config: split into many files

This commit is contained in:
Astro 2021-11-13 01:44:14 +01:00
parent 32c0def45b
commit 5f14ca3c46
13 changed files with 5769 additions and 5705 deletions

1876
config/ap.nix Normal file

File diff suppressed because it is too large Load Diff

162
config/c3d2.nix Normal file
View File

@ -0,0 +1,162 @@
{
site.net.c3d2 = {
dhcp = {
end = "172.22.99.199";
fixed-hosts = {
"172.22.99.96" = "08:00:27:bb:8c:b3";
"172.22.99.98" = "08:00:27:aa:90:e2";
"astrom.hq.c3d2.de" = "aa:00:5b:08:f0:5c";
"astron.hq.c3d2.de" = "aa:00:5b:08:f0:5b";
"batman.hq.c3d2.de" = "5c:cf:7f:c0:05:28";
"beere.hq.c3d2.de" = "b8:27:eb:ac:65:d2";
"beere2.hq.c3d2.de" = "b8:27:eb:53:0b:27";
"bender.hq.c3de.de" = "00:23:df:7e:c8:0a";
"cider.hq.c3d2.de" = "00:0d:93:75:ee:fa";
"dacbert.hq.c3d2.de" = "dc:a6:32:31:b6:32";
"dn42.hq.c3d2.de" = "aa:00:42:7a:32:46";
"drucker.hq.c3d2.de" = "00:23:c3:d2:12:0f";
"feile.hq.c3d2.de" = "aa:00:5b:12:c1:f7";
"fernandopoo.hq.c3d2.de" = "aa:00:f7:52:85:27";
"fhem.hq.c3d2.de" = "b8:27:eb:9e:8b:db";
"git.hq.c3d2.de" = "aa:00:47:d8:57:10";
"glotzbert.hq.c3d2.de" = "ec:a8:6b:fe:b4:cb";
"icq.hq.c3d2.de" = "aa:00:30:f6:27:89";
"jabber1.hq.c3d2.de" = "aa:00:0b:19:8f:14";
"jabber2.hq.c3d2.de" = "aa:00:3d:6a:23:b8";
"knot.hq.c3d2.de" = "52:54:cf:fd:ce:3f";
"ledball1.hq.c3d2.de" = "b8:27:eb:53:0b:27";
"ledbeere.hq.c3d2.de" = "b8:27:eb:60:99:59";
"leviathan.hq.c3d2.de" = "00:ff:08:31:db:e5";
"lisbeth.hq.c3d2.de" = "b8:27:eb:a5:ee:5c";
"marenz-build.hq.c3d2.de" = "44:1e:a1:59:2e:e8";
"matemat.hq.c3d2.de" = "a2:1b:7c:e8:19:72";
"minecraft.hq.c3d2.de" = "4a:57:d3:64:fe:e9";
"moleflap.hq.c3d2.de" = "aa:00:0d:b1:6c:67";
"monit.hq.c3d2.de" = "00:23:ae:94:e7:19";
"public-access-proxy.hq.c3d2.de" = "12:24:5f:bd:9b:e7";
"pulsebert.hq.c3d2.de" = "b8:27:eb:16:31:61";
"ruststripe1.hq.c3d2.de" = "06:32:0e:39:21:69";
"schalter.hq.c3d2.de" = "b8:27:eb:4c:be:ff";
"semanta.hq.c3d2.de" = "00:ff:e4:bb:ea:2a";
"server2.hq.c3d2.de" = "d0:67:e5:f3:57:10";
"server3.hq.c3d2.de" = "e4:1f:13:2e:4f:c0";
"server4.hq.c3d2.de" = "00:9c:02:a9:26:01";
"sharing.hq.c3d2.de" = "00:23:c3:d2:75:18";
"sofafon.hq.c3d2.de" = "b8:27:eb:23:8d:01";
"storage2.hq.c3d2.de" = "42:5e:0f:4e:f3:cc";
"ustriper.hq.c3d2.de" = "aa:bb:95:33:bb:aa";
"wiefelspuetz.hq.c3d2.de" = "aa:00:7f:01:8a:d0";
"wormhole.hq.c3d2.de" = "00:23:c3:d2:00:76";
"www1.hq.c3d2.de" = "aa:00:13:8b:03:47";
};
max-time = 2592000;
router = "c3d2-anon";
server = "c3d2-gw3";
start = "172.22.99.100";
time = 86400;
};
domainName = "c3d2.zentralwerk.org";
dynamicDomain = true;
hosts4 = {
bgp = "172.22.99.250";
c3d2-anon = "172.22.99.1";
c3d2-gw1 = "172.22.99.2";
c3d2-gw2 = "172.22.99.3";
c3d2-gw3 = "172.22.99.4";
dn42 = "172.22.99.253";
};
hosts6 = {
dn42 = {
bgp = "fd23:42:c3d2:523::c3d2:ff0b";
c3d2-anon = "fd23:42:c3d2:523::c3d2:1";
c3d2-gw1 = "fd23:42:c3d2:523::c3d2:2";
c3d2-gw2 = "fd23:42:c3d2:523::c3d2:3";
c3d2-gw3 = "fd23:42:c3d2:523::c3d2:4";
};
up4 = {
bgp = "2a00:8180:2c00:223::c3d2:ff0b";
c3d2-anon = "2a00:8180:2c00:223::c3d2:1";
c3d2-gw1 = "2a00:8180:2c00:223::c3d2:2";
c3d2-gw2 = "2a00:8180:2c00:223::c3d2:3";
c3d2-gw3 = "2a00:8180:2c00:223::c3d2:4";
};
};
subnet4 = "172.22.99.0/24";
subnet4Len = 24;
subnet4Net = "172.22.99.0";
subnets6 = {
dn42 = "fd23:42:c3d2:523::/64";
up4 = "2a00:8180:2c00:223::/64";
};
};
site.hosts = {
c3d2-anon = {
interfaces = {
c3d2 = {
hwaddr = "0A:14:48:01:07:05";
type = "veth";
};
core = {
hwaddr = "0A:14:48:01:07:04";
type = "veth";
};
};
ospf = {
allowedUpstreams = [ "anon1" "freifunk" ];
};
role = "container";
};
c3d2-gw1 = {
interfaces = {
c3d2 = {
hwaddr = "0A:14:48:01:21:01";
type = "veth";
};
core = {
hwaddr = "0A:14:48:01:21:00";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream3" "upstream4" "upstream1" "anon1" "freifunk" ];
};
role = "container";
};
c3d2-gw2 = {
interfaces = {
c3d2 = {
hwaddr = "0A:14:48:01:21:03";
type = "veth";
};
core = {
hwaddr = "0A:14:48:01:21:02";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream1" "upstream3" "upstream4" "anon1" "freifunk" ];
};
role = "container";
};
c3d2-gw3 = {
interfaces = {
c3d2 = {
hwaddr = "0A:14:48:01:21:05";
type = "veth";
};
core = {
hwaddr = "0A:14:48:01:21:04";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream4" "upstream3" "upstream1" "anon1" "freifunk" ];
};
role = "container";
};
};
}

