zentralwerk/network
zentralwerk
/
network
12
4
Fork 2
Code Issues 5 Pull Requests 1 Releases Wiki Activity

switch-ds1, switch-ds2: deploy

This commit is contained in:
Astro 2022-09-16 18:39:06 +02:00
parent 52ed3f3b9e
commit 186c9e6db3
5 changed files with 344 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config/net/mgmt.nix
View File

@ -96,6 +96,8 @@
switch-d1 = "10.0.0.13";
switch-dach = "10.0.0.17";
switch-b3 = "10.0.0.18";
switch-ds1 = "10.0.0.20";
switch-ds2 = "10.0.0.21";
};
hosts6 = {
dn42 = {

137
config/secrets-production.nix.gpg
View File

@ -1,71 +1,72 @@
-----BEGIN PGP MESSAGE-----
hQEMA2PKcvDMvlKLAQf/TbiQ8YxFmvGbvToa+mSrXZGIkkWZRyy1QabSzJCxKmJU
jPTij+zVuaSpnl1MVkag+LR9L+UYATgLn9qC4EZTAPzghCJVPyMKUFelhVRZHrk3
21JRG4nMBGBelTQOSCdgy7iEUeWy8DQez2IFv4usTPzDXo3F5pWk8mPWdMCllS/q
RMCCbMAPYeEmcc01pSuET2vrf7C4+nUjJWvdzWM6ABoW06AJALxOCJLqCSTwAM1f
CK4NnP3BVbjOJmtFUFqCXj89Oj8r4f6Ks4tQpKox1a8vwQo3Dqi84V/E8MWNuwrE
mGmBbf6D2nBV6NO6B3Ylp5LEFBO3v5SFh7YKKpdDuNLqAX9RNPXehTsgion+Iw6W
LlD/786ieiCQ5gj8ucsMtx42/f038Kx9W3cIPFWIe2M9J66KxbvooUYtCL2M29Um
QCej85fLEVLsedYIiIrDlXBPiNnkkAn4FLkfTdRFa3Ybqycai83ecfgp/Ij44QrA
M18rdgw9EsYAPJdp2wfZdaBMaVssjSUUIxRPY+0jMyFIAaWFsB19cnomXR5aMzWt
1ol5TuUQPXjkMOUIWMdUHAxmBPQMtftbyGlpWkjNeMVk48nAIwHwPW5Ig1x5BlZx
mcEfIHu8xbpzRqvAUvZqq27h67aNwB1lXXJd9kVL29U47dwiNbvR4ALEuS4NO5l+
Jqar/sPBjTYFxsUd1YjhWp+SznwPWatskyeAUphSCG6I37MW0ehstvjtMb9N7yMT
KBiQpI+FZnnsFNAtYs9AfmoGdo34yIhXicQ7wUVXoaE9RpiXhP0NUuM5URL1TMXn
l1lIBfXBBugNhicxQLhQRhWJr8KuusADdiuFJMh/tBvMJgPV6DwgJASQacgVcCWP
P/yEhVVptKii1FL48ahPopELZEGnBP2xV+vBdI9hZKRVSbmTkhckwXj3OyivhczY
S17zrbTXMprYz1enmt5CuDHCXfqBBhUvLEs0mVgAVihVloEwfZFfdh5L4WopG3kM
hmt5UMPOJGAf0aKG4Q5FBXF/38yAMWEsuljIoSqJd6XYb7a40Cg2UUF1XXVU+9xQ
FkQEPyeyh3extR5Yh5f1tWfrktnPtD5n0w7zgkR4M77CXCj3nYZqLAsvlFGQDu8/
kBLg5bybl4IguDYDKy0ZTgyF0crk6UI5nOPL7cbbXYnurSorbc140sZZX4N/WVNm
1Z+aEkg8gy0YaupC2xiMdBXLK/ZDSm1jaxGbkmIs5O0nwgkjpXmxXHIXUjmGHCVs
OIW7a4j7yzVOYeHqtDRfYuQWtpHo4j8CB4wBzEt2NsLqmwnIPs+PwBzi4nS8ylG9
BDOS7F8eYXEb7RE5eoNsIbHufla9LMGPbk/7jmvDgGCcoaGBZXQMypRNmc/N+y/U
JvON7csCFEb34H0MVnkTSXjqPezEVoIz+4eNC4kRJOfrEJ4JJCoE66zgrcCzzRQ8
s3X8xgcBUITCD1CCKOEGvL4AccL89D7eBwVrToK1F+oG1N7nLK4u6rPuaNeFSa+S
PkqhncDXy/5yQusWrepseqyZYTGS7WM9UumzYYmkKjkoEsn5YUZ4u9gfgO7YJ5Dp
