBJKfrbTDDE8PV1jvQpur9
|
||||||
|
5z+bMnJ6A4eFK8+3KymbO58TTJr/YtIZg39tv67CmmvkzqI1ymHvUkYa1EYvmcjn
|
||||||
|
SplmwrNqWXS7Pnxehq4JDBwOccvITkdIrwnvHM8D3XyHeIvt6c1fCzIl0f0M5oqQ
|
||||||
|
nkurQrPWTrvA+H8BJ3AzLIk8HrduMgjSujWA+ZK4E0QLlC8ElSQ3vUpQ4CfErEy1
|
||||||
|
byVXi4Iphdxoy1NIgoRwlClSwprcT7wtEPRAKZtYZlUk7Ji7YH928PPv0hqdnPZW
|
||||||
|
t8jVO0Fy3bf1iHO4aPepmXzT5h6ouo64tlMobStlccz7YCVweNZdVQrPokBhcrIE
|
||||||
|
zCsNBY0vntcNXEkFUxneBzYHW22ov6bTL7GYTBnJ5AAUl0YJ5lij0rYv5YXRlJA9
|
||||||
|
c8CyGuXl3zCt9k2dG4oYBh9OwoUo+LJyuDym8O5xZs0KdhwSePfc2WCcuzjxAJat
|
||||||
|
Pxqa+RawZybWLq+RKfONJ6Ds5PwYGaxO0Ra+MJnWqC0aQBTrzn1mLUfZ5V8kaKsT
|
||||||
|
ARU/KONBagKvL279DcvU3wuDgKWmCKE2k31A45P3Z0N3KdadF7AGYb9YCjwpS5z8
|
||||||
|
ad40UZ2WeoLBcfXWJWfN27mmpVw9STiOOVVwg466OwLeO0pZeHO+26zGtsTW6ueT
|
||||||
|
p+W/ulIZYUM2LyCJfEhu2MdsO7CvTdLoEj/vGJpJAnOXRpsbRPCz4YbBmvcOmXt0
|
||||||
|
lwT/YWnWNGViDfI+WPRtVTMFmb2W93MdOU8l3G7XNp9WlZuG19MQT89hYe1zdBQX
|
||||||
|
r2nORbb+du7MnX7El3h9xJDAWUPfV1NrPdvlS6JtRvvRpphhTor6s4UY0hi77SRf
|
||||||
|
S+4rzvKSecS2rxKR2GJOYT9Bf+TAfTjCeiwsHEV43sY/jER7mqlitVJ4MzYCHIrU
|
||||||
|
q1oiBODbLrS0PDtn45mtBPqYmNHvp5+Mo3UFAOSZO03PY48hbDoByhh8On+Xhf/P
|
||||||
|
M5RDzDJSWAXJvFw2HftUAben4mXPZ0Ifum7Hm34PQV9VJ+Us5rmmShmGdacw4AYX
|
||||||
|
GsdNYJ4Ga8M6bsPLo5Vk6s7OOdSAGl/K8l+VJgOzjcBVUwM6d8lQMHAgVdYukY/h
|
||||||
|
beSMD2VemMYHhpCV+Ys/yeBRwC5rrHoyTJXN1aE4PuC/mg/ath3hPZibTugy0qYN
|
||||||
|
4HgSB8+r8YhJXiSu
|
||||||
|
=Hqtq
|
||||||
|
-----END PGP MESSAGE-----
|
|
@ -0,0 +1,242 @@
|
||||||
|
{
|
||||||
|
site.net = {
|
||||||
|
core.ospf.secret = "SECRET";
|
||||||
|
};
|
||||||
|
|
||||||
|
site.hosts = {
|
||||||
|
ap1.password = "SECRET";
|
||||||
|
ap2.password = "SECRET";
|
||||||
|
ap3.password = "SECRET";
|
||||||
|
ap4.password = "SECRET";
|
||||||
|
ap5.password = "SECRET";
|
||||||
|
ap6.password = "SECRET";
|
||||||
|
ap7.password = "SECRET";
|
||||||
|
ap8.password = "SECRET";
|
||||||
|
ap9.password = "SECRET";
|
||||||
|
ap10.password = "SECRET";
|
||||||
|
ap11.password = "SECRET";
|
||||||
|
ap12.password = "SECRET";
|
||||||
|
ap15.password = "SECRET";
|
||||||
|
ap17.password = "SECRET";
|
||||||
|
ap18.password = "SECRET";
|
||||||
|
ap19.password = "SECRET";
|
||||||
|
ap21.password = "SECRET";
|
||||||
|
ap22.password = "SECRET";
|
||||||
|
ap23.password = "SECRET";
|
||||||
|
ap24.password = "SECRET";
|
||||||
|
ap25.password = "SECRET";
|
||||||
|
ap26.password = "SECRET";
|
||||||
|
ap27.password = "SECRET";
|
||||||
|
ap28.password = "SECRET";
|
||||||
|
ap29.password = "SECRET";
|
||||||
|
ap30.password = "SECRET";
|
||||||
|
ap31.password = "SECRET";
|
||||||
|
ap32.password = "SECRET";
|
||||||
|
ap33.password = "SECRET";
|
||||||
|
ap34.password = "SECRET";
|
||||||
|
ap35.password = "SECRET";
|
||||||
|
ap36.password = "SECRET";
|
||||||
|
ap37.password = "SECRET";
|
||||||
|
ap38.password = "SECRET";
|
||||||
|
ap39.password = "SECRET";
|
||||||
|
ap40.password = "SECRET";
|
||||||
|
ap41.password = "SECRET";
|
||||||
|
ap42.password = "SECRET";
|
||||||
|
ap43.password = "SECRET";
|
||||||
|
ap44.password = "SECRET";
|
||||||
|
ap45.password = "SECRET";
|
||||||
|
ap46.password = "SECRET";
|
||||||
|
ap47.password = "SECRET";
|
||||||
|
ap48.password = "SECRET";
|
||||||
|
ap49.password = "SECRET";
|
||||||
|
ap50.password = "SECRET";
|
||||||
|
ap51.password = "SECRET";
|
||||||
|
ap52.password = "SECRET";
|
||||||
|
ap53.password = "SECRET";
|
||||||
|
ap54.password = "SECRET";
|
||||||
|
ap55.password = "SECRET";
|
||||||
|
ap56.password = "SECRET";
|
||||||
|
switch-a1.password = "SECRET";
|
||||||
|
switch-b1.password = "SECRET";
|
||||||
|
switch-b2.password = "SECRET";
|
||||||
|
switch-c1.password = "SECRET";
|
||||||
|
switch-c3d2-main.password = "SECRET";
|
||||||
|
switch-d1.password = "SECRET";
|
||||||
|
switch-dach.password = "SECRET";
|
||||||
|
|
||||||
|
upstream4.interfaces.up4-pppoe.upstream = {
|
||||||
|
user = "SECRET";
|
||||||
|
password = "SECRET";
|
||||||
|
};
|
||||||
|
|
||||||
|
anon1.wireguard.njalla = {
|
||||||
|
addresses = [ "fec0::1/64" "192.168.0.1/24" ];
|
||||||
|
endpoint = "0.0.0.1";
|
||||||
|
privateKey = "SECRET";
|
||||||
|
publicKey = "SECRET";
|
||||||
|
upBandwidth = 45000;
|
||||||
|
};
|
||||||
|
|
||||||
|
ap1.wifi."platform/qca953x_wmac".ssids."uebergangsnetz".psk = "SECRET";
|
||||||
|
ap10.wifi."platform/qca953x_wmac".ssids = {
|
||||||
|
"Ebs 2000".psk = "SECRET";
|
||||||
|
"iz-dresden.org".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap11.wifi."platform/qca955x_wmac".ssids."braeunigkoschnik".psk = "SECRET";
|
||||||
|
ap12.wifi."platform/ar934x_wmac".ssids = {
|
||||||
|
"IrèneMélix".psk = "SECRET";
|
||||||
|
"paperheart".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap15.wifi."platform/qca955x_wmac".ssids."etz250".psk = "SECRET";
|
||||||
|
ap17.wifi."platform/qca955x_wmac".ssids = {
|
||||||
|
"EDUB".psk = "SECRET";
|
||||||
|
"Zweitwohnsitz".psk = "SECRET";
|
||||||
|
"e-Stuetzpunkt".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap18.wifi."platform/qca953x_wmac".ssids."Restaurierung Wolff/Kober".psk = "SECRET";
|
||||||
|
ap19.wifi."platform/qca953x_wmac".ssids = {
|
||||||
|
"Studio 01127".psk = "SECRET";
|
||||||
|
"Walter".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap2.wifi = {
|
||||||
|
"pci0000:01/0000:01:00.0".ssids."C3D2".psk = "SECRET";
|
||||||
|
"platform/qca955x_wmac".ssids."C3D2 legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap21.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap23.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."LBK Network".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."LBK Network".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap24.wifi."platform/ar933x_wmac".ssids."farbwerk".psk = "SECRET";
|
||||||
|
ap25.wifi."platform/ar933x_wmac".ssids."farbwerk".psk = "SECRET";
|
||||||
|
ap26.wifi."pci0000:00/0000:00:00.0".ssids."Dezember".psk = "SECRET";
|
||||||
|
ap29.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."jungnickel-fotografie".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."jungnickel-fotografie".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap3.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET";
|
||||||
|
"platform/ar934x_wmac".ssids."C3D2 legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap30.wifi."platform/qca956x_wmac".ssids."WLANb0402".psk = "SECRET";
|
||||||
|
ap31.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids = {
|
||||||
|
"C3D2 legacy" = { "psk" = "SECRET"; };
|
||||||
|
"FOTOAKADEMIEdd" = { "psk" = "SECRET"; };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ap32.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap33.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."C3D2 legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap35.wifi."platform/qca956x_wmac".ssids."Koch".psk = "SECRET";
|
||||||
|
ap36.wifi."platform/ar933x_wmac".ssids."C3D2 legacy".psk = "SECRET";
|
||||||
|
ap37.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."hechtfilm.de".psk = "SECRET";
|
||||||
|
"platform/ahb/18100000.wmac".ssids."hechtfilm.de legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap38.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids = {
|
||||||
|
"ZW heinrichsgarten" = { "psk" = "SECRET"; };
|
||||||
|
"plop" = { "psk" = "SECRET"; };
|
||||||
|
};
|
||||||
|
"platform/qca956x_wmac".ssids = {
|
||||||
|
"ZW heinrichsgarten" = { "psk" = "SECRET"; };
|
||||||
|
"plop" = { "psk" = "SECRET"; };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ap39.wifi."platform/10180000.wmac".ssids."EckiTino".psk = "SECRET";
|
||||||
|
ap4.wifi."platform/qca955x_wmac".ssids."jam-circle.de".psk = "SECRET";
|
||||||
|
ap40.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."M".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."M legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap41.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."Walter".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."Walter".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap42.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."jam-circle.de".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."jam-circle.de legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap43.wifi."platform/qca955x_wmac".ssids."Kaffeetasse".psk = "SECRET";
|
||||||
|
ap44.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap45.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap46.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids = {
|
||||||
|
"EWW".psk = "SECRET";
|
||||||
|
"ZW stage legacy".psk = "SECRET";
|
||||||
|
};
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids = {
|
||||||
|
"EWW".psk = "SECRET";
|
||||||
|
"ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ap47.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap48.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap49.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap5.wifi."platform/qca955x_wmac".ssids."verbalwerk.de".psk = "SECRET";
|
||||||
|
ap50.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids = {
|
||||||
|
"ZW stage legacy".psk = "SECRET";
|
||||||
|
"gerdwork".psk = "SECRET";
|
||||||
|
};
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap51.wifi = {
|
||||||
|
"pci0000:01/0000:01:00.0".ssids."antrares".psk = "SECRET";
|
||||||
|
"platform/qca955x_wmac".ssids."antrares".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap52.wifi = {
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0".ssids."ZW stage legacy".psk = "SECRET";
|
||||||
|
"1e140000.pcie/pci0000:00/0000:00:01.0/0000:02:00.0".ssids."ZW stage".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap53.wifi."platform/qca953x_wmac".ssids."Karen Koschnick".psk = "SECRET";
|
||||||
|
ap54.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."Abyssinia".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."Abyssinia".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap55.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."MagLAN".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."MagLAN (legacy)".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap56.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."MagLAN".psk = "SECRET";
|
||||||
|
"platform/qca956x_wmac".ssids."MagLAN (legacy)".psk = "SECRET";
|
||||||
|
};
|
||||||
|
ap7.wifi."platform/qca953x_wmac".ssids."mino".psk = "SECRET";
|
||||||
|
ap8.wifi = {
|
||||||
|
"pci0000:00/0000:00:00.0".ssids."C3D2".psk = "SECRET";
|
||||||
|
"platform/ar934x_wmac".ssids = {
|
||||||
|
"C3D2 legacy".psk = "SECRET";
|
||||||
|
"teknologi".psk = "SECRET";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ap9.wifi."platform/qca953x_wmac".ssids."Herzzbuehne".psk = "SECRET";
|
||||||
|
};
|
||||||
|
|
||||||
|
site.dyndnsKey = "SECRET";
|
||||||
|
}
|
|
@ -0,0 +1,39 @@
|
||||||
|
let
|
||||||
|
range = cur: max:
|
||||||
|
if cur <= max
|
||||||
|
then [ cur ] ++ range (cur + 1) max
|
||||||
|
else [];
|
||||||
|
in
|
||||||
|
{
|
||||||
|
site.net = builtins.mapAttrs (_: vlan: { inherit vlan; }) {
|
||||||
|
# switches and CPE only have IP addresses configured in the management vlan
|
||||||
|
mgmt = 1;
|
||||||
|
# routers, OSPF area 0
|
||||||
|
core = 2;
|
||||||
|
# servers...
|
||||||
|
serv = 3;
|
||||||
|
# ZW public
|
||||||
|
pub = 4;
|
||||||
|
# C3D2 home network
|
||||||
|
c3d2 = 5;
|
||||||
|
cluster = 6;
|
||||||
|
bmx = 7;
|
||||||
|
# Modems
|
||||||
|
up1 = 10;
|
||||||
|
up2 = 11;
|
||||||
|
up3 = 12;
|
||||||
|
up4 = 13;
|
||||||
|
# Isolated neighbors directly connectied with their modems
|
||||||
|
iso1 = 101;
|
||||||
|
iso2 = 102;
|
||||||
|
iso3 = 103;
|
||||||
|
iso4 = 104;
|
||||||
|
iso5 = 105;
|
||||||
|
iso6 = 106;
|
||||||
|
} // builtins.foldl' (result: i:
|
||||||
|
# Neighbor subnets
|
||||||
|
result // {
|
||||||
|
"priv${toString i}".vlan = i + 39;
|
||||||
|
}
|
||||||
|
) {} (range 1 61);
|
||||||
|
}
|
20
flake.lock
20
flake.lock
|
@ -52,25 +52,7 @@
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": "nixpkgs",
|
"nixpkgs": "nixpkgs",
|
||||||
"nixpkgs-master": "nixpkgs-master",
|
"nixpkgs-master": "nixpkgs-master",
|
||||||
"openwrt": "openwrt",
|
"openwrt": "openwrt"
|
||||||
"zentralwerk-network-key": "zentralwerk-network-key"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"zentralwerk-network-key": {
|
|
||||||
"locked": {
|
|
||||||
"dir": "nix/key",
|
|
||||||
"lastModified": 1631808463,
|
|
||||||
"narHash": "sha256-5xMZkqqQbpXECnKEK2THT7u4+/vL7SPp3Jvoicm1Moc=",
|
|
||||||
"ref": "master",
|
|
||||||
"rev": "e4a5aee0e44ca058d2f12d6c6f34db6d484187fc",
|
|
||||||
"revCount": 1172,
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://gitea.c3d2.de/zentralwerk/network.git?dir=nix%2fkey"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"dir": "nix/key",
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://gitea.c3d2.de/zentralwerk/network.git?dir=nix%2fkey"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
|
@ -6,13 +6,9 @@
|
||||||
nixpkgs-master.url = "github:NixOS/nixpkgs";
|
nixpkgs-master.url = "github:NixOS/nixpkgs";
|
||||||
openwrt.url = "git+https://git.openwrt.org/openwrt/openwrt.git?ref=openwrt-21.02";
|
openwrt.url = "git+https://git.openwrt.org/openwrt/openwrt.git?ref=openwrt-21.02";
|
||||||
openwrt.flake = false;
|
openwrt.flake = false;
|
||||||
|
|
||||||
# `nix flake update --override-flake zentralwerk-network-key git+file:///...`
|
|
||||||
# to provide the GPG secret key
|
|
||||||
zentralwerk-network-key.url = "git+https://gitea.c3d2.de/zentralwerk/network.git?dir=nix/key";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{ self, nixpkgs, nixpkgs-master, openwrt, zentralwerk-network-key }:
|
outputs = inputs@{ self, nixpkgs, nixpkgs-master, openwrt }:
|
||||||
let
|
let
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
systems = [ system ];
|
systems = [ system ];
|
||||||
|
@ -33,7 +29,6 @@
|
||||||
lib = nixpkgs.lib.extend (final: prev:
|
lib = nixpkgs.lib.extend (final: prev:
|
||||||
import ./nix/lib {
|
import ./nix/lib {
|
||||||
inherit self;
|
inherit self;
|
||||||
inherit (zentralwerk-network-key.lib) gpgKey;
|
|
||||||
inherit openwrt;
|
inherit openwrt;
|
||||||
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
||||||
});
|
});
|
||||||
|
|
|
@ -1,14 +0,0 @@
|
||||||
{
|
|
||||||
description = "Zentralwerk network secret GPG key";
|
|
||||||
|
|
||||||
outputs = { ... }: {
|
|
||||||
lib.gpgKey = null;
|
|
||||||
# test key
|
|
||||||
lib.dyndnsKey = "Dr1QHSfNtAwgbdoNBtCgl5NxsSXlaw9+qo7juiVTv58=";
|
|
||||||
# test credentials
|
|
||||||
lib.pppoe.upstream4 = {
|
|
||||||
user = "test@example.com";
|
|
||||||
password = "secret";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,6 +1,5 @@
|
||||||
{ self
|
{ self
|
||||||
, pkgs ? import <nixpkgs> {}
|
, pkgs ? import <nixpkgs> {}
|
||||||
, gpgKey
|
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
@ -22,18 +21,13 @@ let
|
||||||
default = [];
|
default = [];
|
||||||
internal = true;
|
internal = true;
|
||||||
};
|
};
|
||||||
options.gpgKey = mkOption {
|
|
||||||
type = with types; nullOr path;
|
|
||||||
};
|
|
||||||
config = {
|
|
||||||
inherit gpgKey;
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
./options.nix
|
./options.nix
|
||||||
./legacy.nix
|
../../../config
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
inherit (result) config;
|
inherit (result) config;
|
||||||
|
|
||||||
warn = result:
|
warn = result:
|
||||||
|
@ -47,9 +41,9 @@ let
|
||||||
|
|
||||||
error = result:
|
error = result:
|
||||||
let
|
let
|
||||||
failed =
|
failed = builtins.filter ({ assertion, ... }:
|
||||||
builtins.filter ({ assertion, ... }: !assertion)
|
!assertion
|
||||||
config.assertions;
|
) config.assertions;
|
||||||
in
|
in
|
||||||
if failed != []
|
if failed != []
|
||||||
then throw ''
|
then throw ''
|
||||||
|
@ -58,9 +52,9 @@ let
|
||||||
${self.lib.concatMapStringsSep "\n" ({ message, ... }: message) failed}
|
${self.lib.concatMapStringsSep "\n" ({ message, ... }: message) failed}
|
||||||
''
|
''
|
||||||
else result;
|
else result;
|
||||||
in
|
|
||||||
warn (
|
in warn (error ({
|
||||||
error (
|
inherit (result) options;
|
||||||
builtins.removeAttrs config [ "assertions" "warnings" "gpgKey" "salt-pillar" ]
|
|
||||||
)
|
config = builtins.removeAttrs config [ "assertions" "warnings" ];
|
||||||
)
|
}))
|
||||||
|
|
|
@ -1,588 +0,0 @@
|
||||||
{ config, pkgs, lib, self, ... }:
|
|
||||||
|
|
||||||
let
|
|
||||||
mainServers = [ "server1" "server2" ];
|
|
||||||
cephMonServers = [ "server5" "server6" "server8" ];
|
|
||||||
pillar = self.lib.saltPillarFor "*";
|
|
||||||
|
|
||||||
clusterServerNets = [
|
|
||||||
"mgmt" "pub" "core" "serv"
|
|
||||||
"c3d2" "cluster" "bmx" "priv23"
|
|
||||||
];
|
|
||||||
clusterServerInterfaces = builtins.foldl' (result: net:
|
|
||||||
result // {
|
|
||||||
"${net}".type = "bridge";
|
|
||||||
}
|
|
||||||
) {} clusterServerNets;
|
|
||||||
|
|
||||||
renameAttr = from: to: attrset:
|
|
||||||
builtins.foldl' (result: name:
|
|
||||||
if name == from
|
|
||||||
then result // { "${to}" = attrset.${name}; }
|
|
||||||
else result // { "${name}" = attrset.${name}; }
|
|
||||||
) {} (builtins.attrNames attrset);