220
config/cluster.nix Normal file
View File

@ -0,0 +1,220 @@
{
site.net.cluster = {
domainName = "cluster.zentralwerk.org";
extraRecords = [
{
data = "1 1 6789 server6";
name = "_ceph-mon._tcp";
type = "SRV";
}
{
data = "1 1 6789 server7";
name = "_ceph-mon._tcp";
type = "SRV";
}
{
data = "1 1 6789 server8";
name = "_ceph-mon._tcp";
type = "SRV";
}
];
hosts4 = {
cls-gw = "172.20.77.1";
server1 = "172.20.77.30";
server10 = "172.20.77.10";
server11 = "172.20.77.11";
server12 = "172.20.77.12";
server13 = "172.20.77.13";
server14 = "172.20.77.14";
server15 = "172.20.77.15";
server16 = "172.20.77.16";
server17 = "172.20.77.17";
server18 = "172.20.77.18";
server19 = "172.20.77.19";
server2 = "172.20.77.2";
server20 = "172.20.77.20";
server21 = "172.20.77.21";
server22 = "172.20.77.22";
server23 = "172.20.77.23";
server24 = "172.20.77.24";
server25 = "172.20.77.25";
server26 = "172.20.77.26";
server27 = "172.20.77.27";
server28 = "172.20.77.28";
server29 = "172.20.77.29";
server3 = "172.20.77.3";
server4 = "172.20.77.4";
server5 = "172.20.77.5";
server6 = "172.20.77.6";
server7 = "172.20.77.7";
server8 = "172.20.77.8";
server9 = "172.20.77.9";
};
hosts6 = {
dn42 = {
cls-gw = "fd23:42:c3d2:586::1";
server1 = "fd23:42:c3d2:586::130";
server10 = "fd23:42:c3d2:586::110";
server11 = "fd23:42:c3d2:586::111";
server12 = "fd23:42:c3d2:586::112";
server13 = "fd23:42:c3d2:586::113";
server14 = "fd23:42:c3d2:586::114";
server15 = "fd23:42:c3d2:586::115";
server16 = "fd23:42:c3d2:586::116";
server17 = "fd23:42:c3d2:586::117";
server18 = "fd23:42:c3d2:586::118";
server19 = "fd23:42:c3d2:586::119";
server2 = "fd23:42:c3d2:586::12";
server20 = "fd23:42:c3d2:586::120";
server21 = "fd23:42:c3d2:586::121";
server22 = "fd23:42:c3d2:586::122";
server23 = "fd23:42:c3d2:586::123";
server24 = "fd23:42:c3d2:586::124";
server25 = "fd23:42:c3d2:586::125";
server26 = "fd23:42:c3d2:586::126";
server27 = "fd23:42:c3d2:586::127";
server28 = "fd23:42:c3d2:586::128";
server29 = "fd23:42:c3d2:586::129";
server3 = "fd23:42:c3d2:586::13";
server4 = "fd23:42:c3d2:586::14";
server5 = "fd23:42:c3d2:586::15";
server6 = "fd23:42:c3d2:586::16";
server7 = "fd23:42:c3d2:586::17";
server8 = "fd23:42:c3d2:586::18";
server9 = "fd23:42:c3d2:586::19";
};
up4 = {
cls-gw = "2a00:8180:2c00:284::1";
server1 = "2a00:8180:2c00:284::130";
server10 = "2a00:8180:2c00:284::110";
server11 = "2a00:8180:2c00:284::111";
server12 = "2a00:8180:2c00:284::112";
server13 = "2a00:8180:2c00:284::113";
server14 = "2a00:8180:2c00:284::114";
server15 = "2a00:8180:2c00:284::115";
server16 = "2a00:8180:2c00:284::116";
server17 = "2a00:8180:2c00:284::117";
server18 = "2a00:8180:2c00:284::118";
server19 = "2a00:8180:2c00:284::119";
server2 = "2a00:8180:2c00:284::12";
server20 = "2a00:8180:2c00:284::120";
server21 = "2a00:8180:2c00:284::121";
server22 = "2a00:8180:2c00:284::122";
server23 = "2a00:8180:2c00:284::123";
server24 = "2a00:8180:2c00:284::124";
server25 = "2a00:8180:2c00:284::125";
server26 = "2a00:8180:2c00:284::126";
server27 = "2a00:8180:2c00:284::127";
server28 = "2a00:8180:2c00:284::128";
server29 = "2a00:8180:2c00:284::129";
server3 = "2a00:8180:2c00:284::13";
server30 = "2a00:8180:2c00:284::130";
server4 = "2a00:8180:2c00:284::14";
server5 = "2a00:8180:2c00:284::15";
server6 = "2a00:8180:2c00:284::16";
server7 = "2a00:8180:2c00:284::17";
server8 = "2a00:8180:2c00:284::18";
server9 = "2a00:8180:2c00:284::19";
};
};
subnet4 = "172.20.77.0/27";
subnet4Len = 27;
subnet4Net = "172.20.77.0";
subnets6 = {
dn42 = "fd23:42:c3d2:586::/64";
up4 = "2a00:8180:2c00:284::/64";
};
};
site.hosts = {
cls-gw = {
interfaces = {
cluster = {
hwaddr = "0A:14:48:01:06:02";
type = "veth";
};
core = {
hwaddr = "0A:14:48:01:06:03";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
};
role = "container";
};
server3 = {
interfaces = {
bmx.type = "bridge";
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv23.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
};
};
server5 = {
interfaces = {
bmx.type = "bridge";
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv23.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
};
};
server6 = {
interfaces = {
bmx.type = "bridge";
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv23.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
};
};
server7 = {
interfaces = {
bmx.type = "bridge";
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv23.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
};
};
server8 = {
interfaces = {
bmx.type = "bridge";
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv23.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
};
};
server9 = {
interfaces = {
bmx.type = "bridge";
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv23.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
};
};
};
}