xLo90bIRigUIJTFupIzgDKwPeyQ3L1H8fT93LrSTvqgETxoA4y68O+pOb//cldwl
dOT1W9GjagV8kEjg+40Is+db2tDoxSzECXgfIuI2DcZNiqsiQu4jgcaAOtwBRHUB
1+oS+LMNo1QYEC9BzIWQ6RXUX7QFO0Ohk//bp0Z4IMicdhV6MIUuCXjg7/KJuQUH
VreQJQ06LauL2dkH2MekstQhhGjDrvNevlU8nf2/s+eyE47LwbJeWFDauH8BG/k7
0lqAgun11aucEphylfhEXrenIJE5gXzQU2sh0uzdZix3teqWLSE0SFiInKewacUP
pRRcKnVtsQjucTU9VR5RJTnNnEYyLiw0OOBhBPnJcqEu3EZeC8qQ05ohF9/Tund/
SPQ+MdD3oL29pvwS5TxUqnBTjUCfcvr9LH8xS8XLb5u+EoINYM42ik0l4mn5C7t6
hdjHkfawFp1/8ItEs9F7nD79i6dHs1iQrztBjTonZibROWRcsbXye5ygbKc/oq1n
uA3YAPosrdr8ssX2ofm2QWSAuZqehzWeUan8glAazMZODLXOFx3/vWWSyCqBD6xK
QAm9Yk+N9pp4UqG4xcWjZAzt62y9NSIFyARCKbfvBS7h5Obb04Iqzjilo4DQbfG2
yqCT/F4Q+OYO/Ko/gKvkrZkIZ+jVg1vLXOCmcNETOhEyod4zfDAKVoGHl7ZOZMBs
ZYplzxSxBWnZWDKcAcxG3vc6nvZIOk3QINoCpL2qmKyWl91MV3Jha4MfCQeTHCPu
Ym0JTZ1KtW+gFAcHJWr4SxpdINHL9G2oz42djCYicNRTJdrrKTluZKUa/D4+fSw9
3v+ERM6MmYvczZw7aac3Dg1xMEJEgwA/OCihO/qKK5BLkQtTVfuXAySlBDYGZ4b6
5+1ehZ8ZTp4ne1kisdIeCxx880bOTeS0EJzF0NReXTebHRd3OrSG8AREgXka9Or9
vUX1ODN5up7sQIk38IcG4X5ibOm/jEfRrUiu7RIjSfoBCJkR5jhPKPBrPzBiyVMS
i8mKnQxPbyRcGHMEFtVEsBduz3nmw/U0x8n2RVBbptVd0K/ff79da8VxkdNn/c5x
5up/g03sf2YVqLHJNH1FP95BobtoYtcPk9tXCvBOl5ru5s8T0GQ6LTMvfWOgzMwo
V/Ph1GbpWYr9qXvVO3/9ysnlxLTTOjKUVCnOA3hY2eXgIUPPB0nEwVMe8JzXF8z7
81rT1B4HV00yrRZs7gMzLUcBa+0GeM6X0F0D2Sxx5rsGzQRTevvCMwWBDBCLgtMu
Z+fwPghO0KuaKVqrPXdBLwGf7L+hwVED+9r0bXTulHpbs2SbYrr4tM1jt5E+kkDf
OSXeVX/ACgsYgGUJgW3/URYuLD6lWk1+Ir9iat4Y3PEnkWo+H4X3Qtabxw5IOlUF
hQy07O/omjwlhK6jd9u1PGw2KSXOU24Rjmj4OPZ94g4nUulbyY7YEVj5QB/dhOKe
m2ilIxk57oJAblzW50Oyl6dp6TY4S6sqwGJqEiCpdU4WhRRQKXGdtHOVpOxWq3cO
tET8l08INpboRFv2kySko/luzWgIDB68HI7EWBUTBHzkbAg41jvzbzAVLUuN2FyI
Vn8QGpxDtwHa9CQXNSlj0aiMleZ64TC7X8BlcsvNSUPQk0k1Mc6fnSywsbo85nGj
sql7U7R0TXkrkTgHKphnJJhqufixZs5Ha2f+T9hfEq9yMpmehXh3+aFvcmBZ9gNq
h/aQ7qpNWjiUYj7ocuAwOcfxr18UlmzFB/euv/fFbklfCwB3LEMHRTj7v48DndbW
zPHTwnJdTA81JP1KRQaf706i/Vnko3SwTHtrHbcyXnUrV2z+yS9pRn9qK57zCgRJ
qkAcr49BqDgV6h+BGE+xtcUm+ukfcJ9ptDA28qEeLtc/pBGL5sLxgSyZ+XOIBdU7
R9t7cWIkG3vu8b5t/h6/UHAkpzlj0mrTN/V0+qnam9UjBcPwAvYk8whhxw1vm4Rf
JQSaEfSzdhHuA2WTLD0PU1hfz73X8GjciQwJLh4If4EzIbPMN7Ma8e08gkyIshCJ
5MRrrBIClkwPZwk6jYZIWKFTRjMp2HTKaae0kAuhbB5aMa9gtBz6yvw5pj9O2eYs
dr4LZRYRLF49i7fyjgstq7qzxKhc0rzFzOY8uHPCTKwQRmn9cm0T7I95clA851zK