|
|
||||||
|
|
||||||
# HACK: `type = "phys"` works but once an LXC container is stopped
|
|
||||||
# the VLAN interface is not moved back.
|
|
||||||
forceVeth = interface: interface // {
|
|
||||||
type = "veth";
|
|
||||||
};
|
|
||||||
|
|
||||||
netHasDHCP = net:
|
|
||||||
net == "pub" ||
|
|
||||||
net == "serv" ||
|
|
||||||
builtins.match "priv[[:digit:]]+" net != null;
|
|
||||||
|
|
||||||
whoLinksTo = target:
|
|
||||||
builtins.attrNames (
|
|
||||||
lib.filterAttrs (hostName: { ports, ... }:
|
|
||||||
hostName != target &&
|
|
||||||
ports ? ${target}
|
|
||||||
) pillar.switches
|
|
||||||
);
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.salt-pillar = lib.mkOption {};
|
|
||||||
config.salt-pillar = pillar;
|
|
||||||
|
|
||||||
config.site.net = lib.mkMerge ([
|
|
||||||
(builtins.mapAttrs (_: vlan: { vlan = vlan; }) pillar.vlans)
|
|
||||||
(builtins.mapAttrs (_: subnet4: { inherit subnet4; }) pillar.subnets-inet)
|
|
||||||
(builtins.mapAttrs (_: hosts4: { inherit hosts4; }) pillar.hosts-inet)
|
|
||||||
(builtins.mapAttrs (net: dhcpData: {
|
|
||||||
dhcp = {
|
|
||||||
inherit (dhcpData) start end time max-time;
|
|
||||||
server =
|
|
||||||
if netHasDHCP net
|
|
||||||
then "${net}-gw"
|
|
||||||
else null;
|
|
||||||
fixed-hosts =
|
|
||||||
if dhcpData ? fixed-hosts
|
|
||||||
then dhcpData.fixed-hosts
|
|
||||||
else {};
|
|
||||||
router = dhcpData.host-opts.routers;
|
|
||||||
};
|
|
||||||
domainName = dhcpData.string-opts.domain-name;
|
|
||||||
}) pillar.dhcp)
|
|
||||||
{
|
|
||||||
core.ospf.secret = pillar.ospf.secret;
|
|
||||||
pub.dynamicDomain = true;
|
|
||||||
|
|
||||||
cluster.extraRecords = map (host: {
|
|
||||||
name = "_ceph-mon._tcp";
|
|
||||||
type = "SRV";
|
|
||||||
data = "1 1 6789 ${host}";
|
|
||||||
}) cephMonServers ++
|
|
||||||
lib.lists.imap0 (i: host: {
|
|
||||||
name = "mon${toString i}";
|
|
||||||
type = "CNAME";
|
|
||||||
data = "${host}";
|
|
||||||
}) cephMonServers;
|
|
||||||
|
|
||||||
c3d2.dynamicDomain = true;
|
|
||||||
c3d2.dhcp = {
|
|
||||||
server = "c3d2-gw3";
|
|
||||||
router = "c3d2-anon";
|
|
||||||
start = "172.22.99.100";
|
|
||||||
end = "172.22.99.199";
|
|
||||||
fixed-hosts = {
|
|
||||||
"astron.hq.c3d2.de" = "aa:00:5b:08:f0:5b";
|
|
||||||
"astrom.hq.c3d2.de" = "aa:00:5b:08:f0:5c";
|
|
||||||
"www1.hq.c3d2.de" = "aa:00:13:8b:03:47";
|
|
||||||
"dn42.hq.c3d2.de" = "aa:00:42:7a:32:46";
|
|
||||||
"icq.hq.c3d2.de" = "aa:00:30:f6:27:89";
|
|
||||||
"jabber1.hq.c3d2.de" = "aa:00:0b:19:8f:14";
|
|
||||||
"jabber2.hq.c3d2.de" = "aa:00:3d:6a:23:b8";
|
|
||||||
"wiefelspuetz.hq.c3d2.de" = "aa:00:7f:01:8a:d0";
|
|
||||||
"git.hq.c3d2.de" = "aa:00:47:d8:57:10";
|
|
||||||
"fernandopoo.hq.c3d2.de" = "aa:00:f7:52:85:27";
|
|
||||||
"moleflap.hq.c3d2.de" = "aa:00:0d:b1:6c:67";
|
|
||||||
"wormhole.hq.c3d2.de" = "00:23:c3:d2:00:76";
|
|
||||||
"sharing.hq.c3d2.de" = "00:23:c3:d2:75:18";
|
|
||||||
"drucker.hq.c3d2.de" = "00:23:c3:d2:12:0f";
|
|
||||||
"knot.hq.c3d2.de" = "52:54:cf:fd:ce:3f";
|
|
||||||
"bender.hq.c3de.de" = "00:23:df:7e:c8:0a";
|
|
||||||
"sofafon.hq.c3d2.de" = "b8:27:eb:23:8d:01";
|
|
||||||
"schalter.hq.c3d2.de" = "b8:27:eb:4c:be:ff";
|
|
||||||
"beere.hq.c3d2.de" = "b8:27:eb:ac:65:d2";
|
|
||||||
"ledball1.hq.c3d2.de" = "b8:27:eb:53:0b:27";
|
|
||||||
"cider.hq.c3d2.de" = "00:0d:93:75:ee:fa";
|
|
||||||
"semanta.hq.c3d2.de" = "00:ff:e4:bb:ea:2a";
|
|
||||||
"leviathan.hq.c3d2.de" = "00:ff:08:31:db:e5";
|
|
||||||
"beere2.hq.c3d2.de" = "b8:27:eb:53:0b:27";
|
|
||||||
"feile.hq.c3d2.de" = "aa:00:5b:12:c1:f7";
|
|
||||||
"matemat.hq.c3d2.de" = "a2:1b:7c:e8:19:72";
|
|
||||||
"172.22.99.98" = "08:00:27:aa:90:e2";
|
|
||||||
"172.22.99.96" = "08:00:27:bb:8c:b3";
|
|
||||||
"batman.hq.c3d2.de" = "5c:cf:7f:c0:05:28";
|
|
||||||
"monit.hq.c3d2.de" = "00:23:ae:94:e7:19";
|
|
||||||
"storage2.hq.c3d2.de" = "42:5e:0f:4e:f3:cc";
|
|
||||||
"server2.hq.c3d2.de" = "d0:67:e5:f3:57:10";
|
|
||||||
"server3.hq.c3d2.de" = "e4:1f:13:2e:4f:c0";
|
|
||||||
"server4.hq.c3d2.de" = "00:9c:02:a9:26:01";
|
|
||||||
"minecraft.hq.c3d2.de" = "4a:57:d3:64:fe:e9";
|
|
||||||
"ustriper.hq.c3d2.de" = "aa:bb:95:33:bb:aa";
|
|
||||||
"lisbeth.hq.c3d2.de" = "b8:27:eb:a5:ee:5c";
|
|
||||||
"ruststripe1.hq.c3d2.de" = "06:32:0e:39:21:69";
|
|
||||||
"fhem.hq.c3d2.de" = "b8:27:eb:9e:8b:db";
|
|
||||||
"glotzbert.hq.c3d2.de" = "ec:a8:6b:fe:b4:cb";
|
|
||||||
"pulsebert.hq.c3d2.de" = "b8:27:eb:16:31:61";
|
|
||||||
"dacbert.hq.c3d2.de" = "dc:a6:32:31:b6:32";
|
|
||||||
"public-access-proxy.hq.c3d2.de" = "12:24:5f:bd:9b:e7";
|
|
||||||
"marenz-build.hq.c3d2.de" = "44:1e:a1:59:2e:e8";
|
|
||||||
"ledbeere.hq.c3d2.de" = "b8:27:eb:60:99:59";
|
|
||||||
};
|
|
||||||
time = 86400;
|
|
||||||
max-time = 30 * 86400;
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
# net priv* settings
|
|
||||||
(
|
|
||||||
builtins.mapAttrs (netName: _: {
|
|
||||||
dynamicDomain = true;
|
|
||||||
}) (
|
|
||||||
lib.filterAttrs (netName: _:
|
|
||||||
builtins.match "priv[[:digit:]]+" netName != null
|
|
||||||
) pillar.hosts-inet
|
|
||||||
)
|
|
||||||
)
|
|
||||||
] ++ (
|
|
||||||
map (ctx:
|
|
||||||
builtins.mapAttrs (_: subnet: { subnets6.${ctx} = subnet; }) pillar.subnets-inet6.${ctx}
|
|
||||||
) (builtins.attrNames pillar.subnets-inet6)
|
|
||||||
) ++ (
|
|
||||||
map (ctx:
|
|
||||||
builtins.mapAttrs (_: subnet: { hosts6.${ctx} = subnet; }) pillar.hosts-inet6.${ctx}
|
|
||||||
) (builtins.attrNames pillar.hosts-inet6)
|
|
||||||
));
|
|
||||||
|
|
||||||
config.site.hosts = lib.mkMerge (
|
|
||||||
[
|
|
||||||
{ # Static definitions
|
|
||||||
|
|
||||||
mgmt-gw.firewall.enable = true;
|
|
||||||
priv13-gw.firewall.enable = true;
|
|
||||||
|
|
||||||
dns.services.dns.enable = true;
|
|
||||||
|
|
||||||
dnscache = {
|
|
||||||
role = "container";
|
|
||||||
|
|
||||||
interfaces.serv = {
|
|
||||||
gw4 = "serv-gw";
|
|
||||||
gw6 = "serv-gw";
|
|
||||||
type = "veth";
|
|
||||||
};
|
|
||||||
|
|
||||||
services.dnscache.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
upstream1.interfaces.up1.upstream = {
|
|
||||||
provider = "vodafone";
|
|
||||||
staticIpv4Address = "24.134.104.53";
|
|
||||||
noNat.subnets6 = [
|
|
||||||
"2a02:8106:208:5200::/56"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
upstream2.interfaces.up2.upstream = {
|
|
||||||
provider = "vodafone";
|
|
||||||
noNat.subnets6 = [
|
|
||||||
"2a02:8106:208:e900::/56"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
upstream3.interfaces.up3.upstream.provider = "starlink";
|
|
||||||
upstream4.interfaces.up4-pppoe = {
|
|
||||||
type = "pppoe";
|
|
||||||
upstream = {
|
|
||||||
provider = "dsi";
|
|
||||||
link = "up4";
|
|
||||||
staticIpv4Address = "81.201.149.152";
|
|
||||||
upBandwidth = 98000;
|
|
||||||
noNat.subnets6 = [
|
|
||||||
"2a00:8180:2000:37::1/128"
|
|
||||||
"2a00:8180:2c00:200::/56"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
|
||||||
upstream1.ospf.upstreamInstance = 3;
|
|
||||||
upstream2.ospf.upstreamInstance = 4;
|
|
||||||
anon1.ospf.upstreamInstance = 5;
|
|
||||||
freifunk.ospf.upstreamInstance = 6;
|
|
||||||
upstream3.ospf.upstreamInstance = 7;
|
|
||||||
upstream4.ospf.upstreamInstance = 8;
|
|
||||||
c3d2-gw1.ospf.allowedUpstreams = [ "upstream3" "upstream4" "upstream1" "anon1" "freifunk" ];
|
|
||||||
c3d2-gw2.ospf.allowedUpstreams = [ "upstream1" "upstream3" "upstream4" "anon1" "freifunk" ];
|
|
||||||
c3d2-gw3.ospf.allowedUpstreams = [ "upstream4" "upstream3" "upstream1" "anon1" "freifunk" ];
|
|
||||||
serv-gw.ospf.allowedUpstreams = [ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
|
|
||||||
cls-gw.ospf.allowedUpstreams = [ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
|
|
||||||
mgmt-gw.ospf.allowedUpstreams = [ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
|
|
||||||
bgp.ospf.allowedUpstreams = [ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
|
|
||||||
anon1.ospf.allowedUpstreams = [ "upstream1" "upstream3" "upstream4" "freifunk" ];
|
|
||||||
priv17-gw-up3.ospf.allowedUpstreams = [ "upstream3" "upstream4" "upstream1" "anon1" "freifunk" ];
|
|
||||||
|
|
||||||
pub-gw.ospf.allowedUpstreams = [ "anon1" "freifunk" ];
|
|
||||||
c3d2-anon.ospf.allowedUpstreams = [ "anon1" "freifunk" ];
|
|
||||||
|
|
||||||
upstream4.forwardPorts = [
|
|
||||||
{
|
|
||||||
destination = config.site.net.serv.hosts4.public-access-proxy;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 80;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.serv.hosts4.public-access-proxy;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 443;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.serv.hosts4.bind;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 53;
|
|
||||||
reflect = false;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.serv.hosts4.bind;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 53;
|
|
||||||
reflect = false;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.c3d2.hosts4.dn42;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 2325;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.c3d2.hosts4.dn42;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 2399;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.c3d2.hosts4.dn42;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 2327;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.c3d2.hosts4.dn42;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 2338;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.c3d2.hosts4.dn42;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 2339;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.c3d2.hosts4.dn42;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 40533;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.c3d2.hosts4.dn42;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 61699;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = "${config.site.net.serv.hosts4.leonos}:22";
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 2223;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = config.site.net.serv.hosts4.minetest;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 30000;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = "172.22.99.175:22";
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 2224;
|
|
||||||
}
|
|
||||||
{ # Gitea ssh
|
|
||||||
destination = config.site.net.serv.hosts4.gitea;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 22;
|
|
||||||
}
|
|
||||||
{ # Jabber C2S
|
|
||||||
destination = config.site.net.serv.hosts4.jabber;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 5222;
|
|
||||||
}
|
|
||||||
{ # Jabber C2S+SSL
|
|
||||||
destination = config.site.net.serv.hosts4.jabber;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 5223;
|
|
||||||
}
|
|
||||||
{ # Jabber S2S
|
|
||||||
destination = config.site.net.serv.hosts4.jabber;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 5269;
|
|
||||||
}
|
|
||||||
{ # Jabber TURN
|
|
||||||
destination = config.site.net.serv.hosts4.jabber;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 3478;
|
|
||||||
}
|
|
||||||
{ # Jabber TURN
|
|
||||||
destination = config.site.net.serv.hosts4.jabber;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 3479;
|
|
||||||
}
|
|
||||||
{ # Jabber TURN
|
|
||||||
destination = config.site.net.serv.hosts4.jabber;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 3478;
|
|
||||||
}
|
|
||||||
{ # Jabber TURN
|
|
||||||
destination = config.site.net.serv.hosts4.jabber;
|
|
||||||
proto = "udp";
|
|
||||||
sourcePort = 3479;
|
|
||||||
}
|
|
||||||
{
|
|
||||||
destination = "${config.site.net.serv.hosts4.vps1}:22";
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = 2225;
|
|
||||||
}
|
|
||||||
] ++ map (port: {
|
|
||||||
destination = config.site.net.serv.hosts4.mail;
|
|
||||||
proto = "tcp";
|
|
||||||
sourcePort = port;
|
|
||||||
}) [ 25 465 587 110 143 993 995 ];
|
|
||||||
|
|
||||||
server3.interfaces = clusterServerInterfaces;
|
|
||||||
server5.interfaces = clusterServerInterfaces;
|
|
||||||
server6.interfaces = clusterServerInterfaces;
|
|
||||||
server7.interfaces = clusterServerInterfaces;
|
|
||||||
server8.interfaces = clusterServerInterfaces;
|
|
||||||
server9.interfaces = clusterServerInterfaces;
|
|
||||||
|
|
||||||
ap-test1.interfaces = {
|
|
||||||
mgmt.type = "phys";
|
|
||||||
pub.type = "bridge";
|
|
||||||
c3d2.type = "bridge";
|
|
||||||
bmx.type = "bridge";
|
|
||||||
};
|
|
||||||
ap-test2.interfaces = {
|
|
||||||
mgmt.type = "phys";
|
|
||||||
pub.type = "bridge";
|
|
||||||
c3d2.type = "bridge";
|
|
||||||
bmx.type = "bridge";
|
|
||||||
};
|
|
||||||
ap4.links.switch-b2.ports = [ "wan" ];
|
|
||||||
ap6.links.switch-b2.ports = [ "wan" ];
|
|
||||||
ap21.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap27.links.switch-b2.ports = [ "wan" ];
|
|
||||||
ap32.links.switch-b2.ports = [ "lan" ];
|
|
||||||
ap33.links.switch-b2.ports = [ "lan" ];
|
|
||||||
ap36.links.switch-b2.ports = [ "wan" ];
|
|
||||||
ap43.links.switch-a1.ports = [ "wan" ];
|
|
||||||
ap44.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap45.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap46.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap47.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap48.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap49.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap50.links.switch-a1.ports = [ "lan" ];
|
|
||||||
ap52.links.switch-a1.ports = [ "lan" ];
|
|
||||||
|
|
||||||
ap28.links.ap3.ports = [ "wan" ];
|
|
||||||
ap3.links.ap28.ports = [ "lan:1" ];
|
|
||||||
ap3.links.c3d2.ports = lib.mkForce [
|
|
||||||
"lan:2"
|
|
||||||
"lan:3"
|
|
||||||
"lan:4"
|
|
||||||
];
|
|
||||||
ap34.links.ap42.ports = [ "lan" ];
|
|
||||||
ap42.links.priv4.ports = lib.mkForce [
|
|
||||||
"lan:1"
|
|
||||||
"lan:2"
|
|
||||||
"lan:4"
|
|
||||||
];
|
|
||||||
ap42.links.ap34.ports = [ "lan:3" ];
|
|
||||||
}
|
|
||||||
|
|
||||||
# host priv*-gw settings
|
|
||||||
(
|
|
||||||
builtins.mapAttrs (hostName: _: {
|
|
||||||
ospf.allowedUpstreams = [ "upstream4" "upstream3" "upstream1" "anon1" "freifunk" ];
|
|
||||||
}) (
|
|
||||||
lib.filterAttrs (hostName: _:
|
|
||||||
builtins.match "priv[[:digit:]]+-gw" hostName != null
|
|
||||||
) pillar.containers
|
|
||||||
)
|
|
||||||
)
|
|
||||||
|
|
||||||
(builtins.foldl' (result: hostName: result // {
|
|
||||||
"${hostName}" = {
|
|
||||||
role = "server";
|
|
||||||
interfaces = builtins.mapAttrs (net: _: {
|
|
||||||
type = "phys";
|
|
||||||
} // lib.optionalAttrs (net == "cluster") {
|
|
||||||
gw4 = "cls-gw";
|
|
||||||
gw6 = "cls-gw";
|
|
||||||
}) (
|
|
||||||
lib.filterAttrs (_: hosts: hosts ? ${hostName}) (
|
|
||||||
pillar.hosts-inet // (
|
|
||||||
builtins.foldl' (result: hosts: result // hosts) {} (builtins.attrValues pillar.hosts-inet6)
|
|
||||||
)
|
|
||||||
)
|
|
||||||
) // builtins.foldl' (result: container:
|
|
||||||
result // builtins.mapAttrs (net: interface: {
|
|
||||||
type = "bridge";
|
|
||||||
}) container.interfaces
|
|
||||||
) {} (builtins.attrValues pillar.containers);
|
|
||||||
};
|
|
||||||
}) {} mainServers)
|
|
||||||
|
|
||||||
(builtins.mapAttrs (_: switch: {
|
|
||||||
inherit (switch) model location password;
|
|
||||||
role = "switch";
|
|
||||||
interfaces.mgmt.type = "phys";
|
|
||||||
links = builtins.mapAttrs (_: { ports, group ? null, ... }: {
|
|
||||||
group = if group != null
|
|
||||||
then toString group
|
|
||||||
else null;
|
|
||||||
ports = map toString (
|
|
||||||
if builtins.isList ports
|
|
||||||
then ports
|
|
||||||
else [ ports ]
|
|
||||||
);
|
|
||||||
}) switch.ports;
|
|
||||||
}) pillar.switches)
|
|
||||||
|
|
||||||
(builtins.mapAttrs (hostName: ap: {
|
|
||||||
inherit (ap) model location password;
|
|
||||||
role = "ap";
|
|
||||||
|
|
||||||
interfaces = builtins.foldl' (interfaces: net: interfaces // {
|
|
||||||
"${net}" = {
|
|
||||||
type = "bridge";
|
|
||||||
};
|
|
||||||
}) {
|
|
||||||
mgmt = {
|
|
||||||
type = "phys";
|
|
||||||
gw4 = "mgmt-gw";
|
|
||||||
gw6 = "mgmt-gw";
|
|
||||||
};
|
|
||||||
} (
|
|
||||||
builtins.concatMap ({ ssids, ... }:
|
|
||||||
map ({ net, ... }: net) (builtins.attrValues ssids)
|
|
||||||
) (builtins.attrValues ap.radios)
|
|
||||||
);
|
|
||||||
|
|
||||||
links =
|
|
||||||
let
|
|
||||||
wanTargets = whoLinksTo hostName;
|
|
||||||
model = self.lib.getOpenwrtModel ap.model;
|
|
||||||
getPorts = regex:
|
|
||||||
map (port: {
|
|
||||||
port = port.port;
|
|
||||||
phys = port.port;
|
|
||||||
}.${port.type}) (
|
|
||||||
builtins.filter (port:
|
|
||||||
port ? port &&
|
|
||||||
builtins.match regex port.port != null
|
|
||||||
) (builtins.attrValues model.ports)
|
|
||||||
);
|
|
||||||
in
|
|
||||||
if model ? ports
|
|
||||||
then
|
|
||||||
if getPorts "wan" == [] && builtins.length wanTargets > 0
|
|
||||||
then {
|
|
||||||
# Only 1 Ethernet port, treat lan as uplink
|
|
||||||
"${builtins.head wanTargets}".ports = getPorts "lan";
|
|
||||||
}
|
|
||||||
else
|
|
||||||
lib.optionalAttrs (builtins.length wanTargets > 0) {
|
|
||||||
"${builtins.head wanTargets}".ports = getPorts "wan";
|
|
||||||
} // lib.optionalAttrs (ap ? lan-access) {
|
|
||||||
"${ap.lan-access}".ports = self.lib.unique (
|
|
||||||
getPorts "lan.*"
|
|
||||||
);
|
|
||||||
}
|
|
||||||
else
|
|
||||||
builtins.trace "No known ports for OpenWRT model ${ap.model}"
|
|
||||||
{};
|
|
||||||
|
|
||||||
wifi = ap.radios;
|
|
||||||
|
|
||||||
}) pillar.cpe)
|
|
||||||
|
|
||||||
(builtins.mapAttrs (name: container:
|
|
||||||
let
|
|
||||||
ctPillar = self.lib.saltPillarFor name;
|
|
||||||
in {
|
|
||||||
role = "container";
|
|
||||||
|
|
||||||
interfaces =
|
|
||||||
builtins.mapAttrs (net: interface:
|
|
||||||
renameAttr "gw" "gw4"
|
|
||||||
(forceVeth interface) // (
|
|
||||||
if ctPillar ? upstream &&
|
|
||||||
ctPillar.upstream.interface == net
|
|
||||||
then {
|
|
||||||
upstream.upBandwidth = ctPillar.upstream.up-bandwidth;
|
|
||||||
}
|
|
||||||
else {}
|
|
||||||
)
|
|
||||||
) container.interfaces;
|
|
||||||
|
|
||||||
wireguard =
|
|
||||||
lib.optionalAttrs (ctPillar ? wireguard-instances) (
|
|
||||||
builtins.mapAttrs (net: wgData: {
|
|
||||||
inherit (builtins.head wgData.peers) endpoint;
|
|
||||||
publicKey = (builtins.head wgData.peers).public_key;
|
|
||||||
privateKey = wgData.private_key;
|
|
||||||
addresses = builtins.filter builtins.isString (
|
|
||||||
builtins.split "[, ]+" wgData.addr
|
|
||||||
);
|
|
||||||
upBandwidth = ctPillar.upstream.up-bandwidth;
|
|
||||||
}) ctPillar.wireguard-instances);
|
|
||||||
|
|
||||||
ospf =
|
|
||||||
let
|
|
||||||
ospfConf = ctPillar.ospf;
|
|
||||||
in lib.optionalAttrs (ctPillar ? ospf && ospfConf ? stubnets-inet) {
|
|
||||||
stubNets4 = ospfConf.stubnets-inet;
|
|
||||||
} // lib.optionalAttrs (ctPillar ? ospf && ospfConf ? stubnets-inet6) {
|
|
||||||
stubNets6 = ospfConf.stubnets-inet6;
|
|
||||||
};
|
|
||||||
|
|
||||||
bgp =
|
|
||||||
if ctPillar ? bgp
|
|
||||||
then
|
|
||||||
let
|
|
||||||
bgpConf = ctPillar.bgp;
|
|
||||||
in {
|
|
||||||
inherit (bgpConf) asn;
|
|
||||||
peers = bgpConf.peers-inet // bgpConf.peers-inet6;
|
|
||||||
}
|
|
||||||
else null;
|
|
||||||
|
|
||||||
forwardPorts =
|
|
||||||
if ctPillar ? port-forwarding
|
|
||||||
then map ({ proto, port, to }: {
|
|
||||||
proto = proto;
|
|
||||||
sourcePort = port;
|
|
||||||
destination = to;
|
|
||||||
}) ctPillar.port-forwarding
|
|
||||||
else [];
|
|
||||||
}) pillar.containers)
|
|
||||||
] ++
|
|
||||||
|
|
||||||
(map (net:
|
|
||||||
builtins.mapAttrs (_: addr4: {
|
|
||||||
}) pillar.hosts-inet.${net}
|
|
||||||
) (builtins.attrNames pillar.hosts-inet)) ++
|
|
||||||
|
|
||||||
(builtins.concatMap (ctx:
|
|
||||||
map (net:
|
|
||||||
builtins.mapAttrs (_: addr6: {
|
|
||||||
}) pillar.hosts-inet6.${ctx}.${net}
|
|
||||||
) (builtins.attrNames pillar.hosts-inet6.${ctx})
|
|
||||||
) (builtins.attrNames pillar.hosts-inet6))
|
|
||||||
);
|
|
||||||
|
|
||||||
config.site.sshPubKeys = [
|
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOFs2LdK23ysS0SSkXZuULUOCZHe1ZxvfOKj002J6rkvAaDLar9g5aKuiIV70ZR33A2rchoLMiM4pLLwoSAPJg1FgIgJjU+DFoWtiW+IjzKXdHHVspb2iOIhpfbfk8WC5HZ/6fPz4RUqadGQ43ImnMhSN0ge3s/oM48hpc96ne6tH+mGiugdPx8097NE9yTqJHi8deBhi3daeJH4eQeg66Fi+kDIAZv5TJ0Oca5h7PBd253/vf3l21jRH8u1D1trALv9KStGycTk5Nwih+OHx+Rnvue/B/nxgAz4I3mmQa+jhRlGaQVG0MtOBRY3Ae7ZNqhjuefDUCM2hwG70toU9xDUw0AihC2ownY+P2PjssoG1O8f/D7ilw7qrXJHEeM8HwzqMH8X4ELYHaHTwjeWfZTTFev1Djr969LjdS1UZzqCZHO0jmQ5Pa3eXw8xcoprtt620kYLTKSMs6exLstE48o57Yqfn+eTJDy7EkcjiLN6GNIi42b9Z73xXNpZx1WR9O6OulJf/6pWgrApasvxiGmxxILq98s1/VnZkOFXR8JXnpvKHEIOIr3bFQu3GLCrzY2Yuh4NL5wy6lcZNTr/0rr6AO24IbEWM7TApbXnKA5XQhAbThrVsuFBdT3+bBP2nedvWQ0W+Q6SUf+8T2o5InnFqs5ABnTixBItiWw+9BiQ== root@server1"
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -208,6 +208,14 @@ let
|
||||||
default = [];
|
default = [];
|
||||||
description = "Do not NAT66 traffic from these public static subnets";
|
description = "Do not NAT66 traffic from these public static subnets";
|
||||||
};
|
};
|
||||||
|
user = mkOption {
|
||||||
|
type = with types; nullOr str;
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
|
password = mkOption {
|
||||||
|
type = with types; nullOr str;
|
||||||
|
default = null;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
interfaceOpts = { name, ... }: {
|
interfaceOpts = { name, ... }: {
|
||||||
|
@ -503,6 +511,10 @@ in
|
||||||
sshPubKeys = mkOption {
|
sshPubKeys = mkOption {
|
||||||
type = with types; listOf str;
|
type = with types; listOf str;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
dyndnsKey = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config.warnings =
|
config.warnings =
|
||||||
|
|
|
@ -1,13 +1,7 @@
|
||||||
{ self, gpgKey, pkgs, openwrt }:
|
{ self, pkgs, openwrt }:
|
||||||
|
|
||||||
rec {
|
rec {
|
||||||
config = import ./config { inherit self pkgs gpgKey; };
|
config = (import ./config { inherit self pkgs; }).config;
|
||||||
|
|
||||||
saltPillarFor = import ./salt-support/salt-pillar.nix {
|
|
||||||
inherit pkgs gpgKey;
|
|
||||||
};
|
|
||||||
|
|
||||||
expandSaltTemplate = import ./salt-support/expand-template.nix { inherit pkgs; };
|
|
||||||
|
|
||||||
netmasks = import ./netmasks.nix;
|
netmasks = import ./netmasks.nix;
|
||||||
|
|
||||||
|
|
|
@ -1,23 +0,0 @@
|
||||||
{ pkgs ? import <nixpkgs> {}
|
|
||||||
}:
|
|
||||||
|
|
||||||
name: template: data:
|
|
||||||
let
|
|
||||||
jsonFile =
|
|
||||||
builtins.toFile "data.json" (builtins.toJSON data);
|
|
||||||
j2custom =
|
|
||||||
builtins.toFile "j2custom.py" ''
|
|
||||||
def j2_environment(env):
|
|
||||||
env.globals.update(
|
|
||||||
zip=zip
|
|
||||||
)
|
|
||||||
return env
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
pkgs.runCommandLocal name {
|
|
||||||
nativeBuildInputs = with pkgs; [
|
|
||||||
pythonPackages.j2cli yaml2json
|
|
||||||
];
|
|
||||||
} ''
|
|
||||||
j2 --customize ${j2custom} -f json ${template} ${jsonFile} > $out
|
|
||||||
''
|
|
|
@ -1,47 +0,0 @@
|
||||||
{ pkgs ? import <nixpkgs> {}
|
|
||||||
, gpgKey
|
|
||||||
}:
|
|
||||||
|
|
||||||
with pkgs.lib;
|
|
||||||
let
|
|
||||||
loadYaml = import ./load-yaml.nix { inherit pkgs; };
|
|
||||||
|
|
||||||
decryptMessage = x:
|
|
||||||
if gpgKey == null
|
|
||||||
then "encrypted"
|
|
||||||
else
|
|
||||||
builtins.readFile (
|
|
||||||
pkgs.runCommandLocal "decrypted-salt-value" {
|
|
||||||
nativeBuildInputs = [ pkgs.gnupg ];
|
|
||||||
} ''
|
|
||||||
export GNUPGHOME=$(mktemp -d)
|
|
||||||
gpg --import ${gpgKey}
|
|
||||||
gpg -d > $out << EOF
|
|
||||||
${x}
|
|
||||||
EOF
|
|
||||||
''
|
|
||||||
);
|
|
||||||
|
|
||||||
decrypt = x:
|
|
||||||
if builtins.isString x
|
|
||||||
then if builtins.substring 0 27 x == "-----BEGIN PGP MESSAGE-----"
|
|
||||||
then decryptMessage x
|
|
||||||
else x
|
|
||||||
else if builtins.isList x
|
|
||||||
then map decrypt x
|
|
||||||
else if builtins.isAttrs x
|
|
||||||
then builtins.mapAttrs (_: decrypt) x
|
|
||||||
else x;
|
|
||||||
|
|
||||||
loadSls = files:
|
|
||||||
decrypt (
|
|
||||||
builtins.foldl' (result: filename:
|
|
||||||
recursiveUpdate result (loadYaml filename)
|
|
||||||
) {} files
|
|
||||||
);
|
|
||||||
in
|
|
||||||
|
|
||||||
files:
|
|
||||||
if builtins.isList files
|
|
||||||
then loadSls files
|
|
||||||
else loadSls [ files ]
|
|
|
@ -1,17 +0,0 @@
|
||||||
{ pkgs ? import <nixpkgs> {}
|
|
||||||
}:
|
|
||||||
|
|
||||||
path:
|
|
||||||
let
|
|
||||||
json = pkgs.runCommandLocal "desalinated-${builtins.baseNameOf path}" {
|
|
||||||
nativeBuildInputs = with pkgs; [
|
|
||||||
pythonPackages.j2cli ruby yaml2json
|
|
||||||
];
|
|
||||||
} ''
|
|
||||||
j2 ${path} > expanded.yaml
|
|
||||||
yaml2json < expanded.yaml > $out
|
|
||||||
'';
|
|
||||||
in
|
|
||||||
builtins.fromJSON (
|
|
||||||
builtins.readFile json
|
|
||||||
)
|
|
|
@ -1,66 +0,0 @@
|
||||||
{ pkgs ? import <nixpkgs> {}
|
|
||||||
, ...