File diff suppressed because it is too large Load Diff

230
config/core.nix Normal file
View File

@ -0,0 +1,230 @@
{
site.net.core = {
domainName = "core.zentralwerk.org";
hosts4 = {
anon1 = "172.20.72.7";
bgp = "172.20.72.27";
c3d2-anon = "172.20.72.9";
c3d2-gw1 = "172.20.72.8";
c3d2-gw2 = "172.20.72.63";
c3d2-gw3 = "172.20.72.64";
cls-gw = "172.20.72.29";
freifunk = "172.20.72.40";
mgmt-gw = "172.20.72.28";
priv1-gw = "172.20.72.4";
priv10-gw = "172.20.72.20";
priv11-gw = "172.20.72.21";
priv12-gw = "172.20.72.22";
priv13-gw = "172.20.72.23";
priv14-gw = "172.20.72.24";
priv15-gw = "172.20.72.25";
priv16-gw = "172.20.72.26";
priv17-gw = "172.20.72.30";
priv17-gw-up3 = "172.20.72.66";
priv18-gw = "172.20.72.31";
priv19-gw = "172.20.72.32";
priv2-gw = "172.20.72.5";
priv20-gw = "172.20.72.33";
priv21-gw = "172.20.72.34";
priv22-gw = "172.20.72.35";
priv23-gw = "172.20.72.36";
priv24-gw = "172.20.72.37";
priv25-gw = "172.20.72.38";
priv26-gw = "172.20.72.39";
priv27-gw = "172.20.72.41";
priv28-gw = "172.20.72.42";
priv29-gw = "172.20.72.43";
priv3-gw = "172.20.72.13";
priv30-gw = "172.20.72.44";
priv31-gw = "172.20.72.45";
priv32-gw = "172.20.72.46";
priv33-gw = "172.20.72.47";
priv34-gw = "172.20.72.48";
priv35-gw = "172.20.72.49";
priv36-gw = "172.20.72.50";
priv37-gw = "172.20.72.51";
priv38-gw = "172.20.72.52";
priv39-gw = "172.20.72.60";
priv4-gw = "172.20.72.14";
priv40-gw = "172.20.72.61";
priv41-gw = "172.20.72.65";
priv42-gw = "172.20.72.67";
priv5-gw = "172.20.72.15";
priv6-gw = "172.20.72.16";
priv7-gw = "172.20.72.17";
priv8-gw = "172.20.72.18";
priv9-gw = "172.20.72.19";
pub-gw = "172.20.72.3";
serv-gw = "172.20.72.2";
server3 = "172.20.72.53";
server4 = "172.20.72.54";
server5 = "172.20.72.55";
server6 = "172.20.72.56";
server7 = "172.20.72.57";
server8 = "172.20.72.58";
server9 = "172.20.72.59";
upstream1 = "172.20.72.6";
upstream2 = "172.20.72.10";
upstream3 = "172.20.72.11";
upstream4 = "172.20.72.12";
yggdrasil = "172.20.72.62";
};
hosts6 = {
dn42 = {
anon1 = "fd23:42:c3d2:581::9:1";
bgp = "fd23:42:c3d2:581::c3d2:b";
c3d2-anon = "fd23:42:c3d2:581::c3d2:a";
c3d2-gw1 = "fd23:42:c3d2:581::c3d2:1";
c3d2-gw2 = "fd23:42:c3d2:581::c3d2:2";
c3d2-gw3 = "fd23:42:c3d2:581::c3d2:3";
freifunk = "fd23:42:c3d2:581:8000::1";
mgmt-gw = "fd23:42:c3d2:581::8:3";
priv1-gw = "fd23:42:c3d2:581::c:0";
priv10-gw = "fd23:42:c3d2:581::c:9";
priv11-gw = "fd23:42:c3d2:581::c:a";
priv12-gw = "fd23:42:c3d2:581::c:b";
priv13-gw = "fd23:42:c3d2:581::c:c";
priv14-gw = "fd23:42:c3d2:581::c:d";
priv15-gw = "fd23:42:c3d2:581::c:e";
priv16-gw = "fd23:42:c3d2:581::c:f";
priv17-gw = "fd23:42:c3d2:581::c:10";
priv18-gw = "fd23:42:c3d2:581::c:11";
priv19-gw = "fd23:42:c3d2:581::c:12";
priv2-gw = "fd23:42:c3d2:581::c:1";
priv20-gw = "fd23:42:c3d2:581::c:13";
priv21-gw = "fd23:42:c3d2:581::c:14";
priv22-gw = "fd23:42:c3d2:581::c:15";
priv23-gw = "fd23:42:c3d2:581::c:16";
priv24-gw = "fd23:42:c3d2:581::c:17";
priv25-gw = "fd23:42:c3d2:581::c:18";
priv26-gw = "fd23:42:c3d2:581::c:19";
priv27-gw = "fd23:42:c3d2:581::c:1a";
priv28-gw = "fd23:42:c3d2:581::c:1b";
priv29-gw = "fd23:42:c3d2:581::c:1c";
priv3-gw = "fd23:42:c3d2:581::c:2";
priv30-gw = "fd23:42:c3d2:581::c:1d";
priv31-gw = "fd23:42:c3d2:581::c:1e";
priv32-gw = "fd23:42:c3d2:581::c:1f";
priv33-gw = "fd23:42:c3d2:581::c:20";
priv34-gw = "fd23:42:c3d2:581::c:21";
priv35-gw = "fd23:42:c3d2:581::c:22";
priv36-gw = "fd23:42:c3d2:581::c:23";
priv37-gw = "fd23:42:c3d2:581::c:24";
priv38-gw = "fd23:42:c3d2:581::c:25";
priv39-gw = "fd23:42:c3d2:581::c:26";
priv4-gw = "fd23:42:c3d2:581::c:3";
priv40-gw = "fd23:42:c3d2:581::c:27";
priv41-gw = "fd23:42:c3d2:581::c:28";
priv42-gw = "fd23:42:c3d2:581::c:29";
priv5-gw = "fd23:42:c3d2:581::c:4";
priv6-gw = "fd23:42:c3d2:581::c:5";
priv7-gw = "fd23:42:c3d2:581::c:6";
priv8-gw = "fd23:42:c3d2:581::c:7";
priv9-gw = "fd23:42:c3d2:581::c:8";
pub-gw = "fd23:42:c3d2:581::8:2";
serv-gw = "fd23:42:c3d2:581::8:1";
server1 = "fd23:42:c3d2:581::1";
server2 = "fd23:42:c3d2:581::102";
upstream1 = "fd23:42:c3d2:581::b:0";
upstream2 = "fd23:42:c3d2:581::b:1";
upstream3 = "fd23:42:c3d2:581::b:2";
upstream4 = "fd23:42:c3d2:581::b:3";
yggdrasil = "fd23:42:c3d2:581:9000::1";
};
up4 = {
anon1 = "2a00:8180:2c00:281::9:1";
bgp = "2a00:8180:2c00:281::c3d2:b";
c3d2-anon = "2a00:8180:2c00:281::c3d2:a";
c3d2-gw1 = "2a00:8180:2c00:281::c3d2:1";
c3d2-gw2 = "2a00:8180:2c00:281::c3d2:2";
c3d2-gw3 = "2a00:8180:2c00:281::c3d2:3";
cls-gw = "2a00:8180:2c00:281::8:4";
freifunk = "2a00:8180:2c00:281:8000::1";
mgmt-gw = "2a00:8180:2c00:281::8:3";
priv1-gw = "2a00:8180:2c00:281::c:0";
priv10-gw = "2a00:8180:2c00:281::c:9";
priv11-gw = "2a00:8180:2c00:281::c:a";
priv12-gw = "2a00:8180:2c00:281::c:b";
priv13-gw = "2a00:8180:2c00:281::c:c";
priv14-gw = "2a00:8180:2c00:281::c:d";
priv15-gw = "2a00:8180:2c00:281::c:e";
priv16-gw = "2a00:8180:2c00:281::c:f";
priv17-gw = "2a00:8180:2c00:281::c:10";
priv18-gw = "2a00:8180:2c00:281::c:11";
priv19-gw = "2a00:8180:2c00:281::c:12";
priv2-gw = "2a00:8180:2c00:281::c:1";
priv20-gw = "2a00:8180:2c00:281::c:13";
priv21-gw = "2a00:8180:2c00:281::c:14";
priv22-gw = "2a00:8180:2c00:281::c:15";
priv23-gw = "2a00:8180:2c00:281::c:16";
priv24-gw = "2a00:8180:2c00:281::c:17";
priv25-gw = "2a00:8180:2c00:281::c:18";
priv26-gw = "2a00:8180:2c00:281::c:19";
priv27-gw = "2a00:8180:2c00:281::c:1a";
priv28-gw = "2a00:8180:2c00:281::c:1b";
priv29-gw = "2a00:8180:2c00:281::c:1c";
priv3-gw = "2a00:8180:2c00:281::c:2";
priv30-gw = "2a00:8180:2c00:281::c:1d";
priv31-gw = "2a00:8180:2c00:281::c:1e";
priv32-gw = "2a00:8180:2c00:281::c:1f";
priv33-gw = "2a00:8180:2c00:281::c:20";
priv34-gw = "2a00:8180:2c00:281::c:21";
priv35-gw = "2a00:8180:2c00:281::c:22";
priv36-gw = "2a00:8180:2c00:281::c:23";
priv37-gw = "2a00:8180:2c00:281::c:24";
priv38-gw = "2a00:8180:2c00:281::c:25";
priv39-gw = "2a00:8180:2c00:281::c:26";
priv4-gw = "2a00:8180:2c00:281::c:3";
priv40-gw = "2a00:8180:2c00:281::c:27";
priv41-gw = "2a00:8180:2c00:281::c:28";
priv42-gw = "2a00:8180:2c00:281::c:29";
priv5-gw = "2a00:8180:2c00:281::c:4";
priv6-gw = "2a00:8180:2c00:281::c:5";
priv7-gw = "2a00:8180:2c00:281::c:6";
priv8-gw = "2a00:8180:2c00:281::c:7";
priv9-gw = "2a00:8180:2c00:281::c:8";
serv-gw = "2a00:8180:2c00:281::8:1";
upstream1 = "2a00:8180:2c00:281::b:0";
upstream4 = "2a00:8180:2c00:281::b:1";
yggdrasil = "2a00:8180:2c00:281:9000::1";
};
};
subnet4 = "172.20.72.0/25";
subnet4Len = 25;
subnet4Net = "172.20.72.0";
subnets6 = {
dn42 = "fd23:42:c3d2:581::/64";
up4 = "2a00:8180:2c00:281::/64";
};
};
site.hosts = {
bgp = {
bgp = {
asn = 4242421127;
peers = {
"172.22.99.253" = { asn = 64699; };
"fe80::a800:42ff:fe7a:3246%c3d2" = { asn = 64699; };
};
};
interfaces = {
c3d2 = {
hwaddr = "0A:14:48:01:22:01";
type = "veth";
};
core = {
hwaddr = "0A:14:48:01:22:00";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
stubNets4 = [ "172.20.0.0/14" "10.0.0.0/8" ];
stubNets6 =
[ "fd00::/8" "2a02:8106:208:5200::/56" "2a02:8106:211:e900::/56" ];
};
role = "container";
};
};
}