sDqcwLKklmsmZNSmy69AvbBNHS2IFigkl+4L9Xl0mUS8lBcHSoc09j803hDDjb7s
qEkRWKgK0XLywTL58wJWPLwAZDTGmt60QkO5YIMHN4Y0k+V+UC5nDEZDoRu3D1iI
Qx/RtGfVOoDIqq94vdLAdcxRIQGosFaPwov94IAp5hv3Tpqes/1psQWh707e+XvE
417rqVT01rumD/qNy9PIkElwpcaKqHcN/BnAN+YgndhOAfNLd1IMx0GzRzwolpUv
d5sWvR7zVRnI4hUcUMVLFWu8OHidUK2Y3wO5AIWihj/dyM6ZVVmO4+YgIT4c9nZU
ndlXahBeML6FgNWgOJzIHO4+RyH/6JVot24+b48AMJ00UHJFO7YmR75NiKznX8bR
XRCPnIipzhEhlsbaAcdNm7tSeR1R6zMXeAgBRTNZvFVjtesHa/jBFn9YtKoVuEcM
72Sv31BdTZSODPGSeIxS9p2WvKndYi3UcKuQwnfVQa4ePopvAnIJ
=M+e1
hQEMA2PKcvDMvlKLAQf7BaGnH9Sd9+ybgvMSSTwWpyx1/phUuumCG+AAn053/n1h
cyGBpazoGpmgjFRz5BHuYLPAvjgBLn+5l5xGzssEYLhw4y+9ZlOJFGvXDKPvWQsR
z7SYX7/J2szqWoE+I+jOEY5DDX+lVXPzGnX+B3VoBh16716myB6yWWr9EUSQucxz
4aNcSG27qR+a/DslhA7P0AuMKe0ZOSFuiB4WN7SFukgOjqI7GjIk6nrHsGMFMPYn
LpjrRwaolNp04N5PtBqARZvYX1Tvaz1b33Vxm+VDvNiE+A4x/WzZhnKTS8ynWZ6A
TUO5Epwg0PmYTa44AwgfC9+e6OlisWA8voojAY0p59LqAUeyJwu0U4gfVYRQMXFa
IQsIneufAwOG3tVnucRynMcs1I8SjHy0IYqNmnmTq8uZXV7LujTyR9gfNptE5WPv
Xjay6uVXFQZZzSV4PFTtrgWrS69X/4nustUgk5hqh3YrTce8aQmAWs0hqmM2Hpun
NY5HZVi1+BrAYp/OarWM4NycxM1bnXjIdDeOt/3RBfnthG5xo4mJlETS1Z0TJAfb
jIoHFpLsu6TkpZdBRd9anMsjsocl+C082HrDGIiFWwCiF5Mt67z3eApixbLe0wUv
IU9AfXvuHPmqRQ0Pe0u7Enqggy6A/ePZJXOerjmwcb/rgryCGWoVIFQZaEkLldmA
FPaLt/qv8hjp/MaIFljBlge6eUl44rAy29HuRzp8lMJLXv47bxeBPiocEgbn3ZNL
SXsqAdVxBk6OwToUrQgKsuNmGaABTiL3QH/ctD9cLIZXgLUMPxomSzyqwO/XLE7C
2mVP5s8ubkORI7O2cTnBAK9wzUKT6JgNtw9MiMYNfvrh1+av9JgPBkkU+OOnuCHk
FK4lnmTZs/KrrgmZzGG9oP+0dtJviJn2o9hZle7dr5OPsvp2VktSsA+HphuET3xM
e7vuvTY2X3zlTmClW5oeP7J2b9i+XbzqeRvIqSj9C6pbcW3CrQmIgPIyvy4zL6rd
eDlIc87Ju0hn0eU5qD21+6TOcAl67xVzTh9HB2igZgOJfFXiiL/DjvqSlgc6Amjm
RNtc+h2opRAoX3CNtWElyOu28kqrgB692nqpzW7C7F8jZZuTpJsW47FXKNTrvr/9
pJ5fgIMdZoBf/kz0VOOB2WYGEJ6dAyALFIFC++m1bmMe6kgVhLBq8ikxmxTh5PY8
sLccesTu0Pz+CR3HknPtAZ3nmqAIfsyMrOYcOAp5EwdqIXka+p3Ye0+JpIkjsX+L
ta8I687GCKiGSPtbwHBoW+vn7JHd/h7aB47bbX2Ze/zibkgs7OFa193qBy9yyBZp
6rvdT6W+UTx25Y/HXIU6l+FoUXOcMgW0+IeAK3+zV8qbXAkDhwWUs21rQuwR3v6D
Rz5jCgG1S6z1G4mFd+itueg+z3MDDRhXp1XgKl1ZZe0RJUFi4MG34I5svKq+J+b2
Yh6CSLXK2di2ovQ11qVnSEH+h95r1QqsMQ8nyk+ei/l3wYBdKBZ3QN6IkYU7bfhB
xZm2kvwZBiD1JWFHj5PhYvHWRMW3ahVxfKDXow6gdWWHkpT9gbHtQf5pBBN2aDLD
BxCImbQ7MUYiO7+uz8xdgo08sFasDwbklJBSN/n9pK2LUIoPrxjvFx4ItfT/Mx67
