forked from zentralwerk/network
nixos-module/container/bird: enable authentication for OSPFv3
This commit is contained in:
parent
c613a081a0
commit
74dc00961b
|
@ -220,9 +220,8 @@ in
|
|||
if config.site.net.${net}.ospf.secret != null
|
||||
then ''
|
||||
interface "${net}" {
|
||||
# TODO: enable when all bird 1.x have shut down
|
||||
#authentication cryptographic;
|
||||
#password "${config.site.net.${net}.ospf.secret}";
|
||||
authentication cryptographic;
|
||||
password "${config.site.net.${net}.ospf.secret}";
|
||||
};
|
||||
''
|
||||
else builtins.concatStringsSep "\n" (
|
||||
|
@ -260,8 +259,8 @@ in
|
|||
# Become the designated router
|
||||
priority 10;
|
||||
|
||||
#authentication cryptographic;
|
||||
#password "${config.site.net.${net}.ospf.secret}";
|
||||
authentication cryptographic;
|
||||
password "${config.site.net.${net}.ospf.secret}";
|
||||
};
|
||||
''
|
||||
) hostConf.interfaces
|
||||
|
@ -291,8 +290,8 @@ in
|
|||
# Enable OSPF only on interfaces with a secret.
|
||||
lib.optionalString (config.site.net.${net}.ospf.secret != null) ''
|
||||
interface "${net}" instance ${toString config.site.hosts.${upstream}.ospf.upstreamInstance} {
|
||||
#authentication cryptographic;
|
||||
#password "${config.site.net.${net}.ospf.secret}";
|
||||
authentication cryptographic;
|
||||
password "${config.site.net.${net}.ospf.secret}";
|
||||
};
|
||||
''
|
||||
) hostConf.interfaces
|
||||
|
|
Loading…
Reference in New Issue