View File

@ -1,8 +1,22 @@
{
imports = [
./config.nix
# Secrets
./secrets.nix
# Hardware
./vlan.nix
./switch.nix
./ap.nix
./server.nix
# IP
./core.nix
./mgmt.nix
./upstream.nix
./c3d2.nix
./priv.nix
./pub.nix
./cluster.nix
./serv.nix
];
}

200
config/mgmt.nix Normal file
View File

@ -0,0 +1,200 @@
{
site.net.mgmt = {
domainName = "mgmt.zentralwerk.org";
hosts4 = {
ap1 = "10.0.0.41";
ap10 = "10.0.0.50";
ap11 = "10.0.0.51";
ap12 = "10.0.0.52";
ap13 = "10.0.0.53";
ap14 = "10.0.0.54";
ap15 = "10.0.0.55";
ap16 = "10.0.0.56";
ap17 = "10.0.0.57";
ap18 = "10.0.0.58";
ap19 = "10.0.0.59";
ap2 = "10.0.0.42";
ap20 = "10.0.0.60";
ap21 = "10.0.0.61";
ap22 = "10.0.0.62";
ap23 = "10.0.0.63";
ap24 = "10.0.0.64";
ap25 = "10.0.0.65";
ap26 = "10.0.0.66";
ap27 = "10.0.0.67";
ap28 = "10.0.0.68";
ap29 = "10.0.0.69";
ap3 = "10.0.0.43";
ap30 = "10.0.0.70";
ap31 = "10.0.0.71";
ap32 = "10.0.0.72";
ap33 = "10.0.0.73";
ap34 = "10.0.0.74";
ap35 = "10.0.0.75";
ap36 = "10.0.0.76";
ap37 = "10.0.0.77";
ap38 = "10.0.0.78";
ap39 = "10.0.0.79";
ap4 = "10.0.0.44";
ap40 = "10.0.0.80";
ap41 = "10.0.0.81";
ap42 = "10.0.0.82";
ap43 = "10.0.0.83";
ap44 = "10.0.0.84";
ap45 = "10.0.0.85";
ap46 = "10.0.0.86";
ap47 = "10.0.0.87";
ap48 = "10.0.0.88";
ap49 = "10.0.0.89";
ap5 = "10.0.0.45";
ap50 = "10.0.0.90";
ap51 = "10.0.0.91";
ap52 = "10.0.0.92";
ap53 = "10.0.0.93";
ap54 = "10.0.0.94";
ap55 = "10.0.0.95";
ap56 = "10.0.0.96";
ap57 = "10.0.0.97";
ap58 = "10.0.0.98";
ap59 = "10.0.0.99";
ap6 = "10.0.0.46";
ap60 = "10.0.0.100";
ap61 = "10.0.0.101";
ap62 = "10.0.0.102";
ap63 = "10.0.0.103";
ap64 = "10.0.0.104";
ap7 = "10.0.0.47";
ap8 = "10.0.0.48";
ap9 = "10.0.0.49";
logging = "10.0.0.251";
mgmt-gw = "10.0.0.254";
monit = "10.0.0.250";
server1 = "10.0.0.1";
server1-ipmi = "10.0.0.201";
server2 = "10.0.0.2";
server2-ipmi = "10.0.0.202";
server3 = "10.0.0.3";
server3-ipmi = "10.0.0.203";
server4 = "10.0.0.4";
server4-ipmi = "10.0.0.204";
server5 = "10.0.0.5";
server5-ipmi = "10.0.0.205";
server6 = "10.0.0.6";
server6-ipmi = "10.0.0.206";
server7 = "10.0.0.7";
server7-ipmi = "10.0.0.207";
server8 = "10.0.0.8";
server8-ipmi = "10.0.0.208";
server9 = "10.0.0.9";
server9-ipmi = "10.0.0.209";
switch-a1 = "10.0.0.15";
switch-a1-cpe = "10.0.0.16";
switch-b1 = "10.0.0.10";
switch-b2 = "10.0.0.11";
switch-c1 = "10.0.0.12";
switch-c3d2-main = "10.0.0.14";
switch-d1 = "10.0.0.13";
switch-dach = "10.0.0.17";
};
hosts6 = {
dn42 = {
ap1 = "fd23:42:c3d2:580::4:1";
ap10 = "fd23:42:c3d2:580::4:a";
ap11 = "fd23:42:c3d2:580::4:b";
ap12 = "fd23:42:c3d2:580::4:c";
ap13 = "fd23:42:c3d2:580::4:d";
ap14 = "fd23:42:c3d2:580::4:e";
ap15 = "fd23:42:c3d2:580::4:f";
ap16 = "fd23:42:c3d2:580::4:10";
ap17 = "fd23:42:c3d2:580::4:11";
ap18 = "fd23:42:c3d2:580::4:12";
ap19 = "fd23:42:c3d2:580::4:13";
ap2 = "fd23:42:c3d2:580::4:2";
ap20 = "fd23:42:c3d2:580::4:14";
ap21 = "fd23:42:c3d2:580::4:15";
ap22 = "fd23:42:c3d2:580::4:16";
ap23 = "fd23:42:c3d2:580::4:17";
ap24 = "fd23:42:c3d2:580::4:18";
ap25 = "fd23:42:c3d2:580::4:19";
ap26 = "fd23:42:c3d2:580::4:1a";
ap27 = "fd23:42:c3d2:580::4:1b";
ap28 = "fd23:42:c3d2:580::4:1c";
ap29 = "fd23:42:c3d2:580::4:1d";
ap3 = "fd23:42:c3d2:580::4:3";
ap30 = "fd23:42:c3d2:580::4:1e";
ap31 = "fd23:42:c3d2:580::4:1f";
ap32 = "fd23:42:c3d2:580::4:20";
ap33 = "fd23:42:c3d2:580::4:21";
ap34 = "fd23:42:c3d2:580::4:22";
ap35 = "fd23:42:c3d2:580::4:23";
ap36 = "fd23:42:c3d2:580::4:24";
ap37 = "fd23:42:c3d2:580::4:25";
ap38 = "fd23:42:c3d2:580::4:26";
ap39 = "fd23:42:c3d2:580::4:27";
ap4 = "fd23:42:c3d2:580::4:4";
ap40 = "fd23:42:c3d2:580::4:28";
ap41 = "fd23:42:c3d2:580::4:29";
ap42 = "fd23:42:c3d2:580::4:2a";
ap43 = "fd23:42:c3d2:580::4:2b";
ap44 = "fd23:42:c3d2:580::4:2c";
ap45 = "fd23:42:c3d2:580::4:2d";
ap46 = "fd23:42:c3d2:580::4:2e";
ap47 = "fd23:42:c3d2:580::4:2f";
ap48 = "fd23:42:c3d2:580::4:30";
ap49 = "fd23:42:c3d2:580::4:31";
ap5 = "fd23:42:c3d2:580::4:5";
ap50 = "fd23:42:c3d2:580::4:32";
ap51 = "fd23:42:c3d2:580::4:33";
ap52 = "fd23:42:c3d2:580::4:34";
ap53 = "fd23:42:c3d2:580::4:35";
ap54 = "fd23:42:c3d2:580::4:36";
ap55 = "fd23:42:c3d2:580::4:37";
ap56 = "fd23:42:c3d2:580::4:38";
ap57 = "fd23:42:c3d2:580::4:39";
ap58 = "fd23:42:c3d2:580::4:3a";
ap59 = "fd23:42:c3d2:580::4:3b";
ap6 = "fd23:42:c3d2:580::4:6";
ap60 = "fd23:42:c3d2:580::4:3c";
ap61 = "fd23:42:c3d2:580::4:3d";
ap62 = "fd23:42:c3d2:580::4:3e";
ap63 = "fd23:42:c3d2:580::4:3f";
ap64 = "fd23:42:c3d2:580::4:40";
ap7 = "fd23:42:c3d2:580::4:7";
ap8 = "fd23:42:c3d2:580::4:8";
ap9 = "fd23:42:c3d2:580::4:9";
mgmt-gw = "fd23:42:c3d2:580:ffff:ffff:ffff:ffff";
monit = "fd23:42:c3d2:580::250";
server1 = "fd23:42:c3d2:580::1";
server2 = "fd23:42:c3d2:580::2";
switch-b1 = "fd23:42:c3d2:580::10";
switch-b2 = "fd23:42:c3d2:580::11";
switch-c1 = "fd23:42:c3d2:580::12";
switch-c3d2-main = "fd23:42:c3d2:580::14";
switch-d1 = "fd23:42:c3d2:580::13";
};
};
subnet4 = "10.0.0.0/24";
subnet4Len = 24;
subnet4Net = "10.0.0.0";
subnets6 = { dn42 = "fd23:42:c3d2:580::/64"; };
};
site.hosts.mgmt-gw = {
firewall.enable = true;
interfaces = {
core = {
hwaddr = "0A:14:48:01:24:01";
type = "veth";
};
mgmt = {
hwaddr = "0A:14:48:01:24:00";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
};
role = "container";
};
}