NvZE/HirlVFIlMK8vcsRT5TnSBWphkUuPQ9I+usc+d6PawDW03MBBDhKP5CEpCnV
Ieq5g89POMPbmbWCKXhu/FSQrCReFpjK5o2ezabgI0Nvqxy6ZKg61VRhd5sg6Uim
MZVS7v3dA5v76T8+VkjeX7KpOat20Cbb6PF2OY61C1msF0Dr+1pXFRRFfveQJ6PL
iENUJghjSOYTBOjz5ycRLY72qnVuhOizkP2GR8f33JttP9gsZvYrnFYGV/Et+jIn
MBIWWAFsZ8GvENIaJYcTMUScCO+e00+y2IkxPP48IHQy6zzVkiMflWH7pSINRYKy
LaZVX5Q4T5b2vijnj87LhtfLDRBQ1dx6fjZCS2aURssxlWHnlX28+1xFzVdxtnTH
89ucch3d7zn2sCG66JGqE3L7xIvEo3eVcJ44aM9hyMQTggFnulTuTp9fxlJP7Q4Y
Cf7dblOwBLGIDvlJID5NgHP9WLspFGXgHinFZpGUsGJF7EkNGZZXJRqxXf+wd6zi
JUsP/69SnEH1Fe318ZyIBEK5dLR/L/cW49Ms/rTLA1sR8Yxwkrb9nO40OSLBPTbi
aZciYK+NSJiigrad75d0HWGkS7SDKzEp3mnPLUnH4H9+MF/fRrViE0Hi9bzAY3eZ
/gGFLVaMRCbRNEcXkhBVrz51yPsIGs2dbW2PLvxPbVSql/9/JsEcpT1c3kyJf6f0
GZ7MWseBwVof8yv+FlnEQrdqKVPdenH+M3K9GNh4YnACz3d5wXaG5nziPzW2ze73
5TYJ9cln9FNFmSg0nPbFxlRvUVPLB2NdH3FLG1KcAXr0CniPk7tZOBD1WB3xUbA4
bOSY9t8w5RTj6ATQ8b1tbI97w+BzM/+BFiIaume8PAQ4LwxGGZohLDDpYgF29AGO
A/JDMOhdplnWfmg6X32yAYrY2QlbspRciHvUaw7otogIhipvacMQoh5Ucb0ZJCHo
dGByqsZom7Tq3mBJn15oS/c2lTwiBL7ZyPeElmx6TP8bi/kvvu/G2PeDdPgPQdZ/
ExWUA0xUPoPJpDI9/BIBRH5+vR5ay8P0XHZ09MSSM/Iqzf+3TGCDHXxwNhP6zbkx
9mWR7rKYYoZz5mO2S6Bcz/cbMLalFfl+3N1UmfiJNVUuCjDAiY6SiyHf0c2Q9CxL
okrFgMS9hBZuCHBJbsBAzePZDYZBfq9o3ZWmRFJPBMx/x54fGLSnIB5nJ1YZUlvg
0bBsdt7Im6wITYUSkMcirm14dSVOvodSVCk3twmCLs14FG3RPojMf7ZemVjyvBXR
GQcTdKEwZaIEMRDL5tiVjZ8062inhRn4oqrcuhSYfuBP0oSOPeXnbOwj25cP6eHk
E7Y7CnifoNUJ0gADJUJJQCasF0Y9KzM8wzRBfBvcTlSvBJhUp0f37sPjYzt1vo8n
Z5E2MmEtzGEA+94/l2SdMib76SG4R4k1M56+eKb28EvGC8cdhLC8Yx8gURCnb+BM
AMAcXPE7VBm/cULO2WmJZV2evHjjtQlnpD10yTZD2SVEKW5MKE5y3gHE3UOI7TaA
KW2bKqRA60jJ6NMAYX3Yb+o4BQErtXcv4ObKnLCbHrrOb/0YPFWwjLAdx39sR8Bj
i+YQ4+OQMCFqzErHWs5OQ4PpDqeetNs33LukzJ7SnhMgzlG8d3Q12mwKHSBGb+1I
uKWQN1ygyQtKDieTNocxhZvBstqJJTS9EVZqNFyIauiVhG55g198WF6LYid4dE+4
UakrcA6pzSYg+ajpHceHDQzcdN/hwpHTeFvKCrDTdpT/pMJIVsurDVMqaSRXw0KP
pMW1ZpcJev8+BV/RZJFR+LQsc1AOQqNMlnTXXuwQclrYatgf8WsA602AuRi7OWaV
oWwXJUu02j6WQxtsJR4uKEruZszL8iJQzesbX3DcfzV5JFIz8leJ0Kg97F+fWd17
bYwv6RSHplAPEgZJ+SFjvB4YxG9uJxHZ3CAVkA5t2Ho6Wj39c6BjyLR0K5fWyPQ/
e8StxFgprC9RlAy6C/gqhOrF/9HJdux0JZgDhgv48fqZdy1yhOmX+lT7PWlX5de5
VX33gRUrC2rGDHmtIACjXPSGCDLueIQtNQj+8TU5edHzs58If7OCyf5HM/COBX7W
wNHKwMsFCFgSX1xcO4RYW0/3Zi4jfALVkBTU9qZERZ1at05CKlJbtuSncxIIGF5C