|
|
||||||
}@args:
|
|
||||||
|
|
||||||
hostName:
|
|
||||||
|
|
||||||
let
|
|
||||||
loadSls = import ./load-sls.nix args;
|
|
||||||
|
|
||||||
pillarBase = (loadSls ../../../salt-pillar/top.sls).base;
|
|
||||||
|
|
||||||
globToRegex = builtins.replaceStrings ["*"] [".*"];
|
|
||||||
|
|
||||||
baseMatches =
|
|
||||||
if hostName == "*"
|
|
||||||
then
|
|
||||||
builtins.attrNames pillarBase
|
|
||||||
else
|
|
||||||
builtins.filter (patterns:
|
|
||||||
pkgs.lib.any (pattern:
|
|
||||||
builtins.match (globToRegex pattern) hostName != null
|
|
||||||
) (
|
|
||||||
builtins.filter builtins.isString (
|
|
||||||
builtins.split " or " patterns
|
|
||||||
)
|
|
||||||
)
|
|
||||||
) (builtins.attrNames pillarBase);
|
|
||||||
|
|
||||||
fileIds = builtins.foldl' (result: matchName:
|
|
||||||
result ++ pillarBase.${matchName}
|
|
||||||
) [] baseMatches;
|
|
||||||
|
|
||||||
allFilePaths = pkgs.lib.filesystem.listFilesRecursive ../../../salt-pillar;
|
|
||||||
|
|
||||||
files = map (fileId:
|
|
||||||
let
|
|
||||||
parts = builtins.filter builtins.isString (
|
|
||||||
builtins.split "\\." fileId
|
|
||||||
);
|
|
||||||
matches = builtins.filter (filePath:
|
|
||||||
let
|
|
||||||
suffix1 = builtins.concatStringsSep "/" (parts ++ [ "init.sls" ]);
|
|
||||||
suffix2 = (builtins.concatStringsSep "/" parts) + ".sls";
|
|
||||||
check = suffix:
|
|
||||||
endsWith suffix (builtins.toString filePath);
|
|
||||||
in
|
|
||||||
check suffix1 || check suffix2
|
|
||||||
) allFilePaths;
|
|
||||||
matchesLength = builtins.length matches;
|
|
||||||
in
|
|
||||||
if matchesLength == 0
|
|
||||||
then throw "No pillar file for ${fileId}"
|
|
||||||
else if matchesLength > 1
|
|
||||||
then throw "Ambiguous choice of files for ${fileId}"
|
|
||||||
else builtins.head matches
|
|
||||||
) fileIds;
|
|
||||||
|
|
||||||
endsWith = suffix: s:
|
|
||||||
let
|
|
||||||
suffixLen = builtins.stringLength suffix;
|
|
||||||
sLen = builtins.stringLength s;
|
|
||||||
in
|
|
||||||
builtins.substring (sLen - suffixLen) suffixLen s == suffix;
|
|
||||||
|
|
||||||
in
|
|
||||||
loadSls files
|
|
|
@ -24,7 +24,7 @@ in
|
||||||
ddns-update-style standard;
|
ddns-update-style standard;
|
||||||
key dyndns {
|
key dyndns {
|
||||||
algorithm hmac-sha256;
|
algorithm hmac-sha256;
|
||||||
secret ${inputs.zentralwerk-network-key.lib.dyndnsKey};
|
secret ${config.site.dyndnsKey};
|
||||||
};
|
};
|
||||||
zone ${domainName}. {
|
zone ${domainName}. {
|
||||||
primary ${config.site.net.serv.hosts4.dns};
|
primary ${config.site.net.serv.hosts4.dns};
|
||||||
|
|
|
@ -122,7 +122,7 @@ in
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
key "dyndns" {
|
key "dyndns" {
|
||||||
algorithm hmac-sha256;
|
algorithm hmac-sha256;
|
||||||
secret "${inputs.zentralwerk-network-key.lib.dyndnsKey}";
|
secret "${config.site.dyndnsKey}";
|
||||||
};
|
};
|
||||||
'';
|
'';
|
||||||
extraOptions = ''
|
extraOptions = ''
|
||||||
|
@ -159,7 +159,7 @@ in
|
||||||
path = [ pkgs.dnsutils ];
|
path = [ pkgs.dnsutils ];
|
||||||
script = ''
|
script = ''
|
||||||
${lib.concatMapStrings (zone: ''
|
${lib.concatMapStrings (zone: ''
|
||||||
nsupdate -y "hmac-sha256:dyndns:${inputs.zentralwerk-network-key.lib.dyndnsKey}" <<EOF
|
nsupdate -y "hmac-sha256:dyndns:${config.site.dyndnsKey}" <<EOF
|
||||||
server localhost
|
server localhost
|
||||||
|
|
||||||
${lib.concatMapStringsSep "\n" ({ name, type, data }: ''
|
${lib.concatMapStringsSep "\n" ({ name, type, data }: ''
|
||||||
|
|
|
@ -7,8 +7,6 @@ let
|
||||||
lib.filterAttrs (_: { type, ... }: type == "pppoe")
|
lib.filterAttrs (_: { type, ... }: type == "pppoe")
|
||||||
hostConf.interfaces;
|
hostConf.interfaces;
|
||||||
|
|
||||||
inherit (inputs.zentralwerk-network-key.lib.pppoe.${hostName}) user password;
|
|
||||||
|
|
||||||
in lib.mkIf (pppoeInterfaces != {}) {
|
in lib.mkIf (pppoeInterfaces != {}) {
|
||||||
boot.postBootCommands = ''
|
boot.postBootCommands = ''
|
||||||
if [ ! -c /dev/ppp ]; then
|
if [ ! -c /dev/ppp ]; then
|
||||||
|
@ -16,12 +14,15 @@ in lib.mkIf (pppoeInterfaces != {}) {
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
|
|
||||||
environment.etc."ppp/pap-secrets".text = ''
|
environment.etc."ppp/pap-secrets".text = lib.concatMapStrings (ifName:
|
||||||
"${user}" * "${password}"
|
let
|
||||||
'';
|
inherit (pppoeInterfaces.${ifName}) user password;
|
||||||
|
in ''
|
||||||
|
"${user}" * "${password}"
|
||||||
|
'') (builtins.attrNames pppoeInterfaces);
|
||||||
services.pppd = {
|
services.pppd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
peers = builtins.mapAttrs (ifName: { upstream, ... }: {
|
peers = builtins.mapAttrs (ifName: { upstream, user, ... }: {
|
||||||
enable = true;
|
enable = true;
|
||||||
autostart = true;
|
autostart = true;
|
||||||
config = ''
|
config = ''
|
||||||
|
@ -48,7 +49,6 @@ in lib.mkIf (pppoeInterfaces != {}) {
|
||||||
default-asyncmap
|
default-asyncmap
|
||||||
mtu 1492
|
mtu 1492
|
||||||
# IP settings.
|
# IP settings.
|
||||||
#noipdefault
|
|
||||||
defaultroute
|
defaultroute
|
||||||
+ipv6
|
+ipv6
|
||||||
defaultroute6
|
defaultroute6
|
||||||
|
|
|
@ -12,18 +12,33 @@ let
|
||||||
nixpkgs.lib.generators.toPretty {} config
|
nixpkgs.lib.generators.toPretty {} config
|
||||||
);
|
);
|
||||||
|
|
||||||
salt-pillar-file = hostName: builtins.toFile "${hostName}.yaml" (
|
encrypt-secrets = pkgs.writeScriptBin "encrypt-secrets" ''
|
||||||
nixpkgs.lib.generators.toPretty {} (self.lib.saltPillarFor hostName)
|
#! ${pkgs.runtimeShell} -e
|
||||||
);
|
|
||||||
salt-pillars = builtins.foldl' (result: hostName: result // {
|
cd config
|
||||||
"${hostName}-pillar" = pkgs.runCommandLocal "${hostName}-pillar.nix" {} ''
|
exec ${pkgs.gnupg}/bin/gpg --armor --batch --trust-model always \
|
||||||
cp ${salt-pillar-file hostName} $out
|
--encrypt -r 1F0F221A7483B5EF5D103D8B32EBADE870BAF886 \
|
||||||
'';
|
< secrets-production.nix \
|
||||||
}) {} (
|
> secrets-production.nix.gpg
|
||||||
builtins.filter (hostName:
|
'';
|
||||||
builtins.elem config.site.hosts.${hostName}.role [ "server" "container" ]
|
decrypt-secrets = pkgs.writeScriptBin "decrypt-secrets" ''
|
||||||
) (builtins.attrNames config.site.hosts)
|
#! ${pkgs.runtimeShell} -e
|
||||||
);
|
|
||||||
|
cd config
|
||||||
|
[ -e secrets-production.nix ] && \
|
||||||
|
mv secrets-production.nix secrets-production.nix.old
|
||||||
|
exec ${pkgs.gnupg}/bin/gpg -d \
|
||||||
|
> secrets-production.nix \
|
||||||
|
< secrets-production.nix.gpg
|
||||||
|
'';
|
||||||
|
switch-to-production = pkgs.writeScriptBin "decrypt-secrets" ''
|
||||||
|
#! ${pkgs.runtimeShell} -e
|
||||||
|
|
||||||
|
${decrypt-secrets}
|
||||||
|
|
||||||
|
cd config
|
||||||
|
cp secrets-production.nix secrets.nix
|
||||||
|
'';
|
||||||
|
|
||||||
network-graphs = import ./network-graphs.nix { inherit config pkgs; };
|
network-graphs = import ./network-graphs.nix { inherit config pkgs; };
|
||||||
|
|
||||||
|
@ -65,6 +80,7 @@ let
|
||||||
inherit pkgs;
|
inherit pkgs;
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
salt-pillars // rootfs-packages // vm-packages // device-templates // network-graphs // starlink // {
|
rootfs-packages // vm-packages // device-templates // network-graphs // starlink // {
|
||||||
inherit export-openwrt-models export-config dns-slaves;
|
inherit export-openwrt-models export-config dns-slaves
|
||||||
|
encrypt-secrets decrypt-secrets switch-to-production;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,38 +0,0 @@
|
||||||
bind:
|
|
||||||
root-domain:
|
|
||||||
dn42: zentralwerk.dn42
|
|
||||||
up1: zentralwerk.org
|
|
||||||
master-ns:
|
|
||||||
dn42: dns.serv.zentralwerk.dn42
|
|
||||||
up1: dns.serv.zentralwerk.org
|
|
||||||
public-ns:
|
|
||||||
dn42:
|
|
||||||
- dns.serv.zentralwerk.dn42
|
|
||||||
up1:
|
|
||||||
- ns.c3d2.de
|
|
||||||
slaves:
|
|
||||||
# ns.c3d2.de
|
|
||||||
- 217.197.84.53
|
|
||||||
- 2001:67c:1400:2240::a
|
|
||||||
# dns.spaceboyz.net
|
|
||||||
- 172.22.24.4
|
|
||||||
- 2a01:4f9:4b:39ec::4
|
|
||||||
serial: 2021031200
|
|
||||||
|
|
||||||
reverse-zones-inet:
|
|
||||||
- 72.20.172.in-addr.arpa
|
|
||||||
- 73.20.172.in-addr.arpa
|
|
||||||
- 74.20.172.in-addr.arpa
|
|
||||||
- 75.20.172.in-addr.arpa
|
|
||||||
- 76.20.172.in-addr.arpa
|
|
||||||
- 77.20.172.in-addr.arpa
|
|
||||||
- 78.20.172.in-addr.arpa
|
|
||||||
- 79.20.172.in-addr.arpa
|
|
||||||
|
|
||||||
reverse-zones-inet6:
|
|
||||||
dn42:
|
|
||||||
- 8.5.0.2.d.3.c.2.4.0.0.3.2.d.f.ip6.arpa
|
|
||||||
- c.5.0.2.d.3.c.2.4.0.0.3.2.d.f.ip6.arpa
|
|
||||||
up1:
|
|
||||||
- 8.2.5.8.0.2.0.6.0.1.8.2.0.a.2.ip6.arpa
|
|
||||||
- c.2.5.8.0.2.0.6.0.1.8.2.0.a.2.ip6.arpa
|
|
|
@ -1,18 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
dyndns:
|
|
||||||
anon1:
|
|
||||||
interface: ipredator
|
|
||||||
secret: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQgAjh9ugkiUCwnXHHJP7mJqmjnS6shfTXMqPYeR1KTwIWvC
|
|
||||||
xOSxQBvD/WYOg/p6Jai+dB5TAvI0l1G4oaaii3OoKot0flJPzWR5IgBHJBmDEuii
|
|
||||||
/pinHD4JpNTDPb2OBE/UXZjyJ4XGCwh8yVaOr5LmRPuB/DMfxk6FpPpDps6n5ioT
|
|
||||||
i9RkvgZTtyk8nyb3Q+Gg051vXKYOHiZbOtu08GRMDqBjkBwWAaVCWc/ts4Gs0SjG
|
|
||||||
GgxWR6VWhMSWIbuJmFY5Bix6rRuI6cVY48Xg+/aQXxrSMjI3SKjpeJ0Otn7Hi1Fh
|
|
||||||
vK6mIZtyESsNt3qHd65GPWJ0PPLiOg6M0peC9rfJgdJnAYq2n/f89jfraVTK3gYL
|
|
||||||
ch7EWeGAJbqf7srcDqjL/kHVSVrLlh3GSpFZsyD3hOeGMWrkQnnVrMBLo2oAoQSp
|
|
||||||
bVh+AjIkctnwHJSDS6FsijrQJicLVu/tG/Sg9PqELvWzMf+LvRL49Q==
|
|
||||||
=zrkj
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
dyndns:
|
|
||||||
upstream1:
|
|
||||||
interface: up1
|
|
||||||
secret: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQgAlT62OyjlGRcQ8/RivPsFfJfVSoNhGFFbSm+1yfA7Efav
|
|
||||||
d/ELCj86zXTvYoa4S8jEvd6iqsKOukINlCkYHR3p5Qs31bsSh/B+0B09fksp7d4O
|
|
||||||
NCE4VVInZe9HY7DpSFEsu44gbit2MJKhhbtozkyEwn3dGaXHmGEWqS1V20fLFeUA
|
|
||||||
r1ZwqyI6nFHT28thugt36r6/ZblkeZDqH77JuR/AnIsCFtykErZsiTQiiuiiOrvU
|
|
||||||
/m0kTz0jHBVSRuil3+4uibOWf2eDPuLukD2RXszGnaaq066vlRVyTKTchVjBnqDs
|
|
||||||
tNYls0rmr6UOOQid7N0BcCjYKKkoF6AVb3R1eA1yG9JnAeSx1KAmIrzfYLJ/eRkw
|
|
||||||
CPXogzxlMQt1i4fNRVUPWX+V9SHsbw/bp0CgaI1FJsfnVL4+BZejxTpGvybuKR+O
|
|
||||||
ejuUPineVymhVULbK2bbUGhpn0aaaKmV4CmZusueHg2W2lpJS0UozQ==
|
|
||||||
=krxI
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
|
@ -1,18 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
dyndns:
|
|
||||||
upstream2:
|
|
||||||
interface: up2
|
|
||||||
secret: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf/dsFJZ7Ud81pppjYXlOAEe1Zz+VqFaR+8kjzTE1uSxqNF
|
|
||||||
cI3asqGG1ltqY4CNJ0Sw6dzFKgCvBMxY2PlAKi2W/d4VXW+Eq3fuLA9g8AZ3FHxL
|
|
||||||
8LgBaxoIuue8lI3FpQk3rbkhnELbwTp8A6Y0TCqexDp7NyieaHdsFkkg9lJn268B
|
|
||||||
RsIsg2n3ZlpPw6PgQ1qz0hqTlSIi/FyVTX0JLQ7GIpiPZPPsEtT0A62adkla0x4+
|
|
||||||
fkrqPBC3jD5ICz/mytkmwWilmkZHO+VXF7juAmwLnmp69w1yhsohVK1mecme60Rt
|
|
||||||
w6i6cVhvg/EaQnqhKxusLi3DnroaVTwU9wvw3aBiN9JnATYs/Y9LotYP3/4tiPO1
|
|
||||||
c45aNN6Oz/s7RwjTjiZv0LqnoXVLYPF2a0xok5eIklwp2f/wp7jh/SelJCZHY7H4
|
|
||||||
dx2TiwNW89qYfN4GNmfie+LgJDqs9DEZPBDDwjYBIPDMsh7kZiTo5A==
|
|
||||||
=pVXt
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
|
@ -1,21 +0,0 @@
|
||||||
ospf:
|
|
||||||
stubnets-inet:
|
|
||||||
- 172.20.0.0/14
|
|
||||||
- 10.0.0.0/8
|
|
||||||
stubnets-inet6:
|
|
||||||
- fd00::/8
|
|
||||||
- 2a02:8106:208:5200::/56
|
|
||||||
- 2a02:8106:211:e900::/56
|
|
||||||
|
|
||||||
bgp:
|
|
||||||
asn: 4242421127
|
|
||||||
|
|
||||||
peers-inet:
|
|
||||||
# dn42.hq.c3d2.de
|
|
||||||
'172.22.99.253':
|
|
||||||
asn: 64699
|
|
||||||
|
|
||||||
peers-inet6:
|
|
||||||
# dn42.hq.c3d2.de
|
|
||||||
'fe80::a800:42ff:fe7a:3246%c3d2':
|
|
||||||
asn: 64699
|
|
|
@ -1,15 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
ospf:
|
|
||||||
secret: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf/UzB2wsDsIfUEIEx20IehQbTkw5A9gCYnuW09lvkzxlgY
|
|
||||||
IHDh8arul9ED7GFdVBja5cZVCs/dzqG0j+uP8zAwMjBLvvS6AopFnVdZnM0ANLth
|
|
||||||
WCam9LxN+pxweD5DugODYzHZq2I3ktDqUAXwG0ORT4RyrM3kqP1hmWq9pP37breA
|
|
||||||
QabQG4BF6hCx09P2MN/Wvy//9RNwNWlMsM2UAvsau+t35y3UEr/UbMNYYYPXKt2l
|
|
||||||
fcQntwl2VEDin9XbrskBxQzACvn0rthUZwJ8n1oB8m3f7uGw6kIEf3eZ0eSQHafm
|
|
||||||
8MwVeLqsw0ZDIww2Oi4+RWLrFPa8bwJO1U2C6k/8qNJLAelPUBWkCetDoRlf1xEh
|
|
||||||
Umyi2PS5RIeUU49CoAMbrIsjUsQTBjYwTdiGCvH0RL5NIgWWaxoO3913AliIDUBh
|
|
||||||
bQaDO9GE1xb//lO+
|
|
||||||
=4yPK
|
|
||||||
-----END PGP MESSAGE-----
|
|
|
@ -1,33 +0,0 @@
|
||||||
radv:
|
|
||||||
pub-gw:
|
|
||||||
pub:
|
|
||||||
rdnss:
|
|
||||||
- dnscache.serv
|
|
||||||
dnssl:
|
|
||||||
- pub.zentralwerk.org
|
|
||||||
serv-gw:
|
|
||||||
serv:
|
|
||||||
rdnss:
|
|
||||||
- dnscache.serv
|
|
||||||
dnssl:
|
|
||||||
- serv.zentralwerk.org
|
|
||||||
cls-gw:
|
|
||||||
serv:
|
|
||||||
rdnss:
|
|
||||||
- dnscache.serv
|
|
||||||
dnssl:
|
|
||||||
- cluster.zentralwerk.org
|
|
||||||
c3d2-gw1:
|
|
||||||
c3d2:
|
|
||||||
rdnss:
|
|
||||||
- dnscache.serv
|
|
||||||
dnssl:
|
|
||||||
- hq.c3d2.de
|
|
||||||
{%- for i in range(1, 62) %}
|
|
||||||
priv{{ i }}-gw:
|
|
||||||
priv{{ i }}:
|
|
||||||
rdnss:
|
|
||||||
- dnscache.serv
|
|
||||||
dnssl:
|
|
||||||
- priv{{ i }}.zentralwerk.org
|
|
||||||
{%- endfor %}
|
|
|
@ -1,5 +0,0 @@
|
||||||
collectd:
|
|
||||||
network: client
|
|
||||||
interface: True
|
|
||||||
conntrack: True
|
|
||||||
dhcpcount: True
|
|
|
@ -1,14 +0,0 @@
|
||||||
collectd:
|
|
||||||
network: client
|
|
||||||
irq: True
|
|
||||||
cpu: True
|
|
||||||
load: True
|
|
||||||
memory: True
|
|
||||||
swap: True
|
|
||||||
entropy: True
|
|
||||||
disk: True
|
|
||||||
df: True
|
|
||||||
processes: True
|
|
||||||
hddtemp: True
|
|
||||||
sensors: True
|
|
||||||
thermal: True
|
|
|
@ -1,8 +0,0 @@
|
||||||
collectd:
|
|
||||||
network: server
|
|
||||||
disk: True
|
|
||||||
df: True
|
|
||||||
rrdtool:
|
|
||||||
DataDir: "/var/lib/collectd/rrd"
|
|
||||||
CacheTimeout: 300
|
|
||||||
CacheFlush: 600
|
|
|
@ -1,8 +0,0 @@
|
||||||
collectd:
|
|
||||||
network: client
|
|
||||||
interface: True
|
|
||||||
ping:
|
|
||||||
- google.de
|
|
||||||
- 8.8.8.8
|
|
||||||
- www.vodafone.de
|
|
||||||
conntrack: True
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,525 +0,0 @@
|
||||||
dhcp:
|
|
||||||
pub:
|
|
||||||
start: 172.20.78.2
|
|
||||||
end: 172.20.79.254
|
|
||||||
time: 300
|
|
||||||
max-time: 3600
|
|
||||||
lower-max-time: 50
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: pub-gw.pub
|
|
||||||
string-opts:
|
|
||||||
domain-name: pub.zentralwerk.org
|
|
||||||
|
|
||||||
priv1:
|
|
||||||
start: 172.20.74.2
|
|
||||||
end: 172.20.74.14
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv1-gw.priv1
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv1.zentralwerk.org
|
|
||||||
|
|
||||||
priv2:
|
|
||||||
start: 172.20.75.2
|
|
||||||
end: 172.20.75.31
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv2-gw.priv2
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv2.zentralwerk.org
|
|
||||||
fixed-hosts:
|
|
||||||
172.20.75.7: 60:33:4b:0b:cd:fc
|
|
||||||
172.20.75.9: 00:11:32:22:95:79
|
|
||||||
|
|
||||||
priv3:
|
|
||||||
start: 172.20.74.130
|
|
||||||
end: 172.20.74.142
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv3-gw.priv3
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv3.zentralwerk.org
|
|
||||||
|
|
||||||
priv4:
|
|
||||||
start: 172.20.75.130
|
|
||||||
end: 172.20.75.142
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv4-gw.priv4
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv4.zentralwerk.org
|
|
||||||
|
|
||||||
priv5:
|
|
||||||
start: 172.20.74.66
|
|
||||||
end: 172.20.74.78
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv5-gw.priv5
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv5.zentralwerk.org
|
|
||||||
|
|
||||||
priv6:
|
|
||||||
start: 172.20.74.194
|
|
||||||
end: 172.20.74.206
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv6-gw.priv6
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv6.zentralwerk.org
|
|
||||||
|
|
||||||
priv7:
|
|
||||||
start: 172.20.75.66
|
|
||||||
end: 172.20.75.78
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv7-gw.priv7