1950
config/priv.nix Normal file

File diff suppressed because it is too large Load Diff

37
config/pub.nix Normal file
View File

@ -0,0 +1,37 @@
{
site.net.pub = {
dhcp = {
end = "172.20.79.254";
max-time = 3600;
router = "pub-gw.pub";
server = "pub-gw";
start = "172.20.78.2";
time = 300;
};
domainName = "pub.zentralwerk.org";
dynamicDomain = true;
hosts4 = { pub-gw = "172.20.78.1"; };
hosts6 = { dn42 = { pub-gw = "fd23:42:c3d2:583::1"; }; };
subnet4 = "172.20.78.0/23";
subnet4Len = 23;
subnet4Net = "172.20.78.0";
subnets6 = { dn42 = "fd23:42:c3d2:583::/64"; };
};
site.hosts.pub-gw = {
interfaces = {
core = {
hwaddr = "0A:14:48:01:16:00";
type = "veth";
};
pub = {
hwaddr = "0A:14:48:01:16:01";
type = "veth";
};
};
ospf = {
allowedUpstreams = [ "anon1" "freifunk" ];
};
role = "container";
};
}

189
config/serv.nix Normal file
View File

@ -0,0 +1,189 @@
{
site.net.serv = {
domainName = "serv.zentralwerk.org";
hosts4 = {
bind = "172.20.73.61";
c3d2-web = "172.20.73.15";
deployer = "172.20.73.16";
dns = "172.20.73.2";
dnscache = "172.20.73.8";
gitea = "172.20.73.53";
grafana = "172.20.73.43";
hydra = "172.20.73.49";
ipa = "172.20.73.20";
jabber = "172.20.73.55";
keycloak = "172.20.73.59";
kibana = "172.20.73.44";
leonos = "172.20.73.47";
logging = "172.20.73.13";
mail = "172.20.73.58";
marenz = "172.20.73.46";
matemat = "172.20.73.21";
minecraft = "172.20.73.6";
minetest = "172.20.73.48";
mobilizon = "172.20.73.56";
mucbot = "172.20.73.27";
netboot = "172.20.73.50";
ntp = "172.20.73.5";
public-access-proxy = "172.20.73.45";
radiobert = "172.20.73.57";
radius = "172.20.73.4";
scrape = "172.20.73.32";
sdrweb = "172.20.73.60";
serv-gw = "172.20.73.1";
spaceapi = "172.20.73.25";
stats = "172.20.73.3";
stream = "172.20.73.54";
ticker = "172.20.73.52";
used1 = "172.20.73.7";
used10 = "172.20.73.22";
used11 = "172.20.73.23";
used12 = "172.20.73.24";
used13 = "172.20.73.26";
used14 = "172.20.73.28";
used15 = "172.20.73.29";
used16 = "172.20.73.30";
used17 = "172.20.73.31";
used18 = "172.20.73.32";
used19 = "172.20.73.33";
used2 = "172.20.73.9";
used20 = "172.20.73.34";
used21 = "172.20.73.35";
used22 = "172.20.73.36";
used23 = "172.20.73.37";
used24 = "172.20.73.38";
used25 = "172.20.73.39";
used26 = "172.20.73.40";
used3 = "172.20.73.10";
used4 = "172.20.73.11";
used5 = "172.20.73.12";
used6 = "172.20.73.14";
used7 = "172.20.73.17";
used8 = "172.20.73.18";
used9 = "172.20.73.19";
vps1 = "172.20.73.51";
zeit = "172.20.73.5";
};
hosts6 = {
dn42 = {
bind = "fd23:42:c3d2:582:cd7:56ff:fe69:6366";
c3d2-web = "fd23:42:c3d2:582:642e:95ff:fe34:49f9";
dns = "fd23:42:c3d2:582:2:0:0:2";
dnscache = "fd23:42:c3d2:582:f096:dbff:fee8:427d";
grafana = "fd23:42:c3d2:582:4042:fbff:fe4b:2de8";
hydra = "fd23:42:c3d2:582:e03c:d7ff:fe8e:fe16";
jabber = "fd23:42:c3d2:582:b869:ccff:fe46:902a";
keycloak = "fd23:42:c3d2:582:c48:bbff:fe87:721d";
logging = "fd23:42:c3d2:582:6811:edff:fe40:89c6";
mail = "fd23:42:c3d2:582:88c0:41ff:fe70:d6cd";
minetest = "fd23:42:c3d2:582:c3a:42ff:fe5d:b20c";
mobilizon = "fd23:42:c3d2:582:48d1:5cff:fea7:1676";
mongo = "fd23:42:c3d2:582:14ec:c8ff:fe0a:fc5c";
netboot = "fd23:42:c3d2:582:2:0:0:6";
radiobert = "fd23:42:c3d2:582:e65f:1ff:fe5d:1679";
radius = "fd23:42:c3d2:582:2:0:0:4";
serv-gw = "fd23:42:c3d2:582::1";
spaceapi = "fd23:42:c3d2:582:1457:adff:fe93:62e9";
stats = "fd23:42:c3d2:582:2:0:0:3";
zeit = "fd23:42:c3d2:582:2:0:0:5";
};
up4 = {
bind = "2a00:8180:2c00:282:cd7:56ff:fe69:6366";
c3d2-web = "2a00:8180:2c00:282:642e:95ff:fe34:49f9";
dns = "2a00:8180:2c00:282:2:0:0:2";
dnscache = "2a00:8180:2c00:282:f096:dbff:fee8:427d";
grafana = "2a00:8180:2c00:282:4042:fbff:fe4b:2de8";
hydra = "2a00:8180:2c00:282:e03c:d7ff:fe8e:fe16";
jabber = "2a00:8180:2c00:282:b869:ccff:fe46:902a";
keycloak = "2a00:8180:2c00:282:c48:bbff:fe87:721d";
logging = "2a00:8180:2c00:282:6811:edff:fe40:89c6";
mail = "2a00:8180:2c00:282:88c0:41ff:fe70:d6cd";
minetest = "2a00:8180:2c00:282:c3a:42ff:fe5d:b20c";
mobilizon = "2a00:8180:2c00:282:48d1:5cff:fea7:1676";
mongo = "2a00:8180:2c00:282:14ec:c8ff:fe0a:fc5c";
netboot = "2a00:8180:2c00:282:2:0:0:6";
public-access-proxy = "2a00:8180:2c00:282:1024:5fff:febd:9be7";
radiobert = "2a00:8180:2c00:282:e65f:1ff:fe5d:1679";
radius = "2a00:8180:2c00:282:2:0:0:4";
scrape = "2a00:8180:2c00:282:e073:50ff:fef5:eb6e";
serv-gw = "2a00:8180:2c00:282::1";
spaceapi = "2a00:8180:2c00:282:1457:adff:fe93:62e9";
stats = "2a00:8180:2c00:282:2:0:0:3";
ticker = "2a00:8180:2c00:282:b407:40ff:fec1:81f2";