PcT5gvhV8gUoqBQD93mmj6JGBov4A4DoRluqs86OQTxreUFOMR5hHJCSKmQCNDq7
4dbOJ9MLlN6wUv4Gc0c+cmxPFK55mOU/7df2pzKp63SHibRSlrW3ln85Ue1x2mUn
YG7l59Mkq7qAEX7BavmszxyryFYI1Za8e6J8eeFcUOoSZxCA3XG3I7uExyIKUXwP
CdZlsOESVJCaBYhNsYTP+/oXJTTAwdHu9SpeZA4trZufusEKJknbdmmswnLJZTfZ
Urn59p30TpenzQzwAD4tz9RkiktbYJfaRzI0nUvMVEk39hdvjLPqqRy8p0kQvF75
+B6J4ax86MaejPZZtApi/7OTo6zHwtcTEex1hC7mWcD03n2wOIiIHpDuxhim5gys
EMFdfjlpytZ9iE8rR2AUD4byRfQmdBLIqlFQCR1Ml8jalPXC2cqDojh0rNd/ZVlW
F+zghrNGinwfraIsw0onBw==
=4c3i
-----END PGP MESSAGE-----

2
config/secrets.nix
View File

@ -68,6 +68,8 @@
switch-c3d2-main.password = "encrypted";
switch-d1.password = "encrypted";
switch-dach.password = "encrypted";
switch-ds1.password = "encrypted";
switch-ds2.password = "encrypted";
upstream4.interfaces.up4-pppoe.upstream = {
user = "encrypted";

94
config/switch.nix
View File

@ -8,9 +8,16 @@
links = {
switch-a2.ports = [ "7" ];
priv25.ports = [ "2" "3" "4" "5" ];
# Panel A2: Foyer
switch-ds1.ports = [ "3" ];
# Panel A6: kl Saal hinten
switch-ds2.ports = [ "8" ];
priv25.ports = [
"2"
"4"
"5"
];
priv31.ports = [ "6" ];
pub.ports = [ "8" ];
iso4.ports = [ "1" ];
};
};
@ -286,6 +293,87 @@
c3d2.ports = [ "20" ];
};
};
switch-ds1 = {
role = "switch";
model = "3com-5500G";
location = "Foyer";
interfaces = { mgmt.type = "phys"; };
links = {
# Public
pub.ports = [
"GigabitEthernet1/0/1"
"GigabitEthernet1/0/2"
"GigabitEthernet1/0/3"
"GigabitEthernet1/0/4"
"GigabitEthernet1/0/5"
"GigabitEthernet1/0/6"
"GigabitEthernet1/0/7"
"GigabitEthernet1/0/8"
"GigabitEthernet1/0/9"
"GigabitEthernet1/0/10"
"GigabitEthernet1/0/11"
"GigabitEthernet1/0/12"
"GigabitEthernet1/0/13"
"GigabitEthernet1/0/14"
"GigabitEthernet1/0/15"
"GigabitEthernet1/0/16"
"GigabitEthernet1/0/17"
"GigabitEthernet1/0/18"
"GigabitEthernet1/0/19"
"GigabitEthernet1/0/20"
];
# Uplink
switch-a1.ports = [ "GigabitEthernet1/0/24" ];
# Freifunk
bmx.ports = [
"GigabitEthernet1/0/21"
"GigabitEthernet1/0/22"
"GigabitEthernet1/0/23"
];
};
};
switch-ds2 = {
role = "switch";
model = "3com-5500G";
location = "Vor dem Kl Saal";
interfaces = { mgmt.type = "phys"; };
links = {
# Public
pub.ports = [
"GigabitEthernet1/0/1"
"GigabitEthernet1/0/2"
"GigabitEthernet1/0/3"
"GigabitEthernet1/0/4"
"GigabitEthernet1/0/5"
"GigabitEthernet1/0/6"
