forked from zentralwerk/network
nixos-module/container/bird: enable authentication for OSPFv3
This commit is contained in:
parent
c613a081a0
commit
74dc00961b
|
@ -220,9 +220,8 @@ in
|
||||||
if config.site.net.${net}.ospf.secret != null
|
if config.site.net.${net}.ospf.secret != null
|
||||||
then ''
|
then ''
|
||||||
interface "${net}" {
|
interface "${net}" {
|
||||||
# TODO: enable when all bird 1.x have shut down
|
authentication cryptographic;
|
||||||
#authentication cryptographic;
|
password "${config.site.net.${net}.ospf.secret}";
|
||||||
#password "${config.site.net.${net}.ospf.secret}";
|
|
||||||
};
|
};
|
||||||
''
|
''
|
||||||
else builtins.concatStringsSep "\n" (
|
else builtins.concatStringsSep "\n" (
|
||||||
|
@ -260,8 +259,8 @@ in
|
||||||
# Become the designated router
|
# Become the designated router
|
||||||
priority 10;
|
priority 10;
|
||||||
|
|
||||||
#authentication cryptographic;
|
authentication cryptographic;
|
||||||
#password "${config.site.net.${net}.ospf.secret}";
|
password "${config.site.net.${net}.ospf.secret}";
|
||||||
};
|
};
|
||||||
''
|
''
|
||||||
) hostConf.interfaces
|
) hostConf.interfaces
|
||||||
|
@ -291,8 +290,8 @@ in
|
||||||
# Enable OSPF only on interfaces with a secret.
|
# Enable OSPF only on interfaces with a secret.
|
||||||
lib.optionalString (config.site.net.${net}.ospf.secret != null) ''
|
lib.optionalString (config.site.net.${net}.ospf.secret != null) ''
|
||||||
interface "${net}" instance ${toString config.site.hosts.${upstream}.ospf.upstreamInstance} {
|
interface "${net}" instance ${toString config.site.hosts.${upstream}.ospf.upstreamInstance} {
|
||||||
#authentication cryptographic;
|
authentication cryptographic;
|
||||||
#password "${config.site.net.${net}.ospf.secret}";
|
password "${config.site.net.${net}.ospf.secret}";
|
||||||
};
|
};
|
||||||
''
|
''
|
||||||
) hostConf.interfaces
|
) hostConf.interfaces
|
||||||
|
|
Loading…
Reference in New Issue