zeit = "2a00:8180:2c00:282:2:0:0:5";
};
};
subnet4 = "172.20.73.0/26";
subnet4Len = 26;
subnet4Net = "172.20.73.0";
subnets6 = {
dn42 = "fd23:42:c3d2:582::/64";
up4 = "2a00:8180:2c00:282::/64";
};
};
site.hosts = {
dns = {
interfaces = {
serv = {
gw4 = "serv-gw";
gw6 = "serv-gw";
hwaddr = "0A:14:48:01:23:00";
type = "veth";
};
};
services.dns.enable = true;
role = "container";
};
dnscache = {
interfaces = {
serv = {
gw4 = "serv-gw";
gw6 = "serv-gw";
type = "veth";
};
};
services.dnscache.enable = true;
role = "container";
};
netboot = {
interfaces = {
serv = {
gw4 = "serv-gw";
gw6 = "serv-gw";
hwaddr = "0A:14:48:01:15:01";
type = "veth";
};
};
role = "container";
};
serv-gw = {
interfaces = {
core = {
hwaddr = "0A:14:48:01:06:01";
type = "veth";
};
serv = {
hwaddr = "0A:14:48:01:06:00";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream4" "upstream1" "upstream3" "anon1" "freifunk" ];
};
role = "container";
};
stats = {
interfaces = {
serv = {
gw4 = "serv-gw";
gw6 = "serv-gw";
hwaddr = "0A:14:48:01:15:00";
type = "veth";
};
};
role = "container";
};
};
}

125
config/server.nix Normal file
View File

@ -0,0 +1,125 @@
{
site = {
hosts = {
server1 = {
interfaces = {
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv1.type = "bridge";
priv10.type = "bridge";
priv11.type = "bridge";
priv12.type = "bridge";
priv13.type = "bridge";
priv14.type = "bridge";
priv15.type = "bridge";
priv16.type = "bridge";
priv17.type = "bridge";
priv18.type = "bridge";
priv19.type = "bridge";
priv2.type = "bridge";
priv20.type = "bridge";
priv21.type = "bridge";
priv22.type = "bridge";
priv23.type = "bridge";
priv24.type = "bridge";
priv25.type = "bridge";
priv26.type = "bridge";
priv27.type = "bridge";
priv28.type = "bridge";
priv29.type = "bridge";
priv3.type = "bridge";
priv30.type = "bridge";
priv31.type = "bridge";
priv32.type = "bridge";
priv33.type = "bridge";
priv34.type = "bridge";
priv35.type = "bridge";
priv36.type = "bridge";
priv37.type = "bridge";
priv38.type = "bridge";
priv39.type = "bridge";
priv4.type = "bridge";
priv40.type = "bridge";
priv41.type = "bridge";
priv42.type = "bridge";
priv5.type = "bridge";
priv6.type = "bridge";
priv7.type = "bridge";
priv8.type = "bridge";
priv9.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
up1.type = "bridge";
up2.type = "bridge";
up3.type = "bridge";
up4.type = "bridge";
};
model = "pc";
role = "server";
};
server2 = {
interfaces = {
c3d2.type = "bridge";
cluster.type = "bridge";
core.type = "bridge";
mgmt.type = "bridge";
priv1.type = "bridge";
priv10.type = "bridge";
priv11.type = "bridge";
priv12.type = "bridge";
priv13.type = "bridge";
priv14.type = "bridge";
priv15.type = "bridge";
priv16.type = "bridge";
priv17.type = "bridge";
priv18.type = "bridge";
priv19.type = "bridge";
priv2.type = "bridge";
priv20.type = "bridge";
priv21.type = "bridge";
priv22.type = "bridge";
priv23.type = "bridge";
priv24.type = "bridge";
priv25.type = "bridge";
priv26.type = "bridge";
priv27.type = "bridge";
priv28.type = "bridge";
priv29.type = "bridge";
priv3.type = "bridge";
priv30.type = "bridge";
priv31.type = "bridge";
priv32.type = "bridge";
priv33.type = "bridge";
priv34.type = "bridge";
priv35.type = "bridge";
priv36.type = "bridge";
priv37.type = "bridge";
priv38.type = "bridge";
priv39.type = "bridge";
priv4.type = "bridge";
priv40.type = "bridge";
priv41.type = "bridge";
priv42.type = "bridge";
priv5.type = "bridge";
priv6.type = "bridge";
priv7.type = "bridge";
priv8.type = "bridge";
priv9.type = "bridge";
pub.type = "bridge";
serv.type = "bridge";
up1.type = "bridge";
up2.type = "bridge";
up3.type = "bridge";
up4.type = "bridge";
};
model = "pc";
role = "server";
};
};
sshPubKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOFs2LdK23ysS0SSkXZuULUOCZHe1ZxvfOKj002J6rkvAaDLar9g5aKuiIV70ZR33A2rchoLMiM4pLLwoSAPJg1FgIgJjU+DFoWtiW+IjzKXdHHVspb2iOIhpfbfk8WC5HZ/6fPz4RUqadGQ43ImnMhSN0ge3s/oM48hpc96ne6tH+mGiugdPx8097NE9yTqJHi8deBhi3daeJH4eQeg66Fi+kDIAZv5TJ0Oca5h7PBd253/vf3l21jRH8u1D1trALv9KStGycTk5Nwih+OHx+Rnvue/B/nxgAz4I3mmQa+jhRlGaQVG0MtOBRY3Ae7ZNqhjuefDUCM2hwG70toU9xDUw0AihC2ownY+P2PjssoG1O8f/D7ilw7qrXJHEeM8HwzqMH8X4ELYHaHTwjeWfZTTFev1Djr969LjdS1UZzqCZHO0jmQ5Pa3eXw8xcoprtt620kYLTKSMs6exLstE48o57Yqfn+eTJDy7EkcjiLN6GNIi42b9Z73xXNpZx1WR9O6OulJf/6pWgrApasvxiGmxxILq98s1/VnZkOFXR8JXnpvKHEIOIr3bFQu3GLCrzY2Yuh4NL5wy6lcZNTr/0rr6AO24IbEWM7TApbXnKA5XQhAbThrVsuFBdT3+bBP2nedvWQ0W+Q6SUf+8T2o5InnFqs5ABnTixBItiWw+9BiQ== root@server1"
];
};
}