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv7.zentralwerk.org
|
|
||||||
|
|
||||||
priv8:
|
|
||||||
start: 172.20.75.194
|
|
||||||
end: 172.20.75.206
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv8-gw.priv8
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv8.zentralwerk.org
|
|
||||||
|
|
||||||
priv9:
|
|
||||||
start: 172.20.74.34
|
|
||||||
end: 172.20.74.46
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv9-gw.priv9
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv9.zentralwerk.org
|
|
||||||
|
|
||||||
priv10:
|
|
||||||
start: 172.20.74.98
|
|
||||||
end: 172.20.74.110
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv10-gw.priv10
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv10.zentralwerk.org
|
|
||||||
|
|
||||||
priv11:
|
|
||||||
start: 172.20.74.162
|
|
||||||
end: 172.20.74.174
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv11-gw.priv11
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv11.zentralwerk.org
|
|
||||||
|
|
||||||
priv12:
|
|
||||||
start: 172.20.74.226
|
|
||||||
end: 172.20.74.238
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv12-gw.priv12
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv12.zentralwerk.org
|
|
||||||
|
|
||||||
priv13:
|
|
||||||
start: 172.20.75.34
|
|
||||||
end: 172.20.75.46
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv13-gw.priv13
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv13.zentralwerk.org
|
|
||||||
|
|
||||||
priv14:
|
|
||||||
start: 172.20.75.98
|
|
||||||
end: 172.20.75.110
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv14-gw.priv14
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv14.zentralwerk.org
|
|
||||||
|
|
||||||
priv15:
|
|
||||||
start: 172.20.75.162
|
|
||||||
end: 172.20.75.174
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv15-gw.priv15
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv15.zentralwerk.org
|
|
||||||
|
|
||||||
priv16:
|
|
||||||
start: 172.20.75.226
|
|
||||||
end: 172.20.75.238
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv16-gw.priv16
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv16.zentralwerk.org
|
|
||||||
|
|
||||||
priv17:
|
|
||||||
start: 172.20.73.131
|
|
||||||
end: 172.20.73.158
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv17-gw.priv17
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv17.zentralwerk.org
|
|
||||||
|
|
||||||
priv18:
|
|
||||||
start: 172.20.74.50
|
|
||||||
end: 172.20.74.62
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv18-gw.priv18
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv18.zentralwerk.org
|
|
||||||
|
|
||||||
priv19:
|
|
||||||
start: 172.20.73.194
|
|
||||||
end: 172.20.73.254
|
|
||||||
time: 120
|
|
||||||
# 30 days
|
|
||||||
max-time: 2592000
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv19-gw.priv19
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv19.zentralwerk.org
|
|
||||||
|
|
||||||
priv20:
|
|
||||||
start: 172.20.74.114
|
|
||||||
end: 172.20.74.126
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv20-gw.priv20
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv20.zentralwerk.org
|
|
||||||
|
|
||||||
priv21:
|
|
||||||
start: 172.20.74.146
|
|
||||||
end: 172.20.74.158
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv21-gw.priv21
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv21.zentralwerk.org
|
|
||||||
|
|
||||||
priv22:
|
|
||||||
start: 172.20.74.178
|
|
||||||
end: 172.20.74.190
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv22-gw.priv22
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv22.zentralwerk.org
|
|
||||||
|
|
||||||
priv23:
|
|
||||||
start: 172.20.73.165
|
|
||||||
end: 172.20.73.190
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv23-gw.priv23
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv23.zentralwerk.org
|
|
||||||
fixed-hosts:
|
|
||||||
172.20.73.162: da:2c:3a:2c:87:22
|
|
||||||
172.20.73.163: ca:9f:27:b2:bf:6d
|
|
||||||
172.20.73.164: 60:01:94:6f:81:a6
|
|
||||||
|
|
||||||
priv24:
|
|
||||||
start: 172.20.74.242
|
|
||||||
end: 172.20.74.254
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv24-gw.priv24
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv24.zentralwerk.org
|
|
||||||
|
|
||||||
priv25:
|
|
||||||
start: 172.20.74.82
|
|
||||||
end: 172.20.74.94
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv25-gw.priv25
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv25.zentralwerk.org
|
|
||||||
|
|
||||||
priv26:
|
|
||||||
start: 172.20.75.50
|
|
||||||
end: 172.20.75.62
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv26-gw.priv26
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv26.zentralwerk.org
|
|
||||||
|
|
||||||
priv27:
|
|
||||||
start: 172.20.75.82
|
|
||||||
end: 172.20.75.94
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv27-gw.priv27
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv27.zentralwerk.org
|
|
||||||
|
|
||||||
priv28:
|
|
||||||
start: 172.20.75.114
|
|
||||||
end: 172.20.75.126
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv28-gw.priv28
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv28.zentralwerk.org
|
|
||||||
|
|
||||||
priv29:
|
|
||||||
start: 172.20.75.146
|
|
||||||
end: 172.20.75.158
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv29-gw.priv29
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv29.zentralwerk.org
|
|
||||||
|
|
||||||
priv30:
|
|
||||||
start: 172.20.75.178
|
|
||||||
end: 172.20.75.190
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv30-gw.priv30
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv30.zentralwerk.org
|
|
||||||
|
|
||||||
priv31:
|
|
||||||
start: 172.20.75.210
|
|
||||||
end: 172.20.75.222
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv31-gw.priv31
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv31.zentralwerk.org
|
|
||||||
|
|
||||||
priv32:
|
|
||||||
start: 172.20.75.242
|
|
||||||
end: 172.20.75.254
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv32-gw.priv32
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv32.zentralwerk.org
|
|
||||||
|
|
||||||
priv33:
|
|
||||||
start: 172.20.74.18
|
|
||||||
end: 172.20.74.30
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv33-gw.priv33
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv33.zentralwerk.org
|
|
||||||
|
|
||||||
priv34:
|
|
||||||
start: 172.20.74.210
|
|
||||||
end: 172.20.74.222
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv34-gw.priv34
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv34.zentralwerk.org
|
|
||||||
|
|
||||||
priv35:
|
|
||||||
start: 172.20.76.2
|
|
||||||
end: 172.20.76.14
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv35-gw.priv35
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv35.zentralwerk.org
|
|
||||||
|
|
||||||
priv36:
|
|
||||||
start: 172.20.76.66
|
|
||||||
end: 172.20.76.78
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv36-gw.priv36
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv36.zentralwerk.org
|
|
||||||
|
|
||||||
priv37:
|
|
||||||
start: 172.20.76.130
|
|
||||||
end: 172.20.76.142
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv37-gw.priv37
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv37.zentralwerk.org
|
|
||||||
|
|
||||||
priv38:
|
|
||||||
start: 172.20.76.194
|
|
||||||
end: 172.20.76.206
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv38-gw.priv38
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv38.zentralwerk.org
|
|
||||||
|
|
||||||
priv39:
|
|
||||||
start: 172.20.77.130
|
|
||||||
end: 172.20.77.142
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv39-gw.priv39
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv39.zentralwerk.org
|
|
||||||
|
|
||||||
priv40:
|
|
||||||
start: 172.20.77.66
|
|
||||||
end: 172.20.77.78
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv40-gw.priv40
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv40.zentralwerk.org
|
|
||||||
|
|
||||||
priv41:
|
|
||||||
start: 172.20.77.194
|
|
||||||
end: 172.20.77.206
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv41-gw.priv41
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv41.zentralwerk.org
|
|
||||||
|
|
||||||
priv42:
|
|
||||||
start: 172.20.76.34
|
|
||||||
end: 172.20.76.46
|
|
||||||
time: 120
|
|
||||||
max-time: 86400
|
|
||||||
opts:
|
|
||||||
domain-name-servers: "172.20.73.8, 9.9.9.9"
|
|
||||||
host-opts:
|
|
||||||
routers: priv42-gw.priv42
|
|
||||||
string-opts:
|
|
||||||
domain-name: priv42.zentralwerk.org
|
|
|
@ -1,785 +0,0 @@
|
||||||
hosts-inet:
|
|
||||||
mgmt:
|
|
||||||
server1: 10.0.0.1
|
|
||||||
server2: 10.0.0.2
|
|
||||||
server3: 10.0.0.3
|
|
||||||
server4: 10.0.0.4
|
|
||||||
server5: 10.0.0.5
|
|
||||||
server6: 10.0.0.6
|
|
||||||
server7: 10.0.0.7
|
|
||||||
server8: 10.0.0.8
|
|
||||||
server9: 10.0.0.9
|
|
||||||
switch-b1: 10.0.0.10
|
|
||||||
switch-b2: 10.0.0.11
|
|
||||||
switch-c1: 10.0.0.12
|
|
||||||
switch-d1: 10.0.0.13
|
|
||||||
switch-c3d2-main: 10.0.0.14
|
|
||||||
switch-a1: 10.0.0.15
|
|
||||||
switch-a1-cpe: 10.0.0.16
|
|
||||||
switch-dach: 10.0.0.17
|
|
||||||
ap1: 10.0.0.41
|
|
||||||
ap2: 10.0.0.42
|
|
||||||
ap3: 10.0.0.43
|
|
||||||
ap4: 10.0.0.44
|
|
||||||
ap5: 10.0.0.45
|
|
||||||
ap6: 10.0.0.46
|
|
||||||
ap7: 10.0.0.47
|
|
||||||
ap8: 10.0.0.48
|
|
||||||
ap9: 10.0.0.49
|
|
||||||
ap10: 10.0.0.50
|
|
||||||
ap11: 10.0.0.51
|
|
||||||
ap12: 10.0.0.52
|
|
||||||
ap13: 10.0.0.53
|
|
||||||
ap14: 10.0.0.54
|
|
||||||
ap15: 10.0.0.55
|
|
||||||
ap16: 10.0.0.56
|
|
||||||
ap17: 10.0.0.57
|
|
||||||
ap18: 10.0.0.58
|
|
||||||
ap19: 10.0.0.59
|
|
||||||
ap20: 10.0.0.60
|
|
||||||
ap21: 10.0.0.61
|
|
||||||
ap22: 10.0.0.62
|
|
||||||
ap23: 10.0.0.63
|
|
||||||
ap24: 10.0.0.64
|
|
||||||
ap25: 10.0.0.65
|
|
||||||
ap26: 10.0.0.66
|
|
||||||
ap27: 10.0.0.67
|
|
||||||
ap28: 10.0.0.68
|
|
||||||
ap29: 10.0.0.69
|
|
||||||
ap30: 10.0.0.70
|
|
||||||
ap31: 10.0.0.71
|
|
||||||
ap32: 10.0.0.72
|
|
||||||
ap33: 10.0.0.73
|
|
||||||
ap34: 10.0.0.74
|
|
||||||
ap35: 10.0.0.75
|
|
||||||
ap36: 10.0.0.76
|
|
||||||
ap37: 10.0.0.77
|
|
||||||
ap38: 10.0.0.78
|
|
||||||
ap39: 10.0.0.79
|
|
||||||
ap40: 10.0.0.80
|
|
||||||
ap41: 10.0.0.81
|
|
||||||
ap42: 10.0.0.82
|
|
||||||
ap43: 10.0.0.83
|
|
||||||
ap44: 10.0.0.84
|
|
||||||
ap45: 10.0.0.85
|
|
||||||
ap46: 10.0.0.86
|
|
||||||
ap47: 10.0.0.87
|
|
||||||
ap48: 10.0.0.88
|
|
||||||
ap49: 10.0.0.89
|
|
||||||
ap50: 10.0.0.90
|
|
||||||
ap51: 10.0.0.91
|
|
||||||
ap52: 10.0.0.92
|
|
||||||
ap53: 10.0.0.93
|
|
||||||
ap54: 10.0.0.94
|
|
||||||
ap55: 10.0.0.95
|
|
||||||
ap56: 10.0.0.96
|
|
||||||
ap57: 10.0.0.97
|
|
||||||
ap58: 10.0.0.98
|
|
||||||
ap59: 10.0.0.99
|
|
||||||
ap60: 10.0.0.100
|
|
||||||
ap61: 10.0.0.101
|
|
||||||
ap62: 10.0.0.102
|
|
||||||
ap63: 10.0.0.103
|
|
||||||
ap64: 10.0.0.104
|
|
||||||
server1-ipmi: 10.0.0.201
|
|
||||||
server2-ipmi: 10.0.0.202
|
|
||||||
server3-ipmi: 10.0.0.203
|
|
||||||
server4-ipmi: 10.0.0.204
|
|
||||||
server5-ipmi: 10.0.0.205
|
|
||||||
server6-ipmi: 10.0.0.206
|
|
||||||
server7-ipmi: 10.0.0.207
|
|
||||||
server8-ipmi: 10.0.0.208
|
|
||||||
server9-ipmi: 10.0.0.209
|
|
||||||
monit: 10.0.0.250
|
|
||||||
logging: 10.0.0.251
|
|
||||||
mgmt-gw: 10.0.0.254
|
|
||||||
|
|
||||||
core:
|
|
||||||
server3: 172.20.72.53
|
|
||||||
server4: 172.20.72.54
|
|
||||||
server5: 172.20.72.55
|
|
||||||
server6: 172.20.72.56
|
|
||||||
server7: 172.20.72.57
|
|
||||||
server8: 172.20.72.58
|
|
||||||
server9: 172.20.72.59
|
|
||||||
serv-gw: 172.20.72.2
|
|
||||||
pub-gw: 172.20.72.3
|
|
||||||
priv1-gw: 172.20.72.4
|
|
||||||
priv2-gw: 172.20.72.5
|
|
||||||
upstream1: 172.20.72.6
|
|
||||||
anon1: 172.20.72.7
|
|
||||||
c3d2-gw1: 172.20.72.8
|
|
||||||
c3d2-anon: 172.20.72.9
|
|
||||||
upstream2: 172.20.72.10
|
|
||||||
upstream3: 172.20.72.11
|
|
||||||
upstream4: 172.20.72.12
|
|
||||||
priv3-gw: 172.20.72.13
|
|
||||||
priv4-gw: 172.20.72.14
|
|
||||||
priv5-gw: 172.20.72.15
|
|
||||||
priv6-gw: 172.20.72.16
|
|
||||||
priv7-gw: 172.20.72.17
|
|
||||||
priv8-gw: 172.20.72.18
|
|
||||||
priv9-gw: 172.20.72.19
|
|
||||||
priv10-gw: 172.20.72.20
|
|
||||||
priv11-gw: 172.20.72.21
|
|
||||||
priv12-gw: 172.20.72.22
|
|
||||||
priv13-gw: 172.20.72.23
|
|
||||||
priv14-gw: 172.20.72.24
|
|
||||||
priv15-gw: 172.20.72.25
|
|
||||||
priv16-gw: 172.20.72.26
|
|
||||||
bgp: 172.20.72.27
|
|
||||||
mgmt-gw: 172.20.72.28
|
|
||||||
cls-gw: 172.20.72.29
|
|
||||||
priv17-gw: 172.20.72.30
|
|
||||||
priv18-gw: 172.20.72.31
|
|
||||||
priv19-gw: 172.20.72.32
|
|
||||||
priv20-gw: 172.20.72.33
|
|
||||||
priv21-gw: 172.20.72.34
|
|
||||||
priv22-gw: 172.20.72.35
|
|
||||||
priv23-gw: 172.20.72.36
|
|
||||||
priv24-gw: 172.20.72.37
|
|
||||||
priv25-gw: 172.20.72.38
|
|
||||||
priv26-gw: 172.20.72.39
|
|
||||||
freifunk: 172.20.72.40
|
|
||||||
priv27-gw: 172.20.72.41
|
|
||||||
priv28-gw: 172.20.72.42
|
|
||||||
priv29-gw: 172.20.72.43
|
|
||||||
priv30-gw: 172.20.72.44
|
|
||||||
priv31-gw: 172.20.72.45
|
|
||||||
priv32-gw: 172.20.72.46
|
|
||||||
priv33-gw: 172.20.72.47
|
|
||||||
priv34-gw: 172.20.72.48
|
|
||||||
priv35-gw: 172.20.72.49
|
|
||||||
priv36-gw: 172.20.72.50
|
|
||||||
priv37-gw: 172.20.72.51
|
|
||||||
priv38-gw: 172.20.72.52
|
|
||||||
priv39-gw: 172.20.72.60
|
|
||||||
priv40-gw: 172.20.72.61
|
|
||||||
yggdrasil: 172.20.72.62
|
|
||||||
c3d2-gw2: 172.20.72.63
|
|
||||||
c3d2-gw3: 172.20.72.64
|
|
||||||
priv41-gw: 172.20.72.65
|
|
||||||
priv17-gw-up3: 172.20.72.66
|
|
||||||
priv42-gw: 172.20.72.67
|
|
||||||
|
|
||||||
pub:
|
|
||||||
pub-gw: 172.20.78.1
|
|
||||||
serv:
|
|
||||||
serv-gw: 172.20.73.1
|
|
||||||
dns: 172.20.73.2
|
|
||||||
stats: 172.20.73.3
|
|
||||||
radius: 172.20.73.4
|
|
||||||
zeit: 172.20.73.5
|
|
||||||
ntp: 172.20.73.5
|
|
||||||
minecraft: 172.20.73.6
|
|
||||||
used1: 172.20.73.7
|
|
||||||
dnscache: 172.20.73.8
|
|
||||||
used2: 172.20.73.9
|
|
||||||
used3: 172.20.73.10
|
|
||||||
used4: 172.20.73.11
|
|
||||||
used5: 172.20.73.12
|
|
||||||
logging: 172.20.73.13
|
|
||||||
used6: 172.20.73.14
|
|
||||||
c3d2-web: 172.20.73.15
|
|
||||||
deployer: 172.20.73.16
|
|
||||||
used7: 172.20.73.17
|
|
||||||
used8: 172.20.73.18
|
|
||||||
used9: 172.20.73.19
|
|
||||||
ipa: 172.20.73.20
|
|
||||||
matemat: 172.20.73.21
|
|
||||||
used10: 172.20.73.22
|
|
||||||
used11: 172.20.73.23
|
|
||||||
used12: 172.20.73.24
|
|
||||||
spaceapi: 172.20.73.25
|
|
||||||
used13: 172.20.73.26
|
|
||||||
mucbot: 172.20.73.27
|
|
||||||
used14: 172.20.73.28
|
|
||||||
used15: 172.20.73.29
|
|
||||||
used16: 172.20.73.30
|
|
||||||
used17: 172.20.73.31
|
|
||||||
scrape: 172.20.73.32
|
|
||||||
used18: 172.20.73.32
|
|
||||||
used19: 172.20.73.33
|
|
||||||
used20: 172.20.73.34
|
|
||||||
used21: 172.20.73.35
|
|
||||||
used22: 172.20.73.36
|
|
||||||
used23: 172.20.73.37
|
|
||||||
used24: 172.20.73.38
|
|
||||||
used25: 172.20.73.39
|
|
||||||
used26: 172.20.73.40
|
|
||||||
grafana: 172.20.73.43
|
|
||||||
kibana: 172.20.73.44
|
|
||||||
public-access-proxy: 172.20.73.45
|
|
||||||
marenz: 172.20.73.46
|
|
||||||
leonos: 172.20.73.47
|
|
||||||
minetest: 172.20.73.48
|
|
||||||
hydra: 172.20.73.49
|
|
||||||
netboot: 172.20.73.50
|
|
||||||
vps1: 172.20.73.51
|
|
||||||
ticker: 172.20.73.52
|
|
||||||
gitea: 172.20.73.53
|
|
||||||
stream: 172.20.73.54
|
|
||||||
jabber: 172.20.73.55
|
|
||||||
mobilizon: 172.20.73.56
|
|
||||||
radiobert: 172.20.73.57
|
|
||||||
mail: 172.20.73.58
|
|
||||||
keycloak: 172.20.73.59
|
|
||||||
sdrweb: 172.20.73.60
|
|
||||||
bind: 172.20.73.61
|
|
||||||
|
|
||||||
# TODO: generate from subnets
|
|
||||||
priv1:
|
|
||||||
priv1-gw: 172.20.74.1
|
|
||||||
priv9:
|
|
||||||
priv9-gw: 172.20.74.33
|
|
||||||
priv5:
|
|
||||||
priv5-gw: 172.20.74.65
|
|
||||||
priv10:
|
|
||||||
priv10-gw: 172.20.74.97
|
|
||||||
priv3:
|
|
||||||
priv3-gw: 172.20.74.129
|
|
||||||
priv11:
|
|
||||||
priv11-gw: 172.20.74.161
|
|
||||||
priv6:
|
|
||||||
priv6-gw: 172.20.74.193
|
|
||||||
priv12:
|
|
||||||
priv12-gw: 172.20.74.225
|
|
||||||
priv2:
|
|
||||||
priv2-gw: 172.20.75.1