"GigabitEthernet1/0/7"
"GigabitEthernet1/0/8"
"GigabitEthernet1/0/9"
"GigabitEthernet1/0/10"
"GigabitEthernet1/0/11"
"GigabitEthernet1/0/12"
"GigabitEthernet1/0/13"
"GigabitEthernet1/0/14"
"GigabitEthernet1/0/15"
"GigabitEthernet1/0/16"
"GigabitEthernet1/0/17"
"GigabitEthernet1/0/18"
"GigabitEthernet1/0/19"
"GigabitEthernet1/0/20"
];
# Uplink
switch-a1.ports = [ "GigabitEthernet1/0/24" ];
# Freifunk
bmx.ports = [
"GigabitEthernet1/0/21"
"GigabitEthernet1/0/22"
"GigabitEthernet1/0/23"
];
};
};
};
}

180
nix/pkgs/switches/3com-5500G.nix Normal file
View File

@ -0,0 +1,180 @@
{ self, pkgs, hostName, config, hostConfig
, sort, sortBy, sortNetsByVlan
, ... }:
with pkgs;
with lib;
''
#! ${expect}/bin/expect -f
${if hostConfig.firstboot
then ''
spawn sudo ${uucp}/bin/cu -s 19200 -l /dev/ttyUSB0
send "\r"
''
else ''
spawn ${inetutils}/bin/telnet ${config.site.net.mgmt.hosts4.${hostName}}
expect "Password:"
send "${hostConfig.password}\r"
''
}
expect ">"
send "system-view\r"
expect "]"
send "sysname ${hostName}\r"
expect "]"
send "user-interface vty 0 4\r"
expect "ui-vty0-4]"
send "screen-length 0\r"
expect "ui-vty0-4]"
send "user privilege level 3\r"
expect "ui-vty0-4]"
send "set authentication password simple ${hostConfig.password}\r"
expect "ui-vty0-4]"
send "quit\r"
expect "${hostName}]"
send "local-user admin\r"
expect -- "-luser-admin]"
send "password simple ${hostConfig.password}\r"
expect -- "-luser-admin]"
send "quit\r"
expect "${hostName}]"
# Enable logging
send "info-center enable\r"
expect "]"
send "info-center loghost ${config.site.net.mgmt.hosts4.logging} channel loghost facility local6\r"
expect "]"
send "info-center source default channel loghost log level informational\r"
expect "]"
${concatMapStrings (net:
let
netConfig = config.site.net.${net};
vlan = toString netConfig.vlan;
inherit (config.site.net.${net}) hosts4;
hostAddr4 = hosts4.${hostName};
prefixLength = elemAt (
builtins.split "/" netConfig.subnet4
) 2;
netmask = self.lib.netmasks.${prefixLength};
in
if netConfig.vlan != null
then ''
send "vlan ${vlan}\r"
expect -- "-vlan${vlan}]"
send "name ${net}\r"
expect -- "-vlan${vlan}]"
${optionalString (net == "mgmt") ''