370
config/switch.nix Normal file
View File

@ -0,0 +1,370 @@
{
site.hosts = {
switch-a1 = {
interfaces = { mgmt.type = "phys"; };
links = {
iso4 = {
ports = [ "1" ];
};
priv25 = {
ports = [ "2" "3" "4" "5" ];
};
priv31 = {
ports = [ "6" ];
};
pub = {
ports = [ "8" ];
};
switch-c1 = {
ports = [ "7" ];
};
};
location = "Saal A";
model = "TL-SG3210";
role = "switch";
};
switch-b1 = {
interfaces = { mgmt.type = "phys"; };
links = {
ap23 = {
ports = [ "g10" ];
};
ap8 = {
ports = [ "g16" ];
};
c3d2 = {
ports = [ "g23" ];
};
iso1 = {
ports = [ "g2" ];
};
iso2 = {
ports = [ "g3" ];
};
iso3 = {
ports = [ "g4" ];
};
mgmt = {
ports = [ "g1" ];
};
serv = {
ports = [ "g22" ];
};
server1 = {
ports = [ "g24" ];
};
server2 = {
group = "1";
ports = [ "g12" "g38" "g39" "g40" ];
};
server5 = {
group = "6";
ports = [ "g17" "g18" "g19" "g20" ];
};
server6 = {
group = "8";
ports = [ "g5" "g6" "g7" "g8" ];
};
server7 = {
group = "7";
ports = [ "g9" "g11" "g14" "g15" ];
};
server8 = {
group = "5";
ports = [ "g35" "g36" "g37" "g13" ];
};
switch-b2 = {
group = "3";
ports = [ "g25" "g26" "g27" "g28" ];
};
switch-c1 = {
group = "2";
ports = [ "g29" "g30" "g31" "g32" ];
};
switch-c3d2-main = {
group = "4";
ports = [ "g41" "g42" "g43" "g44" ];
};
switch-d1 = {
ports = [ "g34" ];
};
};
location = "Haus B Souterrain";
model = "linksys-srw2048";
role = "switch";
};
switch-b2 = {
interfaces = { mgmt.type = "phys"; };
links = {
ap1 = {
ports = [ "GigabitEthernet 1/0/8" ];
};
ap11 = {
ports = [ "GigabitEthernet 1/0/10" ];
};
ap15 = {
ports = [ "GigabitEthernet 1/0/12" ];
};
ap18 = {
ports = [ "GigabitEthernet 1/0/18" ];
};
ap24 = {
ports = [ "GigabitEthernet 1/0/34" ];
};
ap25 = {
ports = [ "GigabitEthernet 1/0/35" ];
};
ap29 = {
ports = [ "GigabitEthernet 1/0/36" ];
};
ap30 = {
ports = [ "GigabitEthernet 1/0/22" ];
};
ap35 = {
ports = [ "GigabitEthernet 1/0/23" ];
};
ap37 = {
ports = [ "GigabitEthernet 1/0/39" ];
};
ap39 = {
ports = [ "GigabitEthernet 1/0/17" ];
};
ap40 = {
ports = [ "GigabitEthernet 1/0/21" ];
};
ap41 = {
ports = [ "GigabitEthernet 1/0/37" ];
};
ap42 = {
ports = [ "GigabitEthernet 1/0/6" ];
};
ap5 = {
ports = [ "GigabitEthernet 1/0/7" ];
};
ap51 = {
ports = [ "GigabitEthernet 1/0/13" ];
};
ap53 = {
ports = [ "GigabitEthernet 1/0/15" ];
};
ap54 = {
ports = [ "GigabitEthernet 1/0/38" ];
};
ap55 = {
ports = [ "GigabitEthernet 1/0/19" ];
};
ap56 = {
ports = [ "GigabitEthernet 1/0/9" ];
};
mgmt = {
ports = [
"GigabitEthernet1/0/1"
"GigabitEthernet1/0/41"
"GigabitEthernet1/0/42"
"GigabitEthernet1/0/43"
"GigabitEthernet1/0/44"
"GigabitEthernet1/0/45"
"GigabitEthernet1/0/46"
"GigabitEthernet1/0/47"
"GigabitEthernet1/0/48"
];
};
priv1 = {
ports = [ "GigabitEthernet 1/0/3" ];
};
priv19 = {
ports = [ "GigabitEthernet 1/0/40" ];
};
priv2 = {
ports = [ "GigabitEthernet 1/0/4" ];
};
priv24 = {
ports = [ "GigabitEthernet 1/0/14" "GigabitEthernet 1/0/16" ];
};
priv3 = {
ports = [ "GigabitEthernet 1/0/5" ];
};
pub = {
ports = [
"GigabitEthernet 1/0/11"
"GigabitEthernet 1/0/20"
"GigabitEthernet 1/0/24"
];
};
server3 = {
group = "1";
ports = [ "GigabitEthernet1/0/30" "GigabitEthernet1/0/31" ];
};
server9 = {
group = "3";
ports = [
"GigabitEthernet1/0/2"
"GigabitEthernet1/0/29"
"GigabitEthernet1/0/32"
];
};
switch-b1 = {
group = "2";
ports = [
"TenGigabitEthernet 1/1/1"
"GigabitEthernet 1/0/25"
"GigabitEthernet 1/0/26"
"GigabitEthernet 1/0/27"
"GigabitEthernet 1/0/28"
];
};
};
location = "Haus B Souterrain";
model = "3com-4200G";
role = "switch";
};
switch-c1 = {
interfaces = { mgmt.type = "phys"; };
links = {
ap17 = {
ports = [ "19" ];
};
ap19 = {
ports = [ "17" ];
};
ap26 = {
ports = [ "18" ];
};
ap38 = {
ports = [ "7" ];
};
iso1 = {
ports = [ "9" ];
};
iso2 = {
ports = [ "10" ];
};
iso3 = {
ports = [ "11" ];
};
iso4 = {
ports = [ "12" ];
};
iso5 = {
ports = [ "13" ];
};
iso6 = {
ports = [ "14" ];
};
switch-a1 = {
group = "1";
ports = [ "15-16" ];
};
switch-b1 = {
group = "2";
ports = [ "21-24" ];
};
switch-dach = {
ports = [ "6" ];
};
up1 = {
ports = [ "1" ];
};
up2 = {
ports = [ "2" ];
};
up4 = {
ports = [ "4" ];
};
};
location = "Turm C Keller, bei Kabelanschluessen";
model = "HP-procurve-2824";
role = "switch";
};
switch-c3d2-main = {
interfaces = { mgmt.type = "phys"; };
links = {
ap-test1 = {
ports = [ "4" ];
};
ap-test2 = {
ports = [ "5" ];
};
ap2 = {
ports = [ "3" ];
};
ap31 = {
ports = [ "2" ];
};
bmx = {
ports = [ "7" ];
};
c3d2 = {
ports = [ "8-20" ];
};
iso4 = {
ports = [ "6" ];
};
mgmt = {
ports = [ "1" ];
};
switch-b1 = {
group = "1";
ports = [ "21-24" ];
};
};
location = "C3D2";
model = "HP-procurve-2824";
role = "switch";
};
switch-d1 = {
interfaces = { mgmt.type = "phys"; };
links = {
ap10 = {
ports = [ "4" ];
};
ap12 = {
ports = [ "7" ];
};
ap22 = {
ports = [ "2" ];
};
ap3 = {
ports = [ "3" ];
};
ap7 = {
ports = [ "8" ];
};
ap9 = {
ports = [ "5" ];
};
switch-b1 = {
group = "1";
ports = [ "1" ];
};
};
location = "Turm D Elektroraum";
model = "TL-SG3210";
role = "switch";
};
switch-dach = {
interfaces = { mgmt.type = "phys"; };
links = {
bmx = {
ports = [ "10-19" ];
};
mgmt = {
ports = [ "1" ];
};
serv = {
ports = [ "6-9" ];
};
switch-c1 = {
ports = [ "24" ];
};
up3 = {
ports = [ "3" ];
};
};
location = "Dach";
model = "HP-procurve-2824";
role = "switch";
};
};
}