|
|
||||||
priv13:
|
|
||||||
priv13-gw: 172.20.75.33
|
|
||||||
priv7:
|
|
||||||
priv7-gw: 172.20.75.65
|
|
||||||
priv14:
|
|
||||||
priv14-gw: 172.20.75.97
|
|
||||||
priv4:
|
|
||||||
priv4-gw: 172.20.75.129
|
|
||||||
priv15:
|
|
||||||
priv15-gw: 172.20.75.161
|
|
||||||
priv8:
|
|
||||||
priv8-gw: 172.20.75.193
|
|
||||||
priv16:
|
|
||||||
priv16-gw: 172.20.75.225
|
|
||||||
priv17:
|
|
||||||
priv17-gw: 172.20.73.129
|
|
||||||
priv17-gw-up3: 172.20.73.130
|
|
||||||
priv18:
|
|
||||||
priv18-gw: 172.20.74.49
|
|
||||||
priv19:
|
|
||||||
priv19-gw: 172.20.73.193
|
|
||||||
priv20:
|
|
||||||
priv20-gw: 172.20.74.113
|
|
||||||
priv21:
|
|
||||||
priv21-gw: 172.20.74.145
|
|
||||||
priv22:
|
|
||||||
priv22-gw: 172.20.74.177
|
|
||||||
priv23:
|
|
||||||
priv23-gw: 172.20.73.161
|
|
||||||
priv24:
|
|
||||||
priv24-gw: 172.20.74.241
|
|
||||||
priv25:
|
|
||||||
priv25-gw: 172.20.74.81
|
|
||||||
priv26:
|
|
||||||
priv26-gw: 172.20.75.49
|
|
||||||
priv27:
|
|
||||||
priv27-gw: 172.20.75.81
|
|
||||||
priv28:
|
|
||||||
priv28-gw: 172.20.75.113
|
|
||||||
priv29:
|
|
||||||
priv29-gw: 172.20.75.145
|
|
||||||
priv30:
|
|
||||||
priv30-gw: 172.20.75.177
|
|
||||||
priv31:
|
|
||||||
priv31-gw: 172.20.75.209
|
|
||||||
priv32:
|
|
||||||
priv32-gw: 172.20.75.241
|
|
||||||
priv33:
|
|
||||||
priv33-gw: 172.20.74.17
|
|
||||||
priv34:
|
|
||||||
priv34-gw: 172.20.74.209
|
|
||||||
priv35:
|
|
||||||
priv35-gw: 172.20.76.1
|
|
||||||
priv36:
|
|
||||||
priv36-gw: 172.20.76.65
|
|
||||||
priv37:
|
|
||||||
priv37-gw: 172.20.76.129
|
|
||||||
priv38:
|
|
||||||
priv38-gw: 172.20.76.193
|
|
||||||
priv39:
|
|
||||||
priv39-gw: 172.20.77.129
|
|
||||||
priv40:
|
|
||||||
priv40-gw: 172.20.77.65
|
|
||||||
priv41:
|
|
||||||
priv41-gw: 172.20.77.193
|
|
||||||
priv42:
|
|
||||||
priv42-gw: 172.20.76.33
|
|
||||||
|
|
||||||
cluster:
|
|
||||||
cls-gw: 172.20.77.1
|
|
||||||
{%- for i in range(2, 30) %}
|
|
||||||
server{{ i }}: 172.20.77.{{ i }}
|
|
||||||
{%- endfor %}
|
|
||||||
server1: 172.20.77.30
|
|
||||||
|
|
||||||
c3d2:
|
|
||||||
c3d2-anon: 172.22.99.1
|
|
||||||
c3d2-gw1: 172.22.99.2
|
|
||||||
c3d2-gw2: 172.22.99.3
|
|
||||||
c3d2-gw3: 172.22.99.4
|
|
||||||
bgp: 172.22.99.250
|
|
||||||
dn42: 172.22.99.253
|
|
||||||
|
|
||||||
hosts-inet-extra:
|
|
||||||
ipa: 172.20.73.20
|
|
||||||
|
|
||||||
hosts-inet6:
|
|
||||||
dn42:
|
|
||||||
mgmt:
|
|
||||||
server1: fd23:42:c3d2:580::1
|
|
||||||
server2: fd23:42:c3d2:580::2
|
|
||||||
switch-b1: fd23:42:c3d2:580::10
|
|
||||||
switch-b2: fd23:42:c3d2:580::11
|
|
||||||
switch-c1: fd23:42:c3d2:580::12
|
|
||||||
switch-d1: fd23:42:c3d2:580::13
|
|
||||||
switch-c3d2-main: fd23:42:c3d2:580::14
|
|
||||||
ap1: fd23:42:c3d2:580::4:1
|
|
||||||
ap2: fd23:42:c3d2:580::4:2
|
|
||||||
ap3: fd23:42:c3d2:580::4:3
|
|
||||||
ap4: fd23:42:c3d2:580::4:4
|
|
||||||
ap5: fd23:42:c3d2:580::4:5
|
|
||||||
ap6: fd23:42:c3d2:580::4:6
|
|
||||||
ap7: fd23:42:c3d2:580::4:7
|
|
||||||
ap8: fd23:42:c3d2:580::4:8
|
|
||||||
ap9: fd23:42:c3d2:580::4:9
|
|
||||||
ap10: fd23:42:c3d2:580::4:a
|
|
||||||
ap11: fd23:42:c3d2:580::4:b
|
|
||||||
ap12: fd23:42:c3d2:580::4:c
|
|
||||||
ap13: fd23:42:c3d2:580::4:d
|
|
||||||
ap14: fd23:42:c3d2:580::4:e
|
|
||||||
ap15: fd23:42:c3d2:580::4:f
|
|
||||||
ap16: fd23:42:c3d2:580::4:10
|
|
||||||
ap17: fd23:42:c3d2:580::4:11
|
|
||||||
ap18: fd23:42:c3d2:580::4:12
|
|
||||||
ap19: fd23:42:c3d2:580::4:13
|
|
||||||
ap20: fd23:42:c3d2:580::4:14
|
|
||||||
ap21: fd23:42:c3d2:580::4:15
|
|
||||||
ap22: fd23:42:c3d2:580::4:16
|
|
||||||
ap23: fd23:42:c3d2:580::4:17
|
|
||||||
ap24: fd23:42:c3d2:580::4:18
|
|
||||||
ap25: fd23:42:c3d2:580::4:19
|
|
||||||
ap26: fd23:42:c3d2:580::4:1a
|
|
||||||
ap27: fd23:42:c3d2:580::4:1b
|
|
||||||
ap28: fd23:42:c3d2:580::4:1c
|
|
||||||
ap29: fd23:42:c3d2:580::4:1d
|
|
||||||
ap30: fd23:42:c3d2:580::4:1e
|
|
||||||
ap31: fd23:42:c3d2:580::4:1f
|
|
||||||
ap32: fd23:42:c3d2:580::4:20
|
|
||||||
ap33: fd23:42:c3d2:580::4:21
|
|
||||||
ap34: fd23:42:c3d2:580::4:22
|
|
||||||
ap35: fd23:42:c3d2:580::4:23
|
|
||||||
ap36: fd23:42:c3d2:580::4:24
|
|
||||||
ap37: fd23:42:c3d2:580::4:25
|
|
||||||
ap38: fd23:42:c3d2:580::4:26
|
|
||||||
ap39: fd23:42:c3d2:580::4:27
|
|
||||||
ap40: fd23:42:c3d2:580::4:28
|
|
||||||
ap41: fd23:42:c3d2:580::4:29
|
|
||||||
ap42: fd23:42:c3d2:580::4:2a
|
|
||||||
ap43: fd23:42:c3d2:580::4:2b
|
|
||||||
ap44: fd23:42:c3d2:580::4:2c
|
|
||||||
ap45: fd23:42:c3d2:580::4:2d
|
|
||||||
ap46: fd23:42:c3d2:580::4:2e
|
|
||||||
ap47: fd23:42:c3d2:580::4:2f
|
|
||||||
ap48: fd23:42:c3d2:580::4:30
|
|
||||||
ap49: fd23:42:c3d2:580::4:31
|
|
||||||
ap50: fd23:42:c3d2:580::4:32
|
|
||||||
ap51: fd23:42:c3d2:580::4:33
|
|
||||||
ap52: fd23:42:c3d2:580::4:34
|
|
||||||
ap53: fd23:42:c3d2:580::4:35
|
|
||||||
ap54: fd23:42:c3d2:580::4:36
|
|
||||||
ap55: fd23:42:c3d2:580::4:37
|
|
||||||
ap56: fd23:42:c3d2:580::4:38
|
|
||||||
ap57: fd23:42:c3d2:580::4:39
|
|
||||||
ap58: fd23:42:c3d2:580::4:3a
|
|
||||||
ap59: fd23:42:c3d2:580::4:3b
|
|
||||||
ap60: fd23:42:c3d2:580::4:3c
|
|
||||||
ap61: fd23:42:c3d2:580::4:3d
|
|
||||||
ap62: fd23:42:c3d2:580::4:3e
|
|
||||||
ap63: fd23:42:c3d2:580::4:3f
|
|
||||||
ap64: fd23:42:c3d2:580::4:40
|
|
||||||
monit: fd23:42:c3d2:580::250
|
|
||||||
mgmt-gw: fd23:42:c3d2:580:ffff:ffff:ffff:ffff
|
|
||||||
|
|
||||||
core:
|
|
||||||
server1: fd23:42:c3d2:581::1
|
|
||||||
server2: fd23:42:c3d2:581::102
|
|
||||||
|
|
||||||
anon1: fd23:42:c3d2:581::9:1
|
|
||||||
serv-gw: fd23:42:c3d2:581::8:1
|
|
||||||
pub-gw: fd23:42:c3d2:581::8:2
|
|
||||||
c3d2-gw1: fd23:42:c3d2:581::c3d2:1
|
|
||||||
c3d2-gw2: fd23:42:c3d2:581::c3d2:2
|
|
||||||
c3d2-gw3: fd23:42:c3d2:581::c3d2:3
|
|
||||||
c3d2-anon: fd23:42:c3d2:581::c3d2:a
|
|
||||||
bgp: fd23:42:c3d2:581::c3d2:b
|
|
||||||
mgmt-gw: fd23:42:c3d2:581::8:3
|
|
||||||
|
|
||||||
upstream1: fd23:42:c3d2:581::b:0
|
|
||||||
upstream2: fd23:42:c3d2:581::b:1
|
|
||||||
upstream3: fd23:42:c3d2:581::b:2
|
|
||||||
upstream4: fd23:42:c3d2:581::b:3
|
|
||||||
|
|
||||||
priv1-gw: fd23:42:c3d2:581::c:0
|
|
||||||
priv2-gw: fd23:42:c3d2:581::c:1
|
|
||||||
priv3-gw: fd23:42:c3d2:581::c:2
|
|
||||||
priv4-gw: fd23:42:c3d2:581::c:3
|
|
||||||
priv5-gw: fd23:42:c3d2:581::c:4
|
|
||||||
priv6-gw: fd23:42:c3d2:581::c:5
|
|
||||||
priv7-gw: fd23:42:c3d2:581::c:6
|
|
||||||
priv8-gw: fd23:42:c3d2:581::c:7
|
|
||||||
priv9-gw: fd23:42:c3d2:581::c:8
|
|
||||||
priv10-gw: fd23:42:c3d2:581::c:9
|
|
||||||
priv11-gw: fd23:42:c3d2:581::c:a
|
|
||||||
priv12-gw: fd23:42:c3d2:581::c:b
|
|
||||||
priv13-gw: fd23:42:c3d2:581::c:c
|
|
||||||
priv14-gw: fd23:42:c3d2:581::c:d
|
|
||||||
priv15-gw: fd23:42:c3d2:581::c:e
|
|
||||||
priv16-gw: fd23:42:c3d2:581::c:f
|
|
||||||
priv17-gw: fd23:42:c3d2:581::c:10
|
|
||||||
priv18-gw: fd23:42:c3d2:581::c:11
|
|
||||||
priv19-gw: fd23:42:c3d2:581::c:12
|
|
||||||
priv20-gw: fd23:42:c3d2:581::c:13
|
|
||||||
priv21-gw: fd23:42:c3d2:581::c:14
|
|
||||||
priv22-gw: fd23:42:c3d2:581::c:15
|
|
||||||
priv23-gw: fd23:42:c3d2:581::c:16
|
|
||||||
priv24-gw: fd23:42:c3d2:581::c:17
|
|
||||||
priv25-gw: fd23:42:c3d2:581::c:18
|
|
||||||
priv26-gw: fd23:42:c3d2:581::c:19
|
|
||||||
priv27-gw: fd23:42:c3d2:581::c:1a
|
|
||||||
priv28-gw: fd23:42:c3d2:581::c:1b
|
|
||||||
priv29-gw: fd23:42:c3d2:581::c:1c
|
|
||||||
priv30-gw: fd23:42:c3d2:581::c:1d
|
|
||||||
priv31-gw: fd23:42:c3d2:581::c:1e
|
|
||||||
priv32-gw: fd23:42:c3d2:581::c:1f
|
|
||||||
priv33-gw: fd23:42:c3d2:581::c:20
|
|
||||||
priv34-gw: fd23:42:c3d2:581::c:21
|
|
||||||
priv35-gw: fd23:42:c3d2:581::c:22
|
|
||||||
priv36-gw: fd23:42:c3d2:581::c:23
|
|
||||||
priv37-gw: fd23:42:c3d2:581::c:24
|
|
||||||
priv38-gw: fd23:42:c3d2:581::c:25
|
|
||||||
priv39-gw: fd23:42:c3d2:581::c:26
|
|
||||||
priv40-gw: fd23:42:c3d2:581::c:27
|
|
||||||
priv41-gw: fd23:42:c3d2:581::c:28
|
|
||||||
priv42-gw: fd23:42:c3d2:581::c:29
|
|
||||||
|
|
||||||
freifunk: fd23:42:c3d2:581:8000::1
|
|
||||||
yggdrasil: fd23:42:c3d2:581:9000::1
|
|
||||||
|
|
||||||
serv:
|
|
||||||
serv-gw: fd23:42:c3d2:582::1
|
|
||||||
dns: fd23:42:c3d2:582:2:0:0:2
|
|
||||||
stats: fd23:42:c3d2:582:2:0:0:3
|
|
||||||
radius: fd23:42:c3d2:582:2:0:0:4
|
|
||||||
zeit: fd23:42:c3d2:582:2:0:0:5
|
|
||||||
netboot: fd23:42:c3d2:582:2:0:0:6
|
|
||||||
dnscache: fd23:42:c3d2:582:f096:dbff:fee8:427d
|
|
||||||
minetest: fd23:42:c3d2:582:c3a:42ff:fe5d:b20c
|
|
||||||
hydra: fd23:42:c3d2:582:e03c:d7ff:fe8e:fe16
|
|
||||||
logging: fd23:42:c3d2:582:6811:edff:fe40:89c6
|
|
||||||
mongo: fd23:42:c3d2:582:14ec:c8ff:fe0a:fc5c
|
|
||||||
radiobert: fd23:42:c3d2:582:e65f:1ff:fe5d:1679
|
|
||||||
spaceapi: fd23:42:c3d2:582:1457:adff:fe93:62e9
|
|
||||||
c3d2-web: fd23:42:c3d2:582:642e:95ff:fe34:49f9
|
|
||||||
mail: fd23:42:c3d2:582:88c0:41ff:fe70:d6cd
|
|
||||||
keycloak: fd23:42:c3d2:582:c48:bbff:fe87:721d
|
|
||||||
hydra: fd23:42:c3d2:582:e03c:d7ff:fe8e:fe16
|
|
||||||
grafana: fd23:42:c3d2:582:4042:fbff:fe4b:2de8
|
|
||||||
mobilizon: fd23:42:c3d2:582:48d1:5cff:fea7:1676
|
|
||||||
bind: fd23:42:c3d2:582:cd7:56ff:fe69:6366
|
|
||||||
jabber: fd23:42:c3d2:582:b869:ccff:fe46:902a
|
|
||||||
pub:
|
|
||||||
pub-gw: fd23:42:c3d2:583::1
|
|
||||||
priv1:
|
|
||||||
priv1-gw: fd23:42:c3d2:5c0::1
|
|
||||||
priv2:
|
|
||||||
priv2-gw: fd23:42:c3d2:5c1::1
|
|
||||||
priv3:
|
|
||||||
priv3-gw: fd23:42:c3d2:5c2::1
|
|
||||||
priv4:
|
|
||||||
priv4-gw: fd23:42:c3d2:5c3::1
|
|
||||||
priv5:
|
|
||||||
priv5-gw: fd23:42:c3d2:5c4::1
|
|
||||||
priv6:
|
|
||||||
priv6-gw: fd23:42:c3d2:5c5::1
|
|
||||||
priv7:
|
|
||||||
priv7-gw: fd23:42:c3d2:5c6::1
|
|
||||||
priv8:
|
|
||||||
priv8-gw: fd23:42:c3d2:5c7::1
|
|
||||||
priv9:
|
|
||||||
priv9-gw: fd23:42:c3d2:5c8::1
|
|
||||||
priv10:
|
|
||||||
priv10-gw: fd23:42:c3d2:5c9::1
|
|
||||||
priv11:
|
|
||||||
priv11-gw: fd23:42:c3d2:5ca::1
|
|
||||||
priv12:
|
|
||||||
priv12-gw: fd23:42:c3d2:5cb::1
|
|
||||||
priv13:
|
|
||||||
priv13-gw: fd23:42:c3d2:5cc::1
|
|
||||||
priv14:
|
|
||||||
priv14-gw: fd23:42:c3d2:5cd::1
|
|
||||||
priv15:
|
|
||||||
priv15-gw: fd23:42:c3d2:5ce::1
|
|
||||||
priv16:
|
|
||||||
priv16-gw: fd23:42:c3d2:5cf::1
|
|
||||||
priv17:
|
|
||||||
priv17-gw: fd23:42:c3d2:5d0::1
|
|
||||||
priv18:
|
|
||||||
priv18-gw: fd23:42:c3d2:5d1::1
|
|
||||||
priv19:
|
|
||||||
priv19-gw: fd23:42:c3d2:5d2::1
|
|
||||||
priv20:
|
|
||||||
priv20-gw: fd23:42:c3d2:5d3::1
|
|
||||||
priv21:
|
|
||||||
priv21-gw: fd23:42:c3d2:5d4::1
|
|
||||||
priv22:
|
|
||||||
priv22-gw: fd23:42:c3d2:5d5::1
|
|
||||||
priv23:
|
|
||||||
priv23-gw: fd23:42:c3d2:5d6::1
|
|
||||||
priv24:
|
|
||||||
priv24-gw: fd23:42:c3d2:5d7::1
|
|
||||||
priv25:
|
|
||||||
priv25-gw: fd23:42:c3d2:5d8::1
|
|
||||||
priv26:
|
|
||||||
priv26-gw: fd23:42:c3d2:5d9::1
|
|
||||||
priv27:
|
|
||||||
priv27-gw: fd23:42:c3d2:5da::1
|
|
||||||
priv28:
|
|
||||||
priv28-gw: fd23:42:c3d2:5db::1
|
|
||||||
priv29:
|
|
||||||
priv29-gw: fd23:42:c3d2:5dc::1
|
|
||||||
priv30:
|
|
||||||
priv30-gw: fd23:42:c3d2:5dd::1
|
|
||||||
priv31:
|
|
||||||
priv31-gw: fd23:42:c3d2:5de::1
|
|
||||||
priv32:
|
|
||||||
priv32-gw: fd23:42:c3d2:5df::1
|
|
||||||
priv33:
|
|
||||||
priv33-gw: fd23:42:c3d2:5e0::1
|
|
||||||
priv34:
|
|
||||||
priv34-gw: fd23:42:c3d2:5e1::1
|
|
||||||
priv35:
|
|
||||||
priv35-gw: fd23:42:c3d2:5e2::1
|
|
||||||
priv36:
|
|
||||||
priv36-gw: fd23:42:c3d2:5e3::1
|
|
||||||
priv37:
|
|
||||||
priv37-gw: fd23:42:c3d2:5e4::1
|
|
||||||
priv38:
|
|
||||||
priv38-gw: fd23:42:c3d2:5e5::1
|
|
||||||
priv39:
|
|
||||||
priv39-gw: fd23:42:c3d2:5e6::1
|
|
||||||
priv40:
|
|
||||||
priv40-gw: fd23:42:c3d2:5e7::1
|
|
||||||
priv41:
|
|
||||||
priv41-gw: fd23:42:c3d2:5e8::1
|
|
||||||
priv42:
|
|
||||||
priv42-gw: fd23:42:c3d2:5e9::1
|
|
||||||
|
|
||||||
cluster:
|
|
||||||
cls-gw: fd23:42:c3d2:586::1
|
|
||||||
{%- for i in range(2, 30) %}
|
|
||||||
server{{ i }}: fd23:42:c3d2:586::1{{ i }}
|
|
||||||
{%- endfor %}
|
|
||||||
server1: fd23:42:c3d2:586::130
|
|
||||||
|
|
||||||
c3d2:
|
|
||||||
c3d2-anon: fd23:42:c3d2:523::c3d2:1
|
|
||||||
c3d2-gw1: fd23:42:c3d2:523::c3d2:2
|
|
||||||
c3d2-gw2: fd23:42:c3d2:523::c3d2:3
|
|
||||||
c3d2-gw3: fd23:42:c3d2:523::c3d2:4
|
|
||||||
bgp: fd23:42:c3d2:523::c3d2:ff0b
|
|
||||||
|
|
||||||
up4:
|
|
||||||
core:
|
|
||||||
anon1: 2a00:8180:2c00:281::9:1
|
|
||||||
serv-gw: 2a00:8180:2c00:281::8:1
|
|
||||||
c3d2-gw1: 2a00:8180:2c00:281::c3d2:1
|
|
||||||
c3d2-gw2: 2a00:8180:2c00:281::c3d2:2
|
|
||||||
c3d2-gw3: 2a00:8180:2c00:281::c3d2:3
|
|
||||||
c3d2-anon: 2a00:8180:2c00:281::c3d2:a
|
|
||||||
bgp: 2a00:8180:2c00:281::c3d2:b
|
|
||||||
mgmt-gw: 2a00:8180:2c00:281::8:3
|
|
||||||
upstream1: 2a00:8180:2c00:281::b:0
|
|
||||||
cls-gw: 2a00:8180:2c00:281::8:4
|
|
||||||
|
|
||||||
upstream4: 2a00:8180:2c00:281::b:1
|
|
||||||
|
|
||||||
priv1-gw: 2a00:8180:2c00:281::c:0
|
|
||||||
priv2-gw: 2a00:8180:2c00:281::c:1
|
|
||||||
priv3-gw: 2a00:8180:2c00:281::c:2
|
|
||||||
priv4-gw: 2a00:8180:2c00:281::c:3
|
|
||||||
priv5-gw: 2a00:8180:2c00:281::c:4
|
|
||||||
priv6-gw: 2a00:8180:2c00:281::c:5
|
|
||||||
priv7-gw: 2a00:8180:2c00:281::c:6
|
|
||||||
priv8-gw: 2a00:8180:2c00:281::c:7
|
|
||||||
priv9-gw: 2a00:8180:2c00:281::c:8
|
|
||||||
priv10-gw: 2a00:8180:2c00:281::c:9
|
|
||||||
priv11-gw: 2a00:8180:2c00:281::c:a
|
|
||||||
priv12-gw: 2a00:8180:2c00:281::c:b
|
|
||||||
priv13-gw: 2a00:8180:2c00:281::c:c
|
|
||||||
priv14-gw: 2a00:8180:2c00:281::c:d
|
|
||||||
priv15-gw: 2a00:8180:2c00:281::c:e
|
|
||||||
priv16-gw: 2a00:8180:2c00:281::c:f
|
|
||||||
priv17-gw: 2a00:8180:2c00:281::c:10
|
|
||||||
priv18-gw: 2a00:8180:2c00:281::c:11
|
|
||||||
priv19-gw: 2a00:8180:2c00:281::c:12
|
|
||||||
priv20-gw: 2a00:8180:2c00:281::c:13
|
|
||||||
priv21-gw: 2a00:8180:2c00:281::c:14
|
|
||||||
priv22-gw: 2a00:8180:2c00:281::c:15
|
|
||||||
priv23-gw: 2a00:8180:2c00:281::c:16
|
|
||||||
priv24-gw: 2a00:8180:2c00:281::c:17
|
|
||||||
priv25-gw: 2a00:8180:2c00:281::c:18
|
|
||||||
priv26-gw: 2a00:8180:2c00:281::c:19
|
|
||||||
priv27-gw: 2a00:8180:2c00:281::c:1a
|
|
||||||
priv28-gw: 2a00:8180:2c00:281::c:1b
|
|
||||||
priv29-gw: 2a00:8180:2c00:281::c:1c
|
|
||||||
priv30-gw: 2a00:8180:2c00:281::c:1d
|
|
||||||
priv31-gw: 2a00:8180:2c00:281::c:1e
|
|
||||||
priv32-gw: 2a00:8180:2c00:281::c:1f
|
|
||||||
priv33-gw: 2a00:8180:2c00:281::c:20
|
|
||||||
priv34-gw: 2a00:8180:2c00:281::c:21
|
|
||||||
priv35-gw: 2a00:8180:2c00:281::c:22
|
|
||||||
priv36-gw: 2a00:8180:2c00:281::c:23
|
|
||||||
priv37-gw: 2a00:8180:2c00:281::c:24
|
|
||||||
priv38-gw: 2a00:8180:2c00:281::c:25
|
|
||||||
priv39-gw: 2a00:8180:2c00:281::c:26
|
|
||||||
priv40-gw: 2a00:8180:2c00:281::c:27
|
|
||||||
priv41-gw: 2a00:8180:2c00:281::c:28
|
|
||||||
priv42-gw: 2a00:8180:2c00:281::c:29
|
|
||||||
|
|
||||||
freifunk: 2a00:8180:2c00:281:8000::1
|
|
||||||
yggdrasil: 2a00:8180:2c00:281:9000::1
|
|
||||||
|
|
||||||
serv:
|
|
||||||
serv-gw: 2a00:8180:2c00:282::1
|
|
||||||
dns: 2a00:8180:2c00:282:2:0:0:2
|
|
||||||
stats: 2a00:8180:2c00:282:2:0:0:3
|
|
||||||
radius: 2a00:8180:2c00:282:2:0:0:4
|
|
||||||
zeit: 2a00:8180:2c00:282:2:0:0:5
|
|
||||||
netboot: 2a00:8180:2c00:282:2:0:0:6
|
|
||||||
dnscache: 2a00:8180:2c00:282:f096:dbff:fee8:427d
|
|
||||||
minetest: 2a00:8180:2c00:282:c3a:42ff:fe5d:b20c
|
|
||||||
hydra: 2a00:8180:2c00:282:e03c:d7ff:fe8e:fe16
|
|
||||||
logging: 2a00:8180:2c00:282:6811:edff:fe40:89c6
|
|
||||||
mongo: 2a00:8180:2c00:282:14ec:c8ff:fe0a:fc5c
|
|
||||||
scrape: 2a00:8180:2c00:282:e073:50ff:fef5:eb6e
|
|
||||||
ticker: 2a00:8180:2c00:282:b407:40ff:fec1:81f2
|
|
||||||
grafana: 2a00:8180:2c00:282:4042:fbff:fe4b:2de8
|
|
||||||
public-access-proxy: 2a00:8180:2c00:282:1024:5fff:febd:9be7
|
|
||||||
radiobert: 2a00:8180:2c00:282:e65f:1ff:fe5d:1679
|
|
||||||
spaceapi: 2a00:8180:2c00:282:1457:adff:fe93:62e9
|
|
||||||
c3d2-web: 2a00:8180:2c00:282:642e:95ff:fe34:49f9
|
|
||||||
mail: 2a00:8180:2c00:282:88c0:41ff:fe70:d6cd
|
|
||||||
keycloak: 2a00:8180:2c00:282:c48:bbff:fe87:721d
|
|
||||||
hydra: 2a00:8180:2c00:282:e03c:d7ff:fe8e:fe16
|
|
||||||
grafana: 2a00:8180:2c00:282:4042:fbff:fe4b:2de8