# Actually only used for mgmt_vlan, switches are not routers
send "interface Vlan-interface ${vlan}\r"
expect "]"
${optionalString (hosts4 ? ${hostName}) ''
send "ip address ${hostAddr4} ${netmask}\r"
expect "]"
''}
''}
send "quit\r"
expect "${hostName}]"
''
else ""
) (sortNetsByVlan (builtins.attrNames config.site.net))
}
${concatMapStrings (name:
let
linkConfig = hostConfig.links.${name};
isAccess = config.site.net ? ${name};
netConfig = config.site.net.${name};
isTrunk = !isAccess;
isBond = isTrunk && builtins.length linkConfig.ports > 1;
in
if isTrunk
then ''
${optionalString isBond ''
send "link-aggregation group ${linkConfig.group} mode static\r"
expect {
"This aggregation will be modified to static mode. Continue ?" {
send "Y\r"
}
"]" {}
}
send "link-aggregation group ${linkConfig.group} description ${name}\r"
expect "]"
''}
${concatMapStrings (port: ''
send "interface ${port}\r"
expect "]"
send "undo stp edged-port\r"
expect "]"
${if isBond
then ''
send "lacp enable\r"
expect "]"
send "undo port link-aggregation group\r"
expect "]"
send "port link-aggregation group ${linkConfig.group}\r"
'' else ''
send "undo lacp enable\r"
''}
expect "]"
send "jumboframe enable\r"
expect "]"
send "port link-type trunk\r"
expect "]"
# Set dummy default vlan
send "port trunk pvid vlan 4094\r"
expect "]"
# Deconfigure all but mgmt vlan
send "undo port trunk permit vlan 2 to 4094\r"
expect "]"
${concatMapStrings (vlan: ''
send "port trunk permit vlan ${toString vlan}\r"
expect "]"
'') (sort linkConfig.vlans)}
send "undo shutdown\r"
expect "]"
send "quit\r"
expect "${hostName}]"
'') (sort linkConfig.ports)}
'' else
concatMapStrings (port: ''
send "interface ${port}\r"
expect "]"
send "undo port link-aggregation group\r"
expect "]"
send "port link-type access\r"
expect "]"
${if name == "mgmt"
then ''
send "undo port access vlan\r"
expect "]"
'' else ''
send "port access vlan ${toString netConfig.vlan}\r"
expect "]"
''}
send "undo shutdown\r"
expect "]"
send "quit\r"
expect "${hostName}]"
'') (sort linkConfig.ports)
) (sortBy (link: hostConfig.links.${link}.ports)
(builtins.attrNames hostConfig.links)
)}
send "save main\r"
expect "Y/N]"
send "YES\r"
expect "press the enter key):"
send "\r"
expect "]"
send "quit\r"
expect ">"
send "quit\r"
''