395
config/upstream.nix Normal file
View File

@ -0,0 +1,395 @@
{
site.hosts = {
upstream1 = {
forwardPorts = [
{
destination = "172.20.73.45:80";
proto = "tcp";
reflect = true;
sourcePort = 80;
}
{
destination = "172.20.73.45:443";
proto = "tcp";
reflect = true;
sourcePort = 443;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2325;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2399;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2327;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2338;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2339;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 40533;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 61699;
}
{
destination = "172.20.74.210:22";
proto = "tcp";
reflect = true;
sourcePort = 2222;
}
{
destination = "172.20.74.210:443";
proto = "tcp";
reflect = true;
sourcePort = 8443;
}
{
destination = "172.20.73.47:22";
proto = "tcp";
reflect = true;
sourcePort = 2223;
}
{
destination = "172.20.73.48:30000";
proto = "udp";
reflect = true;
sourcePort = 30000;
}
];
interfaces = {
core = {
hwaddr = "0A:14:48:01:26:00";
type = "veth";
};
up1 = {
hwaddr = "00:23:74:D7:2D:7C";
type = "veth";
upstream = {
link = null;
noNat = { subnets6 = [ "2a02:8106:208:5200::/56" ]; };
provider = "vodafone";
staticIpv4Address = "24.134.104.53";
upBandwidth = 52500;
};
};
};
ospf.upstreamInstance = 3;
role = "container";
};
upstream2 = {
forwardPorts = [
{
destination = "172.20.75.9:1194";
proto = "udp";
reflect = true;
sourcePort = 1194;
}
{
destination = "172.20.74.210:22";
proto = "tcp";
reflect = true;
sourcePort = 2222;
}
{
destination = "172.20.74.210:443";
proto = "tcp";
reflect = true;
sourcePort = 8443;
}
];
interfaces = {
core = {
hwaddr = "0A:14:48:01:27:00";
type = "veth";
};
up2 = {
hwaddr = "00:23:74:D7:42:7C";
type = "veth";
upstream = {
link = null;
noNat = { subnets6 = [ "2a02:8106:208:e900::/56" ]; };
provider = "vodafone";
staticIpv4Address = null;
upBandwidth = 52500;
};
};
};
ospf.upstreamInstance = 4;
role = "container";
};
upstream3 = {
interfaces = {
core = {
hwaddr = "0A:14:48:01:28:00";
type = "veth";
};
up3 = {
hwaddr = "00:23:74:D7:42:7D";
type = "veth";
upstream = {
link = null;
noNat = { subnets6 = [ ]; };
provider = "starlink";
staticIpv4Address = null;
upBandwidth = null;
};
};
};
ospf.upstreamInstance = 7;
role = "container";
};
upstream4 = {
forwardPorts = [
{
destination = "172.20.73.45";
proto = "tcp";
reflect = true;
sourcePort = 80;
}
{
destination = "172.20.73.45";
proto = "tcp";
reflect = true;
sourcePort = 443;
}
{
destination = "172.20.73.61";
proto = "tcp";
reflect = false;
sourcePort = 53;
}
{
destination = "172.20.73.61";
proto = "udp";
reflect = false;
sourcePort = 53;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2325;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2399;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2327;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2338;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 2339;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 40533;
}
{
destination = "172.22.99.253";
proto = "udp";
reflect = true;
sourcePort = 61699;
}
{
destination = "172.20.73.47:22";
proto = "tcp";
reflect = true;
sourcePort = 2223;
}
{
destination = "172.20.73.48";
proto = "udp";
reflect = true;
sourcePort = 30000;
}
{
destination = "172.22.99.175:22";
proto = "tcp";
reflect = true;
sourcePort = 2224;
}
{
destination = "172.20.73.53";
proto = "tcp";
reflect = true;
sourcePort = 22;
}
{
destination = "172.20.73.55";
proto = "tcp";
reflect = true;
sourcePort = 5222;
}
{
destination = "172.20.73.55";
proto = "tcp";
reflect = true;
sourcePort = 5223;
}
{
destination = "172.20.73.55";
proto = "tcp";
reflect = true;
sourcePort = 5269;
}
{
destination = "172.20.73.55";
proto = "tcp";
reflect = true;
sourcePort = 3478;
}
{
destination = "172.20.73.55";
proto = "tcp";
reflect = true;
sourcePort = 3479;
}
{
destination = "172.20.73.55";
proto = "udp";
reflect = true;
sourcePort = 3478;
}
{
destination = "172.20.73.55";
proto = "udp";
reflect = true;
sourcePort = 3479;
}
{
destination = "172.20.73.51:22";
proto = "tcp";
reflect = true;
sourcePort = 2225;
}
{
destination = "172.20.73.58";
proto = "tcp";
reflect = true;
sourcePort = 25;
}
{
destination = "172.20.73.58";
proto = "tcp";
reflect = true;
sourcePort = 465;
}
{
destination = "172.20.73.58";
proto = "tcp";
reflect = true;
sourcePort = 587;
}
{
destination = "172.20.73.58";
proto = "tcp";
reflect = true;
sourcePort = 110;
}
{
destination = "172.20.73.58";
proto = "tcp";
reflect = true;
sourcePort = 143;
}
{
destination = "172.20.73.58";
proto = "tcp";
reflect = true;
sourcePort = 993;
}
{
destination = "172.20.73.58";
proto = "tcp";
reflect = true;
sourcePort = 995;
}
];
interfaces = {
core = {
hwaddr = "0A:14:48:01:28:01";
type = "veth";
};
up4 = {
hwaddr = "00:23:74:D7:42:7E";
type = "veth";
};
up4-pppoe = {
type = "pppoe";
upstream = {
link = "up4";
noNat = {
subnets6 =
[ "2a00:8180:2000:37::1/128" "2a00:8180:2c00:200::/56" ];
};
provider = "dsi";
staticIpv4Address = "81.201.149.152";
upBandwidth = 98000;
};
};
};
ospf.upstreamInstance = 8;
role = "container";
};
freifunk.ospf.upstreamInstance = 6;
anon1 = {
interfaces = {
core = {
hwaddr = "0A:14:48:01:14:00";
type = "veth";
};
};
ospf = {
allowedUpstreams = [ "upstream1" "upstream3" "upstream4" "freifunk" ];
upstreamInstance = 5;
};
role = "container";
};
};
}