|
|
||||||
mobilizon: 2a00:8180:2c00:282:48d1:5cff:fea7:1676
|
|
||||||
bind: 2a00:8180:2c00:282:cd7:56ff:fe69:6366
|
|
||||||
jabber: 2a00:8180:2c00:282:b869:ccff:fe46:902a
|
|
||||||
cluster:
|
|
||||||
cls-gw: 2a00:8180:2c00:284::1
|
|
||||||
{%- for i in range(2, 31) %}
|
|
||||||
server{{ i }}: 2a00:8180:2c00:284::1{{ i }}
|
|
||||||
{%- endfor %}
|
|
||||||
server1: 2a00:8180:2c00:284::130
|
|
||||||
|
|
||||||
c3d2:
|
|
||||||
c3d2-anon: 2a00:8180:2c00:223::c3d2:1
|
|
||||||
c3d2-gw1: 2a00:8180:2c00:223::c3d2:2
|
|
||||||
c3d2-gw2: 2a00:8180:2c00:223::c3d2:3
|
|
||||||
c3d2-gw3: 2a00:8180:2c00:223::c3d2:4
|
|
||||||
bgp: 2a00:8180:2c00:223::c3d2:ff0b
|
|
||||||
|
|
||||||
|
|
||||||
priv1:
|
|
||||||
priv1-gw: 2a00:8180:2c00:2c0::1
|
|
||||||
priv2:
|
|
||||||
priv2-gw: 2a00:8180:2c00:2c1::1
|
|
||||||
priv3:
|
|
||||||
priv3-gw: 2a00:8180:2c00:2c2::1
|
|
||||||
priv4:
|
|
||||||
priv4-gw: 2a00:8180:2c00:2c3::1
|
|
||||||
priv5:
|
|
||||||
priv5-gw: 2a00:8180:2c00:2c4::1
|
|
||||||
priv6:
|
|
||||||
priv6-gw: 2a00:8180:2c00:2c5::1
|
|
||||||
priv7:
|
|
||||||
priv7-gw: 2a00:8180:2c00:2c6::1
|
|
||||||
priv8:
|
|
||||||
priv8-gw: 2a00:8180:2c00:2c7::1
|
|
||||||
priv9:
|
|
||||||
priv9-gw: 2a00:8180:2c00:2c8::1
|
|
||||||
priv10:
|
|
||||||
priv10-gw: 2a00:8180:2c00:2c9::1
|
|
||||||
priv11:
|
|
||||||
priv11-gw: 2a00:8180:2c00:2ca::1
|
|
||||||
priv12:
|
|
||||||
priv12-gw: 2a00:8180:2c00:2cb::1
|
|
||||||
priv13:
|
|
||||||
priv13-gw: 2a00:8180:2c00:2cc::1
|
|
||||||
priv14:
|
|
||||||
priv14-gw: 2a00:8180:2c00:2cd::1
|
|
||||||
priv15:
|
|
||||||
priv15-gw: 2a00:8180:2c00:2ce::1
|
|
||||||
priv16:
|
|
||||||
priv16-gw: 2a00:8180:2c00:2cf::1
|
|
||||||
priv17:
|
|
||||||
priv17-gw: 2a00:8180:2c00:2d0::1
|
|
||||||
priv18:
|
|
||||||
priv18-gw: 2a00:8180:2c00:2d1::1
|
|
||||||
priv19:
|
|
||||||
priv19-gw: 2a00:8180:2c00:2d2::1
|
|
||||||
priv20:
|
|
||||||
priv20-gw: 2a00:8180:2c00:2d3::1
|
|
||||||
priv21:
|
|
||||||
priv21-gw: 2a00:8180:2c00:2d4::1
|
|
||||||
priv22:
|
|
||||||
priv22-gw: 2a00:8180:2c00:2d5::1
|
|
||||||
priv23:
|
|
||||||
priv23-gw: 2a00:8180:2c00:2d6::1
|
|
||||||
priv24:
|
|
||||||
priv24-gw: 2a00:8180:2c00:2d7::1
|
|
||||||
priv25:
|
|
||||||
priv25-gw: 2a00:8180:2c00:2d8::1
|
|
||||||
priv26:
|
|
||||||
priv26-gw: 2a00:8180:2c00:2d9::1
|
|
||||||
priv27:
|
|
||||||
priv27-gw: 2a00:8180:2c00:2da::1
|
|
||||||
priv28:
|
|
||||||
priv28-gw: 2a00:8180:2c00:2db::1
|
|
||||||
priv29:
|
|
||||||
priv29-gw: 2a00:8180:2c00:2dc::1
|
|
||||||
priv30:
|
|
||||||
priv30-gw: 2a00:8180:2c00:2dd::1
|
|
||||||
priv31:
|
|
||||||
priv31-gw: 2a00:8180:2c00:2de::1
|
|
||||||
priv32:
|
|
||||||
priv32-gw: 2a00:8180:2c00:2df::1
|
|
||||||
priv33:
|
|
||||||
priv33-gw: 2a00:8180:2c00:2e0::1
|
|
||||||
priv34:
|
|
||||||
priv34-gw: 2a00:8180:2c00:2e1::1
|
|
||||||
priv35:
|
|
||||||
priv35-gw: 2a00:8180:2c00:2e2::1
|
|
||||||
priv36:
|
|
||||||
priv36-gw: 2a00:8180:2c00:2e3::1
|
|
||||||
priv37:
|
|
||||||
priv37-gw: 2a00:8180:2c00:2e4::1
|
|
||||||
priv38:
|
|
||||||
priv38-gw: 2a00:8180:2c00:2e5::1
|
|
||||||
priv39:
|
|
||||||
priv39-gw: 2a00:8180:2c00:2e5::1
|
|
||||||
priv40:
|
|
||||||
priv40-gw: 2a00:8180:2c00:2e6::1
|
|
||||||
priv41:
|
|
||||||
priv41-gw: 2a00:8180:2c00:2e7::1
|
|
||||||
priv42:
|
|
||||||
priv42-gw: 2a00:8180:2c00:2e8::1
|
|
|
@ -1,28 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
|
|
||||||
ssh:
|
|
||||||
pubkey: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf6Ai5xCphC4WL0clcpgZCr9ymrQ9KAcg/yjszWmc1xy7K4
|
|
||||||
hHHwcS0Ah5SPqbafdbfhBZiZL5Nqm86xdvi5jJ95dq9CMc+HnGL4R0/b3/y45tDO
|
|
||||||
Nv8NvLz7HXzit9sDy/YyjkOFf+cX9YQiHrs0vkhA7Lkm8mAQro7ta6sVxuj2AhRe
|
|
||||||
zTZbk9/dyP3B2EBqe7rDdMbLVWtEXoPu1wGg5qejjw6hfDoT0HYAwLIvuLlUFV9A
|
|
||||||
S0FGHgYKhplFufsDhh3Hb6EjAj6IWgtARrWxqnBDf6895yZQDvrFx5N8abUH7YJC
|
|
||||||
bj+hxbumDNdRijoWZ74+iIjPYVeFFm1K+/Ch6+tp5NLpAaoTrw3NPHIhX0u3fD6i
|
|
||||||
OW9OVb9JChEN3+T2zAS5OSz9YvJs+MbnSTLZhaB5leDw5osRqN8vXmlWyVF85LBg
|
|
||||||
ONpA9EjIK8YzouB/ujh2zUqn4f7oqFtTDt0dDk6aHFk3cgeck7u9ADKlS2QBayph
|
|
||||||
zNZ3iFf/av//b6nOHllun3LhRCesFLo9/9w1aryH1INYg10X+fl4Pt3G0B8Js2sC
|
|
||||||
FzZyhkkWBsXkoNvWeqvXObzpMTRMDRqO4FoOc3nN414/JKMnxdFCIyzEC0gkQoCX
|
|
||||||
uey9PPlnwj/eHRB1Qbth+VLhsBV7IIF/0O+BJU9TFn1L9x06DRugiZTxB/DEdunQ
|
|
||||||
3BrTG0XHm4TqRsCvu7WX37bddMV79+pJbzD87gupV0ETomT4w81btUoFr1VhD4GZ
|
|
||||||
wtjDtj2IdLsBMC5GvnRZge7BIW66UD4aCoWQaNGE3bCsipaWapCHKrXJxKmEmJXj
|
|
||||||
tQjbnLcwRs8TkJAekz5y59wHIhcSlPjOa6o4dkWe9CtkGnEAxfVZAvlRTHnlzBUW
|
|
||||||
nOQHXAuXCwgWSRKkiN3GRs98T5WbekeCqTLtk4XhXBdPN79eDouYXJDBvGTdATLK
|
|
||||||
TS9/CqeM5njU1Xo4TVgojkKIwC4B8+wWgEDxhgWut9as45ciHeV1G9RCcPQh7XC+
|
|
||||||
j2YPcdf7Wvmu05BHLuSoolmVPFExDKghS6eYBXZ0/DW8L9dtjnxy3KZR0ww8/IW7
|
|
||||||
7aLo2tIap4PscHnw3XBpxubhTnOnp8ylww++HXRXxLnTUeVjJwei4YXTug5JCvm4
|
|
||||||
B8Rd5F1bhyFLkUBNDnQJYgdYje4qxi0fJvHYhGU6/ushDWSxXBWiznFYhR8y9Tej
|
|
||||||
VG5m5ZAtG4fCEkvDQAUBnDdvTEUIPMQ=
|
|
||||||
=CQpr
|
|
||||||
-----END PGP MESSAGE-----
|
|
|
@ -1,628 +0,0 @@
|
||||||
containers:
|
|
||||||
pub-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: anon1
|
|
||||||
# gw6: anon1
|
|
||||||
hwaddr: 0A:14:48:01:16:00
|
|
||||||
pub:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:16:01
|
|
||||||
|
|
||||||
serv-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream1
|
|
||||||
# gw6: upstream1
|
|
||||||
hwaddr: 0A:14:48:01:06:01
|
|
||||||
serv:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:06:00
|
|
||||||
|
|
||||||
cls-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream1
|
|
||||||
# gw6: upstream1
|
|
||||||
hwaddr: 0A:14:48:01:06:03
|
|
||||||
cluster:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:06:02
|
|
||||||
|
|
||||||
priv1-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:19:00
|
|
||||||
priv1:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:19:01
|
|
||||||
|
|
||||||
priv2-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:18:00
|
|
||||||
priv2:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:18:01
|
|
||||||
|
|
||||||
priv3-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:08:00
|
|
||||||
priv3:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:08:01
|
|
||||||
|
|
||||||
priv4-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:17:01
|
|
||||||
priv4:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:17:00
|
|
||||||
|
|
||||||
priv5-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:12:00
|
|
||||||
priv5:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:12:01
|
|
||||||
|
|
||||||
priv6-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: anon1
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:11:00
|
|
||||||
priv6:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:11:01
|
|
||||||
|
|
||||||
priv7-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:10:00
|
|
||||||
priv7:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:10:01
|
|
||||||
|
|
||||||
priv8-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:09:00
|
|
||||||
priv8:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:09:01
|
|
||||||
|
|
||||||
priv9-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:20:00
|
|
||||||
priv9:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:20:01
|
|
||||||
|
|
||||||
priv10-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:13:02
|
|
||||||
priv10:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:13:03
|
|
||||||
|
|
||||||
priv11-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:29:00
|
|
||||||
priv11:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:29:01
|
|
||||||
|
|
||||||
priv12-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:00
|
|
||||||
priv12:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:01
|
|
||||||
|
|
||||||
priv13-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:10
|
|
||||||
priv13:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:11
|
|
||||||
|
|
||||||
priv14-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:12
|
|
||||||
priv14:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:13
|
|
||||||
|
|
||||||
priv15-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: anon1
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:14
|
|
||||||
priv15:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:15
|
|
||||||
|
|
||||||
priv16-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:16
|
|
||||||
priv16:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:17
|
|
||||||
|
|
||||||
priv17-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:18
|
|
||||||
priv17:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:19
|
|
||||||
|
|
||||||
priv17-gw-up3:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:47:02:2A:18
|
|
||||||
priv17:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:47:02:2A:19
|
|
||||||
|
|
||||||
priv18-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:1A
|
|
||||||
priv18:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:1B
|
|
||||||
|
|
||||||
priv19-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:1C
|
|
||||||
priv19:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:1D
|
|
||||||
|
|
||||||
priv20-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:1E
|
|
||||||
priv20:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:1F
|
|
||||||
|
|
||||||
priv21-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:20
|
|
||||||
priv21:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:21
|
|
||||||
|
|
||||||
priv22-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:24
|
|
||||||
priv22:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:25
|
|
||||||
|
|
||||||
priv23-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:22
|
|
||||||
priv23:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:23
|
|
||||||
|
|
||||||
priv24-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:26
|
|
||||||
priv24:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:27
|
|
||||||
|
|
||||||
priv25-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:28
|
|
||||||
priv25:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:29
|
|
||||||
|
|
||||||
priv26-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:2A
|
|
||||||
priv26:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:2B
|
|
||||||
|
|
||||||
priv27-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:2C
|
|
||||||
priv27:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:2D
|
|
||||||
|
|
||||||
priv28-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:2E
|
|
||||||
priv28:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:2F
|
|
||||||
|
|
||||||
priv29-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:30
|
|
||||||
priv29:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:31
|
|
||||||
|
|
||||||
priv30-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:32
|
|
||||||
priv30:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:33
|
|
||||||
|
|
||||||
priv31-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:34
|
|
||||||
priv31:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:35
|
|
||||||
|
|
||||||
priv32-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:36
|
|
||||||
priv32:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:37
|
|
||||||
|
|
||||||
priv33-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:38
|
|
||||||
priv33:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:39
|
|
||||||
|
|
||||||
priv34-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:40
|
|
||||||
priv34:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:41
|
|
||||||
|
|
||||||
priv35-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:42
|
|
||||||
priv35:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:43
|
|
||||||
|
|
||||||
priv36-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:44
|
|
||||||
priv36:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:45
|
|
||||||
|
|
||||||
priv37-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:46
|
|
||||||
priv37:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:47
|
|
||||||
|
|
||||||
priv38-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:48
|
|
||||||
priv38:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:49
|
|
||||||
|
|
||||||
priv39-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:4A
|
|
||||||
priv39:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:4B
|
|
||||||
|
|
||||||
priv40-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream2
|
|
||||||
# gw6: upstream2
|
|
||||||
hwaddr: 0A:14:48:01:2A:4C
|
|
||||||
priv40:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:4D
|
|
||||||
|
|
||||||
priv41-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:2A:4E
|
|
||||||
priv41:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:4F
|
|
||||||
|
|
||||||
priv42-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:2A:50
|
|
||||||
priv42:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 0A:14:48:01:2A:51
|
|
||||||
|
|
||||||
upstream1:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:26:00
|
|
||||||
up1:
|
|
||||||
type: phys
|
|
||||||
# Change (eg. auto-generation) requires reboot of the cable
|
|
||||||
# modem that is bridge mode
|
|
||||||
hwaddr: 00:23:74:D7:2D:7C
|
|
||||||
|
|
||||||
upstream2:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:27:00
|
|
||||||
up2:
|
|
||||||
type: phys
|
|
||||||
# Change (eg. auto-generation) requires reboot of the cable
|
|
||||||
# modem that is bridge mode
|
|
||||||
hwaddr: 00:23:74:D7:42:7C
|
|
||||||
|
|
||||||
upstream3:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:28:00
|
|
||||||
up3:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 00:23:74:D7:42:7D
|
|
||||||
|
|
||||||
upstream4:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:28:01
|
|
||||||
up4:
|
|
||||||
type: phys
|
|
||||||
hwaddr: 00:23:74:D7:42:7E
|
|
||||||
|
|
||||||
anon1:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:14:00
|
|
||||||
|
|
||||||
c3d2-gw1:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:21:00
|
|
||||||
c3d2:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:21:01
|
|
||||||
|
|
||||||
c3d2-gw2:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:21:02
|
|
||||||
c3d2:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:21:03
|
|
||||||
|
|
||||||
c3d2-gw3:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:21:04
|
|
||||||
c3d2:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:21:05
|
|
||||||
|
|
||||||
c3d2-anon:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:07:04
|
|
||||||
c3d2:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:07:05
|
|
||||||
|
|
||||||
bgp:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream1
|
|
||||||
# gw6: upstream1
|
|
||||||
hwaddr: 0A:14:48:01:22:00
|
|
||||||
c3d2:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:22:01
|
|
||||||
|
|
||||||
dns:
|
|
||||||
interfaces:
|
|
||||||
serv:
|
|
||||||
type: veth
|
|
||||||
gw: serv-gw
|
|
||||||
gw6: serv-gw
|
|
||||||
hwaddr: 0A:14:48:01:23:00
|
|
||||||
|
|
||||||
stats:
|
|
||||||
interfaces:
|
|
||||||
serv:
|
|
||||||
type: veth
|
|
||||||
gw: serv-gw
|
|
||||||
gw6: serv-gw
|
|
||||||
hwaddr: 0A:14:48:01:15:00
|
|
||||||
|
|
||||||
netboot:
|
|
||||||
interfaces:
|
|
||||||
serv:
|
|
||||||
type: veth
|
|
||||||
gw: serv-gw
|
|
||||||
gw6: serv-gw
|
|
||||||
hwaddr: 0A:14:48:01:15:01
|
|
||||||
|
|
||||||
mgmt-gw:
|
|
||||||
interfaces:
|
|
||||||
core:
|
|
||||||
type: veth
|
|
||||||
# gw: upstream1
|
|
||||||
# gw6: upstream1
|
|
||||||
hwaddr: 0A:14:48:01:24:01
|
|
||||||
mgmt:
|
|
||||||
type: veth
|
|
||||||
hwaddr: 0A:14:48:01:24:00
|
|
|
@ -1,147 +0,0 @@
|
||||||
subnets-inet:
|
|
||||||
core: 172.20.72.0/25
|
|
||||||
serv: 172.20.73.0/26
|
|
||||||
pub: 172.20.78.0/23
|
|
||||||
priv19: 172.20.73.192/26
|
|
||||||
priv1: 172.20.74.0/28
|
|
||||||
priv33: 172.20.74.16/28
|
|
||||||
priv9: 172.20.74.32/28
|
|
||||||
priv18: 172.20.74.48/28
|
|
||||||
priv5: 172.20.74.64/28
|
|
||||||
priv25: 172.20.74.80/28
|
|
||||||
priv10: 172.20.74.96/28
|
|
||||||
priv20: 172.20.74.112/28
|
|
||||||
priv3: 172.20.74.128/28
|
|
||||||
priv21: 172.20.74.144/28
|
|
||||||
priv11: 172.20.74.160/28
|
|
||||||
priv22: 172.20.74.176/28
|
|
||||||
priv6: 172.20.74.192/28
|
|
||||||
priv23: 172.20.73.160/27
|
|
||||||
priv12: 172.20.74.224/28
|
|
||||||
priv24: 172.20.74.240/28
|
|
||||||
priv2: 172.20.75.0/27
|
|
||||||
priv13: 172.20.75.32/28
|
|
||||||
priv26: 172.20.75.48/28
|
|
||||||
priv7: 172.20.75.64/28
|
|
||||||
priv27: 172.20.75.80/28
|
|
||||||
priv14: 172.20.75.96/28
|
|
||||||
priv28: 172.20.75.112/28
|
|
||||||
priv4: 172.20.75.128/28
|
|
||||||
priv29: 172.20.75.144/28
|
|
||||||
priv15: 172.20.75.160/28
|
|
||||||
priv30: 172.20.75.176/28
|
|
||||||
priv8: 172.20.75.192/28
|
|
||||||
priv31: 172.20.75.208/28
|
|
||||||
priv16: 172.20.75.224/28
|
|
||||||
priv32: 172.20.75.240/28
|
|
||||||
priv34: 172.20.74.208/28
|
|
||||||
priv35: 172.20.76.0/28
|
|
||||||
priv36: 172.20.76.64/28
|
|
||||||
priv37: 172.20.76.128/28
|
|
||||||
priv38: 172.20.76.192/28
|
|
||||||
priv39: 172.20.77.128/28
|
|
||||||
priv40: 172.20.77.64/28
|
|
||||||
priv41: 172.20.77.192/28
|
|
||||||
priv42: 172.20.76.32/28
|
|
||||||
c3d2: 172.22.99.0/24
|
|
||||||
mgmt: 10.0.0.0/24
|
|
||||||
priv17: 172.20.73.128/27
|
|
||||||
cluster: 172.20.77.0/27
|
|
||||||
|
|
||||||
subnets-inet6:
|
|
||||||
dn42:
|
|
||||||
mgmt: fd23:42:c3d2:580::/64
|
|
||||||
core: fd23:42:c3d2:581::/64
|
|
||||||
serv: fd23:42:c3d2:582::/64
|
|
||||||
pub: fd23:42:c3d2:583::/64
|
|
||||||
cluster: fd23:42:c3d2:586::/64
|
|
||||||
priv1: fd23:42:c3d2:5c0::/64
|
|
||||||
priv2: fd23:42:c3d2:5c1::/64
|
|
||||||
priv3: fd23:42:c3d2:5c2::/64
|
|
||||||
priv4: fd23:42:c3d2:5c3::/64
|
|
||||||
priv5: fd23:42:c3d2:5c4::/64
|
|
||||||
priv6: fd23:42:c3d2:5c5::/64
|
|
||||||
priv7: fd23:42:c3d2:5c6::/64
|
|
||||||
priv8: fd23:42:c3d2:5c7::/64
|
|
||||||
priv9: fd23:42:c3d2:5c8::/64
|
|
||||||
priv10: fd23:42:c3d2:5c9::/64
|
|
||||||
priv11: fd23:42:c3d2:5ca::/64
|
|
||||||
priv12: fd23:42:c3d2:5cb::/64
|
|
||||||
priv13: fd23:42:c3d2:5cc::/64
|
|
||||||
priv14: fd23:42:c3d2:5cd::/64
|
|
||||||
priv15: fd23:42:c3d2:5ce::/64
|
|
||||||
priv16: fd23:42:c3d2:5cf::/64
|
|
||||||
priv17: fd23:42:c3d2:5d0::/64
|
|
||||||
priv18: fd23:42:c3d2:5d1::/64
|
|
||||||
priv19: fd23:42:c3d2:5d2::/64
|
|
||||||
priv20: fd23:42:c3d2:5d3::/64
|
|
||||||
priv21: fd23:42:c3d2:5d4::/64
|
|
||||||
priv22: fd23:42:c3d2:5d5::/64
|
|
||||||
priv23: fd23:42:c3d2:5d6::/64
|
|
||||||
priv24: fd23:42:c3d2:5d7::/64
|
|
||||||
priv25: fd23:42:c3d2:5d8::/64
|
|
||||||
priv26: fd23:42:c3d2:5d9::/64
|
|
||||||
priv27: fd23:42:c3d2:5da::/64
|
|
||||||
priv28: fd23:42:c3d2:5db::/64
|
|
||||||
priv29: fd23:42:c3d2:5dc::/64
|
|
||||||
priv30: fd23:42:c3d2:5dd::/64
|
|
||||||
priv31: fd23:42:c3d2:5de::/64
|
|
||||||
priv32: fd23:42:c3d2:5df::/64
|
|
||||||
priv33: fd23:42:c3d2:5e0::/64
|
|
||||||
priv34: fd23:42:c3d2:5e1::/64
|
|
||||||
priv35: fd23:42:c3d2:5e2::/64
|
|
||||||
priv36: fd23:42:c3d2:5e3::/64
|
|
||||||
priv37: fd23:42:c3d2:5e4::/64
|
|
||||||
priv38: fd23:42:c3d2:5e5::/64
|
|
||||||
priv39: fd23:42:c3d2:5e6::/64
|
|
||||||
priv40: fd23:42:c3d2:5e7::/64
|
|
||||||
priv41: fd23:42:c3d2:5e8::/64
|
|
||||||
priv42: fd23:42:c3d2:5e9::/64
|
|
||||||
c3d2: fd23:42:c3d2:523::/64
|
|
||||||
up4:
|
|
||||||
c3d2: 2a00:8180:2c00:223::/64
|
|
||||||
core: 2a00:8180:2c00:281::/64
|
|
||||||
serv: 2a00:8180:2c00:282::/64
|
|
||||||
cluster: 2a00:8180:2c00:284::/64
|
|
||||||
priv1: 2a00:8180:2c00:2c0::/64
|
|
||||||
priv2: 2a00:8180:2c00:2c1::/64
|
|
||||||
priv3: 2a00:8180:2c00:2c2::/64
|
|
||||||
priv4: 2a00:8180:2c00:2c3::/64
|
|
||||||
priv5: 2a00:8180:2c00:2c4::/64
|
|
||||||
priv6: 2a00:8180:2c00:2c5::/64
|
|
||||||
priv7: 2a00:8180:2c00:2c6::/64
|
|
||||||
priv8: 2a00:8180:2c00:2c7::/64
|
|
||||||
priv9: 2a00:8180:2c00:2c8::/64
|
|
||||||
priv10: 2a00:8180:2c00:2c9::/64
|
|
||||||
priv11: 2a00:8180:2c00:2ca::/64
|
|
||||||
priv12: 2a00:8180:2c00:2cb::/64
|
|
||||||
priv13: 2a00:8180:2c00:2cc::/64
|
|
||||||
priv14: 2a00:8180:2c00:2cd::/64
|
|
||||||
priv15: 2a00:8180:2c00:2ce::/64
|
|
||||||
priv16: 2a00:8180:2c00:2cf::/64
|
|
||||||
priv17: 2a00:8180:2c00:2d0::/64
|
|
||||||
priv18: 2a00:8180:2c00:2d1::/64
|
|
||||||
priv19: 2a00:8180:2c00:2d2::/64
|
|
||||||
priv20: 2a00:8180:2c00:2d3::/64
|
|
||||||
priv21: 2a00:8180:2c00:2d4::/64
|
|
||||||
priv22: 2a00:8180:2c00:2d5::/64
|
|
||||||
priv23: 2a00:8180:2c00:2d6::/64
|
|
||||||
priv24: 2a00:8180:2c00:2d7::/64
|
|
||||||
priv25: 2a00:8180:2c00:2d8::/64
|
|
||||||
priv26: 2a00:8180:2c00:2d9::/64
|
|
||||||
priv27: 2a00:8180:2c00:2da::/64
|
|
||||||
priv28: 2a00:8180:2c00:2db::/64
|
|
||||||
priv29: 2a00:8180:2c00:2dc::/64
|
|
||||||
priv30: 2a00:8180:2c00:2dd::/64
|
|
||||||
priv31: 2a00:8180:2c00:2de::/64
|
|
||||||
priv32: 2a00:8180:2c00:2df::/64
|
|
||||||
priv33: 2a00:8180:2c00:2e0::/64
|
|
||||||
priv34: 2a00:8180:2c00:2e1::/64
|
|
||||||
priv35: 2a00:8180:2c00:2e2::/64
|
|
||||||
priv36: 2a00:8180:2c00:2e3::/64
|
|
||||||
priv37: 2a00:8180:2c00:2e4::/64
|
|
||||||
priv38: 2a00:8180:2c00:2e5::/64
|
|
||||||
priv39: 2a00:8180:2c00:2e6::/64
|
|
||||||
priv40: 2a00:8180:2c00:2e7::/64
|
|
||||||
priv41: 2a00:8180:2c00:2e8::/64
|
|
||||||
priv42: 2a00:8180:2c00:2e9::/64
|
|
|
@ -1,572 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
switches:
|
|
||||||
switch-b1:
|
|
||||||
model: 'linksys-srw2048'
|
|
||||||
location: Haus B Souterrain
|
|
||||||
# Ports 1-24 oben
|
|
||||||
# Ports 25-48 unten
|
|
||||||
ports:
|
|
||||||
switch-b2:
|
|
||||||
mode: bond
|
|
||||||
group: 3
|
|
||||||
ports:
|
|
||||||
- g25
|
|
||||||
- g26
|
|
||||||
- g27
|
|
||||||
- g28
|
|
||||||
mgmt:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- g1
|
|
||||||
iso1:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- g2
|
|
||||||
iso2:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- g3
|
|
||||||
iso3:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- g4
|
|
||||||
ap8:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- g16
|
|
||||||
ap23:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- g10
|
|
||||||
switch-c1:
|
|
||||||
mode: bond
|
|
||||||
group: 2
|
|
||||||
ports:
|
|
||||||
- g29
|
|
||||||
- g30
|
|
||||||
- g31
|
|
||||||
- g32
|
|
||||||
switch-d1:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- g34
|
|
||||||
server1:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
# - g46
|
|
||||||
# - g47
|
|
||||||
# - g48
|
|
||||||
- g24
|
|
||||||
server2:
|
|
||||||
mode: bond
|
|
||||||
group: 1
|
|
||||||
ports:
|
|
||||||
- g12
|
|
||||||
- g38
|
|
||||||
- g39
|
|
||||||
- g40
|
|
||||||
server5:
|
|
||||||
mode: bond
|
|
||||||
group: 6
|
|
||||||
ports:
|
|
||||||
- g17
|
|
||||||
- g18
|
|
||||||
- g19
|
|
||||||
- g20
|
|
||||||
server6:
|
|
||||||
mode: bond
|
|
||||||
group: 8
|
|
||||||
ports:
|
|
||||||
- g5
|
|
||||||
- g6
|
|
||||||
- g7
|
|
||||||
- g8
|
|
||||||
server7:
|
|
||||||
mode: bond
|
|
||||||
group: 7
|
|
||||||
ports:
|
|
||||||
- g9
|
|
||||||
- g11
|
|
||||||
- g14
|
|
||||||
- g15
|
|
||||||
server8:
|
|
||||||
mode: bond
|
|
||||||
group: 5
|
|
||||||
ports:
|
|
||||||
- g35
|
|
||||||
- g36
|
|
||||||
- g37
|
|
||||||
- g13
|
|
||||||
serv:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
# vps1
|
|
||||||
- g22
|
|
||||||
# c3d2-monit:
|
|
||||||
# mode: trunk
|
|
||||||
# ports:
|
|
||||||
# - g21
|
|
||||||
# - g45
|
|
||||||
c3d2:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- g23
|
|
||||||
switch-c3d2-main:
|
|
||||||
mode: bond
|
|
||||||
group: 4
|
|
||||||
ports:
|
|
||||||
- g41
|
|
||||||
- g42
|
|
||||||
- g43
|
|
||||||
- g44
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf/c9ysLI/ePzYtqz7AyoKBZQKFau/pEpQDswA5hdJiRSgh
|
|
||||||
TQ73u7NVVYTGk/sZ2awAVLQ/KUM7JPMHMXK1+uPIQq0/+Xg/v5zJdaWwRUUIGtCz
|
|
||||||
Sg3BpV41a/NgxlJbh0bJw0CjlgTHF7qIhiQNoHx/DnYECab8bMr8i7NziWXZl1kf
|
|
||||||
6A5BqAu5siaaqngn5wYmMdstl48lejiDNgtZSeti/1FV9fk4D2w9zEMHZnTS2M+O
|
|
||||||
TzDk2lsAA4CEXeQBsBOSMsbHDy6yo4CzuNk61ALfH8a3Tn1sQjfSLo021xAvqj5U
|
|
||||||
nS9/L/57ffRILzz1hfURBV0N/VnDqi5enSZIvVU2WtJLAZEAghgXjE7rfjsN1ypG
|
|
||||||
mYUz1OQ9cLG8ttSL9+fhYc8rCW0jx8KD5HKPiNHnR1x0s2RbUnprQdlFgC4go8U7
|
|
||||||
DRE15mc7GkkYbvIl
|
|
||||||
=/BZc
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
||||||
switch-b2:
|
|
||||||
model: '3com-4200G'
|
|
||||||
location: Haus B Souterrain
|
|
||||||
# Ports 1-24 oben
|
|
||||||
# Ports 25-48 unten
|
|
||||||
# Ports 49-52 unten seitlich (optisch)
|
|
||||||
# 10GE hinten
|
|
||||||
ports:
|
|
||||||
switch-b1:
|
|
||||||
mode: bond
|
|
||||||
group: 2
|
|
||||||
ports:
|
|
||||||
- TenGigabitEthernet 1/1/1
|
|
||||||
- GigabitEthernet 1/0/25
|
|
||||||
- GigabitEthernet 1/0/26
|
|
||||||
- GigabitEthernet 1/0/27
|
|
||||||
- GigabitEthernet 1/0/28
|
|
||||||
mgmt:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet1/0/1
|
|
||||||
- GigabitEthernet1/0/41 # server3
|
|
||||||
- GigabitEthernet1/0/42 # server1
|
|
||||||
- GigabitEthernet1/0/43 # unused
|
|
||||||
- GigabitEthernet1/0/44 # server5
|
|
||||||
- GigabitEthernet1/0/45 # server6
|
|
||||||
- GigabitEthernet1/0/46 # server7
|
|
||||||
- GigabitEthernet1/0/47 # server8
|
|
||||||
- GigabitEthernet1/0/48 # server9
|
|
||||||
priv1:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/3
|
|
||||||
priv2:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/4
|
|
||||||
priv3:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/5
|
|
||||||
ap42:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/6
|
|
||||||
ap5:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/7
|
|
||||||
ap1:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/8
|
|
||||||
ap11:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/10
|
|
||||||
ap15:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/12
|
|
||||||
ap53:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/15
|
|
||||||
pub:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/11
|
|
||||||
- GigabitEthernet 1/0/20
|
|
||||||
- GigabitEthernet 1/0/24
|
|
||||||
ap18:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/18
|
|
||||||
ap51:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/13
|
|
||||||
server3:
|
|
||||||
mode: bond
|
|
||||||
group: 1
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet1/0/30
|
|
||||||
- GigabitEthernet1/0/31
|
|
||||||
server9:
|
|
||||||
mode: bond
|
|
||||||
group: 3
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet1/0/2
|
|
||||||
- GigabitEthernet1/0/29
|
|
||||||
- GigabitEthernet1/0/32
|
|
||||||
ap24:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/34
|
|
||||||
ap25:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/35
|
|
||||||
ap29:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/36
|
|
||||||
ap30:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/22
|
|
||||||
ap35:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/23
|
|
||||||
priv19:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/40
|
|
||||||
ap37:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/39
|
|
||||||
ap39:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/17
|
|
||||||
ap40:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/21
|
|
||||||
priv24:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/14
|
|
||||||
- GigabitEthernet 1/0/16
|
|
||||||
ap41:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/37
|
|
||||||
ap55:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/19
|
|
||||||
ap56:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/9
|
|
||||||
ap54:
|
|
||||||
mode: trunk
|
|
||||||
ports:
|
|
||||||
- GigabitEthernet 1/0/38
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf+N6p+ZuZsx1AF7CI2TKsxxEU1EyM1DIqtk7d5DoidTIZ4
|
|
||||||
zYnL9X72VSQiNRtkk955wU5sStanDjQMxBUcEO/bEQq6Cjy7tgWZZXEfCedM3Xzq
|
|
||||||
MEs861JCHdpBfL/zehHZxjmGe+St0xRGn4yBZcP/835Sl6t6q4znPFabcgDmIItX
|
|
||||||
ZsjaQfKd0La8GclHI1Pib7UuI6fvD70GkcQHoKoM1cOw8HQRpY953RnTNDKUk7is
|
|
||||||
ZjvhHkPUU2smLxJhCCwAiARq7TZceI0orfCkjQ87sRXavO82dn2Vq3mD9iVwnYY+
|
|
||||||
mVuYBhqguwq0HoOomHKf/JbQc7Gz8E+SBHWvjCUvVtJLARwt3KUvZGY28oKm7pcs
|
|
||||||
ITJJEiVPfnS2CtIm7T0nCm4LMiE20GWhhJIh8gIQuORlUvtMX0R29v3cVcNYCbIh
|
|
||||||
+2WKG1F/gum7at/q
|
|
||||||
=On3v
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
||||||
switch-c1:
|
|
||||||
model: 'HP-procurve-2824'
|
|
||||||
location: Turm C Keller, bei Kabelanschluessen
|
|
||||||
# Ports 1-19 ungerade oben
|
|
||||||
# Ports 2-20 gerade unten
|
|
||||||
# (15, 16 gehen aktuell nach Haus A)
|
|
||||||
# Ports 21-24 unten seitlich (optional optisch)
|
|
||||||
# Port 7 geht aktuell nach Turm C Erdgeschoss und dadurch zur Ecce
|
|
||||||
ports:
|
|
||||||
switch-b1:
|
|
||||||
mode: bond
|
|
||||||
group: 2
|
|
||||||
ports: 21-24
|
|
||||||
up1:
|
|
||||||
mode: access
|
|
||||||
ports: '1'
|
|
||||||
nostp: true
|
|
||||||
up2:
|
|
||||||
mode: access
|
|
||||||
ports: '2'
|
|
||||||
nostp: true
|
|
||||||
# up3:
|
|
||||||
# mode: access
|
|
||||||
# ports: '3'
|
|
||||||
# nostp: true
|
|
||||||
up4:
|
|
||||||
mode: access
|
|
||||||
ports: '4'
|
|
||||||
nostp: true
|
|
||||||
# "Antenne"
|
|
||||||
switch-dach:
|
|
||||||
mode: trunk
|
|
||||||
ports: '6'
|
|
||||||
iso1:
|
|
||||||
mode: access
|
|
||||||
ports: '9'
|
|
||||||
iso2:
|
|
||||||
mode: access
|
|
||||||
ports: '10'
|
|
||||||
iso3:
|
|
||||||
mode: access
|
|
||||||
ports: '11'
|
|
||||||
iso4:
|
|
||||||
mode: access
|
|
||||||
ports: '12'
|
|
||||||
iso5:
|
|
||||||
mode: access
|
|
||||||
ports: '13'
|
|
||||||
iso6:
|
|
||||||
mode: access
|
|
||||||
ports: '14'
|
|
||||||
# Saal A: durch dummen PoE-Switch mit Aggregation an ap44-50 + switch-a1
|
|
||||||
switch-a1:
|
|
||||||
mode: bond
|
|
||||||
group: 1
|
|
||||||
ports: 15-16
|
|
||||||
lacp: no
|
|
||||||
ap19:
|
|
||||||
mode: trunk
|
|
||||||
ports: 17
|
|
||||||
ap26:
|
|
||||||
mode: trunk
|
|
||||||
ports: 18
|
|
||||||
ap17:
|
|
||||||
mode: trunk
|
|
||||||
ports: 19
|
|
||||||
ap38:
|
|
||||||
mode: trunk
|
|
||||||
ports: 7
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQgAhPMG6VKUFLVNZmVfZ6P21CrXRmUeExuxIg4QIrYtKfYe
|
|
||||||
cxWst/IuHnDyL2TP8yGb00sjz7o0psZ9Z+zRCi/ONONyNzee103ymjXxk0Ygekid
|
|
||||||
1IGVeSTqskrgOl53mFZEfP4nBcOqzcNFjMkm0c5B2OmHHHOokOJ5Xzsya120SGXk
|
|
||||||
JnYFVsRD6GFwuF88pgQ5VrGd5/drMaIrNkJ69dyfvYdHRTd0UgtiZFOMesRYFFP7
|
|
||||||
+QdSW1MFoVZnjZgLeoNF/efIhHnTdClROCMZBYU5Z3pQcHAfE4GN3w+MceP/+5EY
|
|
||||||
z3wuSNpsuYNr8NnEDvofTJGdOLuclE6JPFvJMg1QptJKASfn3ZlOrL4ohbPGaDQ6
|
|
||||||
z1P+6DJXliXS7dBdxH0bsB2qRZslmcj286D9bPgTsuvCzOaxcTtkM8y76gVVOVBI
|
|
||||||
TN+j1/OdlXyVmTM=
|
|
||||||
=XUUi
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
||||||
# Unused: 3
|
|
||||||
switch-d1:
|
|
||||||
model: 'TL-SG3210'
|
|
||||||
location: Turm D Elektroraum
|
|
||||||
ports:
|
|
||||||
switch-b1:
|
|
||||||
mode: bond
|
|
||||||
ports: 1
|
|
||||||
group: 1
|
|
||||||
ap9:
|
|
||||||
mode: trunk
|
|
||||||
ports: 5
|
|
||||||
ap10:
|
|
||||||
mode: trunk
|
|
||||||
ports: 4
|
|
||||||
ap7:
|
|
||||||
mode: trunk
|
|
||||||
# Turm D, 5. Etage
|
|
||||||
ports: 8
|
|
||||||
ap22:
|
|
||||||
mode: trunk
|
|
||||||
ports: 2
|
|
||||||
ap12:
|
|
||||||
mode: trunk
|
|
||||||
ports: 7
|
|
||||||
ap3:
|
|
||||||
mode: trunk
|
|
||||||
ports: 3
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQgAkS9jHdnqPPary/yduPsA3Ya1rrERxfZxJnvicexUKl7b
|
|
||||||
eJlLe8e1BQE3BTaqkvLcBrGztBBvrgnv+kzmSTCd5jbL2/fFOdhedBsNjWpYtA7A
|
|
||||||
o6PPfYHka/Km4J/MihzVac9XUbBFhN0ETGYbGi0upPHHEKht3bUNzqkzvHxhQ8lJ
|
|
||||||
D7dDPs3vJXx3Ey8taZawdLJ9IcthvSojt8Un5A/SpdroW2CF4u0Gubuz+9D5i0T5
|
|
||||||
vXDqDQqEewu7pofxZ8TR4PY9PNHT9kmHyI2sIq1AkqP0Mn8wKP7dJVrUS3Z+xBUt
|
|
||||||
/f0B+8a0EJDuQBB2p7yRlBcg5d58TGB59pptmLpQ39JDAbZxHQymPKy3R14k1wKa
|
|
||||||
fYvaMBkaGtcu/foCb1r3xfAZOJSF5MT754wjvxB1bl/iizqJQm+WN3YAkja/Gwh+
|
|
||||||
J31/Ng==
|
|
||||||
=e45t
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
||||||
switch-c3d2-main:
|
|
||||||
model: 'HP-procurve-2824'
|
|
||||||
location: C3D2
|
|
||||||
# Ports 1-19 ungerade oben
|
|
||||||
# Ports 2-20 gerade unten
|
|
||||||
# (15, 16 gehen aktuell nach Haus A)
|
|
||||||
# Ports 21-24 unten seitlich (optional optisch)
|
|
||||||
# Unused Port 7 geht aktuell nach Turm C Erdgeschoss
|
|
||||||
ports:
|
|
||||||
mgmt:
|
|
||||||
mode: access
|
|
||||||
ports: 1
|
|
||||||
switch-b1:
|
|
||||||
mode: bond
|
|
||||||
group: 1
|
|
||||||
ports: 21-24
|
|
||||||
ap2:
|
|
||||||
mode: trunk
|
|
||||||
ports: 3
|
|
||||||
ap31:
|
|
||||||
mode: trunk
|
|
||||||
ports: 2
|
|
||||||
# For testing a new ap
|
|
||||||
ap-test1:
|
|
||||||
mode: trunk
|
|
||||||
ports: 4
|
|
||||||
# For testing a new ap
|
|
||||||
ap-test2:
|
|
||||||
mode: trunk
|
|
||||||
ports: 5
|
|
||||||
iso4:
|
|
||||||
mode: access
|
|
||||||
ports: 6
|
|
||||||
# Freifunk Mesh-on-LAN
|
|
||||||
bmx:
|
|
||||||
mode: access
|
|
||||||
ports: 7
|
|
||||||
c3d2:
|
|
||||||
mode: access
|
|
||||||
ports: '8-20'
|
|
||||||
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf+P65UkLF8x+pDNEoeSISflL8QTPih/D8lP5CK5gYTaL6x
|
|
||||||
0SoVanRYdXERiXdZ1FXw/zorg76Ofpa35k+88wRK7XxGDkP62TC26Qeu8ZbCX4kR
|
|
||||||
t+IQSlKk74YTCC15vBFF+pAa5PFCWPBiWcl5yKTxCNy7e/wHSVtusia6WcmvwJJy
|
|
||||||
M4cY8uPiKEtwLqwZ6hJIjNbjU8yFRI3EQ1irTcd/6WBErIoaaeQT5GpUvPQ6xa6R
|
|
||||||
lfw0OVmKK31Kmwgs+Wty/hiBlASMGdUQZDHVwsoLyFIpWejH+lfY4RMkdqz8BP2a
|
|
||||||
CFxQMWipc4lXMw1n4oXpkr5DPAYB0d2vDPL2sKV5KNJJAe9RC4rLlk+9uYqE4PyK
|
|
||||||
RswLCZhHuKqFa07ufkRpbFGyywAa70UXtbvPkbJb6G1mJ75ozXTS11JqhAdnHCBC
|
|
||||||
2i+VD94/nzLdvg==
|
|
||||||
=1SbG
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
||||||
# switch-a1-poe:
|
|
||||||
# password: |
|
|
||||||
# ----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
# hQEMA2PKcvDMvlKLAQf/ZSCPgN2uBCz3eZgIhOlTsAIxOHugCrROoXzmnV+XiD8j
|
|
||||||
# BP3T/KWCooFhdiWx9STyVJWk/tKz3UoVm+PmfYVeM7N3/FCXvN9N8eM1LNat/KVF
|
|
||||||
# frAu9raBhvH12DOBvSa5ouC9dbM/ggh/joJBUhIppGZk0aBGTjYcdxnQPGZmkwej
|
|
||||||
# ysnrKedMuIXGh+NWGusTe2Pgs81Ei5w/rnRp4jJZd4YD5hIVnO2KqPT50mlmc4Hi
|
|
||||||
# 6eg65oqFrzG5bJb1NYObt3D66nHpKZPoOXiw2Gg87twFvRsV7x+dyXuNvsOr3nIb
|
|
||||||
# Keeib9sXus67+zNwGJ5MmnZz5kM+iLE3AcTAQ67andJEAQAvyoDfxMMlMqhx/QNU
|
|
||||||
# VlTLZwdATmZ/JdCSoN+ti1+XG+7Lo7faOpUW/CxYD5iiSHsrA1/TvhZkVDB+Oqmx
|
|
||||||
# NJUMaDQ=
|
|
||||||
# =kig9
|
|
||||||
# -----END PGP MESSAGE-----
|
|
||||||
|
|
||||||
switch-a1:
|
|
||||||
model: 'TL-SG3210'
|
|
||||||
location: Saal A
|
|
||||||
ports:
|
|
||||||
# ZW stage
|
|
||||||
priv25:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- 2
|
|
||||||
- 3
|
|
||||||
- 4
|
|
||||||
- 5
|
|
||||||
pub:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- 8
|
|
||||||
# ZW office
|
|
||||||
priv31:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- 6
|
|
||||||
switch-c1:
|
|
||||||
# Eigentlich gehen diese Ports durch das dumme PoE-Switch mit
|
|
||||||
# statisch konfigurierter Aggregation
|
|
||||||
mode: trunk
|
|
||||||
ports: 7
|
|
||||||
iso4:
|
|
||||||
mode: access
|
|
||||||
ports:
|
|
||||||
- 1
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQgAkS9jHdnqPPary/yduPsA3Ya1rrERxfZxJnvicexUKl7b
|
|
||||||
eJlLe8e1BQE3BTaqkvLcBrGztBBvrgnv+kzmSTCd5jbL2/fFOdhedBsNjWpYtA7A
|
|
||||||
o6PPfYHka/Km4J/MihzVac9XUbBFhN0ETGYbGi0upPHHEKht3bUNzqkzvHxhQ8lJ
|
|
||||||
D7dDPs3vJXx3Ey8taZawdLJ9IcthvSojt8Un5A/SpdroW2CF4u0Gubuz+9D5i0T5
|
|
||||||
vXDqDQqEewu7pofxZ8TR4PY9PNHT9kmHyI2sIq1AkqP0Mn8wKP7dJVrUS3Z+xBUt
|
|
||||||
/f0B+8a0EJDuQBB2p7yRlBcg5d58TGB59pptmLpQ39JDAbZxHQymPKy3R14k1wKa
|
|
||||||
fYvaMBkaGtcu/foCb1r3xfAZOJSF5MT754wjvxB1bl/iizqJQm+WN3YAkja/Gwh+
|
|
||||||
J31/Ng==
|
|
||||||
=e45t
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
||||||
switch-dach:
|
|
||||||
model: 'HP-procurve-2824'
|
|
||||||
location: Dach
|
|
||||||
ports:
|
|
||||||
mgmt:
|
|
||||||
mode: access
|
|
||||||
ports: '1'
|
|
||||||
switch-c1:
|
|
||||||
mode: trunk
|
|
||||||
ports: '24'
|
|
||||||
# Starlink
|
|
||||||
up3:
|
|
||||||
mode: access
|
|
||||||
ports: '3'
|
|
||||||
nostp: true
|
|
||||||
# Freifunk Mesh-on-LAN
|
|
||||||
bmx:
|
|
||||||
mode: access
|
|
||||||
ports: '10-19'
|
|
||||||
serv:
|
|
||||||
mode: access
|
|
||||||
ports: '6-9'
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQgAkS9jHdnqPPary/yduPsA3Ya1rrERxfZxJnvicexUKl7b
|
|
||||||
eJlLe8e1BQE3BTaqkvLcBrGztBBvrgnv+kzmSTCd5jbL2/fFOdhedBsNjWpYtA7A
|
|
||||||
o6PPfYHka/Km4J/MihzVac9XUbBFhN0ETGYbGi0upPHHEKht3bUNzqkzvHxhQ8lJ
|
|
||||||
D7dDPs3vJXx3Ey8taZawdLJ9IcthvSojt8Un5A/SpdroW2CF4u0Gubuz+9D5i0T5
|
|
||||||
vXDqDQqEewu7pofxZ8TR4PY9PNHT9kmHyI2sIq1AkqP0Mn8wKP7dJVrUS3Z+xBUt
|
|
||||||
/f0B+8a0EJDuQBB2p7yRlBcg5d58TGB59pptmLpQ39JDAbZxHQymPKy3R14k1wKa
|
|
||||||
fYvaMBkaGtcu/foCb1r3xfAZOJSF5MT754wjvxB1bl/iizqJQm+WN3YAkja/Gwh+
|
|
||||||
J31/Ng==
|
|
||||||
=e45t
|
|
||||||
-----END PGP MESSAGE-----
|
|
|
@ -1,62 +0,0 @@
|
||||||
base:
|
|
||||||
'*':
|
|
||||||
- hosts
|
|
||||||
- subnets
|
|
||||||
- vlans
|
|
||||||
'server1':
|
|
||||||
- lxc-containers.server1
|
|
||||||
- bird.ospf
|
|
||||||
- switches
|
|
||||||
- cpe.aps
|
|
||||||
- collectd.server1
|
|
||||||
- keys
|
|
||||||
'server2':
|
|
||||||
- lxc-containers.server1
|
|
||||||
- bird.ospf
|
|
||||||
- switches
|
|
||||||
- cpe.aps
|
|
||||||
- collectd.server1
|
|
||||||
- keys
|
|
||||||
'priv*-gw':
|
|
||||||
- dhcp
|
|
||||||
- bird.radv
|
|
||||||
- bird.ospf
|
|
||||||
- collectd.gw
|
|
||||||
'pub-gw or serv-gw':
|
|
||||||
- dhcp
|
|
||||||
- bird.radv
|
|
||||||
- bird.ospf
|
|
||||||
'pub-gw':
|
|
||||||
- collectd.gw
|
|
||||||
'c3d2-gw* or c3d2-anon or mgmt-gw or cls-gw':
|
|
||||||
- bird.ospf
|
|
||||||
'c3d2-gw1 or cls-gw':
|
|
||||||
- bird.radv
|
|
||||||
'bgp':
|
|
||||||
- bird.ospf
|
|
||||||
- bird.bgp
|
|
||||||
'upstream*':
|
|
||||||
- bird.ospf
|
|
||||||
- collectd.upstream
|
|
||||||
# for forward-zones in unbound
|
|
||||||
- bind.dns
|
|
||||||
'upstream1':
|
|
||||||
- upstream.upstream1
|
|
||||||
- bind.dyndns.upstream1
|
|
||||||
'upstream2':
|
|
||||||
- upstream.upstream2
|
|
||||||
- bind.dyndns.upstream2
|
|
||||||
'anon*':
|
|
||||||
- bird.ospf
|
|
||||||
- wireguard.anon1
|
|
||||||
- upstream.anon1
|
|
||||||
- collectd.upstream
|
|
||||||
- bind.dyndns.anon1
|
|
||||||
- bind.dns
|
|
||||||
'dns':
|
|
||||||
- bind.dns
|
|
||||||
- bind.dyndns.upstream1
|
|
||||||
- bind.dyndns.upstream2
|
|
||||||
- bind.dyndns.anon1
|
|
||||||
'stats':
|
|
||||||
- collectd.stats-server
|
|
|
@ -1,5 +0,0 @@
|
||||||
upstream:
|
|
||||||
interface: protonvpn
|
|
||||||
nat66-interface: protonvpn
|
|
||||||
up-bandwidth: 45000
|
|
||||||
flows: 4096
|
|
|
@ -1,46 +0,0 @@
|
||||||
upstream:
|
|
||||||
interface: up1
|
|
||||||
nat66-interface: 6to4
|
|
||||||
up-bandwidth: 52500
|
|
||||||
flows: 2048
|
|
||||||
|
|
||||||
port-forwarding:
|
|
||||||
- proto: tcp
|
|
||||||
port: 80
|
|
||||||
to: 172.20.73.45:80
|
|
||||||
- proto: tcp
|
|
||||||
port: 443
|
|
||||||
to: 172.20.73.45:443
|
|
||||||
- proto: udp
|
|
||||||
port: 2325
|
|
||||||
to: 172.22.99.253
|
|
||||||
- proto: udp
|
|
||||||
port: 2399
|
|
||||||
to: 172.22.99.253
|
|
||||||
- proto: udp
|
|
||||||
port: 2327
|
|
||||||
to: 172.22.99.253
|
|
||||||
- proto: udp
|
|
||||||
port: 2338
|
|
||||||
to: 172.22.99.253
|
|
||||||
- proto: udp
|
|
||||||
port: 2339
|
|
||||||
to: 172.22.99.253
|
|
||||||
- proto: udp
|
|
||||||
port: 40533
|
|
||||||
to: 172.22.99.253
|
|
||||||
- proto: udp
|
|
||||||
port: 61699
|
|
||||||
to: 172.22.99.253
|
|
||||||
- proto: tcp
|
|
||||||
port: 2222
|
|
||||||
to: 172.20.74.210:22
|
|
||||||
- proto: tcp
|
|
||||||
port: 8443
|
|
||||||
to: 172.20.74.210:443
|
|
||||||
- proto: tcp
|
|
||||||
port: 2223
|
|
||||||
to: 172.20.73.47:22
|
|
||||||
- proto: udp
|
|
||||||
port: 30000
|
|
||||||
to: 172.20.73.48:30000
|
|
|
@ -1,41 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
|
|
||||||
upstream:
|
|
||||||
interface: up2
|
|
||||||
nat66-interface: up2
|
|
||||||
up-bandwidth: 52500
|
|
||||||
flows: 2048
|
|
||||||
|
|
||||||
port-forwarding:
|
|
||||||
- proto: udp
|
|
||||||
port: 1194
|
|
||||||
to: 172.20.75.9:1194
|
|
||||||
- proto: tcp
|
|
||||||
port: 2222
|
|
||||||
to: 172.20.74.210:22
|
|
||||||
- proto: tcp
|
|
||||||
port: 8443
|
|
||||||
to: 172.20.74.210:443
|
|
||||||
|
|
||||||
ipv6-tunnel:
|
|
||||||
endpoint: 216.66.80.30
|
|
||||||
address: 2001:470:1f0a:12b2::2/64
|
|
||||||
gateway: 2001:470:1f0a:12b2::1
|
|
||||||
|
|
||||||
tunnelbroker:
|
|
||||||
tunnel_id: '407181'
|
|
||||||
username: 'C3D2HQ'
|
|
||||||
key: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf+MPl9B7V1GfG+ps+cILxxnGA8nx9KN69Zj03T5KVYMWw7
|
|
||||||
6nMfXyhC6ZV3BTVUPqY290SaMP0wa4YjpewypfILoJLQDGV7SQaR8eVVCXQYusXK
|
|
||||||
M+L1jWr8f+GOCH5BYsX4WS0PhJ0EplSDlbsvT2NiLc7SFGsrLwpfL4jLJJ3ICSif
|
|
||||||
BbKZy7aovpAXmaeTFaYR7wsclXk7hM94U0uaF9HJK0e9WDFuHuz7dbAXLVFIHFIx
|
|
||||||
UdrjoA8GfRoCqMLXe9Uce+MPvkJX3m0oAtc68Znw/4ndMm6FIyuUhA/jh+gt4/2B
|
|
||||||
BXCch68PGnKNiFmRDW+h17ZiAFeobyb960wJBammLNJLAS+adCeoDgJCxXTzZ5Rh
|
|
||||||
IFEdKAewlFa1RXWn0HhGu7FYoeM+EbuH/ZYW9TOIWYRb3Ol36MPDoRuPEWU/bETG
|
|
||||||
UQEvc22wrpxOfjIA
|
|
||||||
=UbJD
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
|
|
|
@ -1,25 +0,0 @@
|
||||||
vlans:
|
|
||||||
# switches and CPE only have IP addresses configured in the management vlan
|
|
||||||
mgmt: 1
|
|
||||||
# routers, OSPF area 0
|
|
||||||
core: 2
|
|
||||||
# servers...
|
|
||||||
serv: 3
|
|
||||||
# ZW public
|
|
||||||
pub: 4
|
|
||||||
# C3D2 home network
|
|
||||||
c3d2: 5
|
|
||||||
cluster: 6
|
|
||||||
bmx: 7
|
|
||||||
# Modems
|
|
||||||
{%- for i in range(1, 5) %}
|
|
||||||
up{{ i }}: {{ i + 9 }}
|
|
||||||
{%- endfor %}
|
|
||||||
# Neighbor subnets
|
|
||||||
{%- for i in range(1, 62) %}
|
|
||||||
priv{{ i }}: {{ i + 39 }}
|
|
||||||
{%- endfor %}
|
|
||||||
# Isolated neighbors directly connection with their modems
|
|
||||||
{%- for i in range(1, 17) %}
|
|
||||||
iso{{ i }}: {{ i + 100 }}
|
|
||||||
{%- endfor %}
|
|
|
@ -1,85 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
|
|
||||||
openvpn:
|
|
||||||
protonvpn:
|
|
||||||
server: nl-free-01.protonvpn.com
|
|
||||||
user: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf7BCwzkTetWarslcjqPyMRqMmbigVnQmp2Fjr/jRy9VhFr
|
|
||||||
AljofSuYyWwWVk9aPGh5dNXShT4CzKs2eSrSno2H71bnuqxfc80dqhO3loM63NZL
|
|
||||||
EchUhT09keQ580WEp3CziDXDbe8T5clmour7Dy9kX/AI+WqeKtdAjgBaI50M3m6f
|
|
||||||
4TWt5zIUyMSxHtyEbpTswAtjD4GmjfsVHCUIw+EyfMsBVqRxYWDjtRUUE35wMeWm
|
|
||||||
k0DpyU5MF5CmKM108h8v69ti223kjB5hc+b/lg7lcr+8bjr3f9ELeg0pvtlkx4ps
|
|
||||||
VS8TXOIhT3KF7Bu9qKhmQFd5rwE5ColTiTcKpeq3iNJbAX3IIx7mvJSlYAeSwj0Y
|
|
||||||
2l4LUvpl1f+IQ/PhRMNO1TZEqbG7q762skrD/9DVbpRpFblqKhj9tuyv0OFiPPCa
|
|
||||||
QcVW+MHwyqKZ1g1/KVXAaEWTdIP3qyuvA4zOGQ==
|
|
||||||
=BLbr
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
password: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf9FW6GeyPCaJm9ftIW89GX61TCnzMPXzK8i9hwA9mmRJxb
|
|
||||||
DuZ9gbMD5WKzgVNoCEXmKZ1nnbSTwCn1YjhMWwmmextrAuAGQiGqFtzG+KiyUGr6
|
|
||||||
PG3iHXtzcz2v+oElB7hswnfpRS4XVB9VP/LlPk2azY1jaF+EyfO4WkN4Dg0ldIal
|
|
||||||
ulrOknmFKAQjbuPeRsejOEnpNocLd0fh5Phza66g4YxmPAT9QznOXCumrKrEoC5q
|
|
||||||
SW/9DxJugCiYmU5ti8pdySBVeRqeoen35tXdyl/8tMX0R97c27HCzzPRcMaQxQVc
|
|
||||||
yyrTDEib5T0PiphbtHcXBovlna87gUQn2uM+Zm3IL9JbAeadBusliNidAaMaB/hN
|
|
||||||
2jQcqRxJmTp+Xo7vLzziAlaGhYEivq2ROasgaXa97qbkFIIvy4HVJrRtx7s8xuli
|
|
||||||
s8uY4mS0ZjVgGvFYO2ZMD+TIKZxbd6XwAFDBlA==
|
|
||||||
=fZBz
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
ca: |
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIFozCCA4ugAwIBAgIBATANBgkqhkiG9w0BAQ0FADBAMQswCQYDVQQGEwJDSDEV
|
|
||||||
MBMGA1UEChMMUHJvdG9uVlBOIEFHMRowGAYDVQQDExFQcm90b25WUE4gUm9vdCBD
|
|
||||||
QTAeFw0xNzAyMTUxNDM4MDBaFw0yNzAyMTUxNDM4MDBaMEAxCzAJBgNVBAYTAkNI
|
|
||||||
MRUwEwYDVQQKEwxQcm90b25WUE4gQUcxGjAYBgNVBAMTEVByb3RvblZQTiBSb290
|
|
||||||
IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt+BsSsZg7+AuqTq7
|
|
||||||
vDbPzfygtl9f8fLJqO4amsyOXlI7pquL5IsEZhpWyJIIvYybqS4s1/T7BbvHPLVE
|
|
||||||
wlrq8A5DBIXcfuXrBbKoYkmpICGc2u1KYVGOZ9A+PH9z4Tr6OXFfXRnsbZToie8t
|
|
||||||
2Xjv/dZDdUDAqeW89I/mXg3k5x08m2nfGCQDm4gCanN1r5MT7ge56z0MkY3FFGCO
|
|
||||||
qRwspIEUzu1ZqGSTkG1eQiOYIrdOF5cc7n2APyvBIcfvp/W3cpTOEmEBJ7/14RnX
|
|
||||||
nHo0fcx61Inx/6ZxzKkW8BMdGGQF3tF6u2M0FjVN0lLH9S0ul1TgoOS56yEJ34hr
|
|
||||||
JSRTqHuar3t/xdCbKFZjyXFZFNsXVvgJu34CNLrHHTGJj9jiUfFnxWQYMo9UNUd4
|
|
||||||
a3PPG1HnbG7LAjlvj5JlJ5aqO5gshdnqb9uIQeR2CdzcCJgklwRGCyDT1pm7eoiv
|
|
||||||
WV19YBd81vKulLzgPavu3kRRe83yl29It2hwQ9FMs5w6ZV/X6ciTKo3etkX9nBD9
|
|
||||||
ZzJPsGQsBUy7CzO1jK4W01+u3ItmQS+1s4xtcFxdFY8o/q1zoqBlxpe5MQIWN6Qa
|
|
||||||
lryiET74gMHE/S5WrPlsq/gehxsdgc6GDUXG4dk8vn6OUMa6wb5wRO3VXGEc67IY
|
|
||||||
m4mDFTYiPvLaFOxtndlUWuCruKcCAwEAAaOBpzCBpDAMBgNVHRMEBTADAQH/MB0G
|
|
||||||
A1UdDgQWBBSDkIaYhLVZTwyLNTetNB2qV0gkVDBoBgNVHSMEYTBfgBSDkIaYhLVZ
|
|
||||||
TwyLNTetNB2qV0gkVKFEpEIwQDELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFByb3Rv
|
|
||||||
blZQTiBBRzEaMBgGA1UEAxMRUHJvdG9uVlBOIFJvb3QgQ0GCAQEwCwYDVR0PBAQD
|
|
||||||
AgEGMA0GCSqGSIb3DQEBDQUAA4ICAQCYr7LpvnfZXBCxVIVc2ea1fjxQ6vkTj0zM
|
|
||||||
htFs3qfeXpMRf+g1NAh4vv1UIwLsczilMt87SjpJ25pZPyS3O+/VlI9ceZMvtGXd
|
|
||||||
MGfXhTDp//zRoL1cbzSHee9tQlmEm1tKFxB0wfWd/inGRjZxpJCTQh8oc7CTziHZ
|
|
||||||
ufS+Jkfpc4Rasr31fl7mHhJahF1j/ka/OOWmFbiHBNjzmNWPQInJm+0ygFqij5qs
|
|
||||||
51OEvubR8yh5Mdq4TNuWhFuTxpqoJ87VKaSOx/Aefca44Etwcj4gHb7LThidw/ky
|
|
||||||
zysZiWjyrbfX/31RX7QanKiMk2RDtgZaWi/lMfsl5O+6E2lJ1vo4xv9pW8225B5X
|
|
||||||
eAeXHCfjV/vrrCFqeCprNF6a3Tn/LX6VNy3jbeC+167QagBOaoDA01XPOx7Odhsb
|
|
||||||
Gd7cJ5VkgyycZgLnT9zrChgwjx59JQosFEG1DsaAgHfpEl/N3YPJh68N7fwN41Cj
|
|
||||||
zsk39v6iZdfuet/sP7oiP5/gLmA/CIPNhdIYxaojbLjFPkftVjVPn49RqwqzJJPR
|
|
||||||
N8BOyb94yhQ7KO4F3IcLT/y/dsWitY0ZH4lCnAVV/v2YjWAWS3OWyC8BFx/Jmc3W
|
|
||||||
DK/yPwECUcPgHIeXiRjHnJt0Zcm23O2Q3RphpU+1SO3XixsXpOVOYP6rJIXW9bMZ
|
|
||||||
A1gTTlpi7A==
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
key: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf+IvF6zK4TMYgQIrt30zB2QGPU28pRD6gAmcEJman1QzH6
|
|
||||||
vMrjONchjC3qTE9GVhFlyuxHZaYHFOFEW8y7JV7VBR0BGWa5WwalbXngkyJfL/SM
|
|
||||||
A2zXH/7d5w1TBM0uJBb3vCKeqjBnw47Vm5jDh2CG7kJuD08330WNpnl2pZJebDBH
|
|
||||||
IWbcGrI8M45fcPS3ui2HM+PoFUmVNP3EaXRSxLQlK4CpQjVmz7Adf11+f1HotYE5
|
|
||||||
V5DIbqF0nqYdMgekg026d4TwZbhX8kAXtiJmGVd9Wwy6Osq9gGb8QmbjMNRpjdRp
|
|
||||||
1P2dD5HIdipmWQDCc+NEoowzsNobSteq+yz8mmCfPNLA/gHOCApyk/YeVjxpTaJU
|
|
||||||
OLlHBcZ2p35pc+aeKhxQyKqSr8dEnGrgWLjiHxo637D2PtI9NGGxOdEzPTeYzvzq
|
|
||||||
Gf9qIWmYWQdFiHcWGn42p8/sdSaqrixGNUhwc9ZnXzBaGF2j4mJ5lR8pgorfr2Wc
|
|
||||||
wOPQRFAwxFRMXonPvOHRYb8ARs7JWAMjqtEDbnaHYmvduqWYEpKZeUqlKAyl5d4h
|
|
||||||
Pou1u8W6HeFSOK5Dz/wSTHUB+/COLoR4xMv+ChBGWQkex4TlMzGroe0VjK4Zf4Ya
|
|
||||||
IPu/MZF6Pqi9AN+yydUnkpZWYcICGH5NPy7gVt8okKuAhqYJcrq5JTvqvyUTNdS2
|
|
||||||
icdTSPNY2k3+YvLmDwCqolIjB+kjOKjZw2bjZ1HV7RCrKJhXOxdyd9ktGFOlNCtw
|
|
||||||
UHZoIFg0TCYxEvNHoZyjJzp9V0d/CQBBCYmwD9hIFr602WQv7+Ro6b4CFCFXytOC
|
|
||||||
msSAsLx1oBgJAOs9lcBwD7nCyWNwsk/MsE9OsJICYA/8ZzJPuqcJLwEm9tmPcWGF
|
|
||||||
0ws4GJAet9U4TDwUEYdV9AvcBsl5MHNb4cgIfPuJWZ11Wx2MQ9RuD6L8fDI5H8wI
|
|
||||||
=164/
|
|
||||||
-----END PGP MESSAGE-----
|
|
|
@ -1,20 +0,0 @@
|
||||||
#!yaml|gpg
|
|
||||||
wireguard-instances:
|
|
||||||
'njalla':
|
|
||||||
private_key: |
|
|
||||||
-----BEGIN PGP MESSAGE-----
|
|
||||||
|
|
||||||
hQEMA2PKcvDMvlKLAQf/WyZLuFilGCU8WGG2i0IaX5ek9vvQ1eIEXKMmTXyU4OG8
|
|
||||||
ynaGYNwC5wKDxNhVas+twnCSpXpZLw61eRQrK6IhZnl69dzhFRZ5gR9T3VnMKNP6
|
|
||||||
2WsNQp5oEsNutvNw/6AkFm653T79zq/Rj3K+BM//+x3WKFShK+o/Y0+7L+2YEAo8
|
|
||||||
IeMS7nbB018acYZv0cEJGHJvcL/zHm6+IyW6WRz0tu5yaI8iwLMGDj6blVCu7efd
|
|
||||||
0JUAVPT+IrUhph6bH4jokkqxS0VCTgDmtLFmFDsCqv7SXwvDz4CvfzEPVATkiLNh
|
|
||||||
PCQBetoBbDkfEieulod8//O8j6EIa+rerGjwdvxX4dJnAfLGmn8KSDTcQUWhqFwI
|
|
||||||
lpy2QkY5XtuqKWM1tm0qel92kNKd7zcBfjtQxTorOXsxch39nHGZJ4LV6u/Li2ss
|
|
||||||
ku2TdReHWjrpIvY/PCIZNEBUYcqNJI2SUT9LA95pc38pH4SugBI9TQ==
|
|
||||||
=ddWH
|
|
||||||
-----END PGP MESSAGE-----
|
|
||||||
addr: 'fd03:1337::210/64, 10.13.37.210/24'
|
|
||||||
peers:
|
|
||||||
- public_key: 'xhbsrE6GyyJZD8pwLBU694NWMzVCeRoqghTeGhMudl0='
|
|
||||||
endpoint: '198.167.192.29:51820'
|
|
Loading…
Reference in New Issue