nixos-module/container/bird: add bgp configuration

2021-04-13 00:46:12 +02:00 · 2021-04-13 00:46:12 +02:00 · 5aa53fbcb1
parent aed29a54ce
commit 5aa53fbcb1
3 changed files with 61 additions and 15 deletions
--- a/nix/lib/config/legacy.nix
+++ b/nix/lib/config/legacy.nix
@ -135,8 +135,7 @@ in
                bgpConf = ctPillar.bgp;
              in {
                inherit (bgpConf) asn;
-                peers4 = bgpConf.peers-inet;
+                peers = bgpConf.peers-inet // bgpConf.peers-inet6;
                peers6 = bgpConf.peers-inet6;
              }
            else null;
--- a/nix/lib/config/options.nix
+++ b/nix/lib/config/options.nix
@ -229,23 +229,18 @@ let
      };
    };
  };
  bgpPeerOpts = { name, ... }: {
    options = {
      asn = mkOption {
        type = types.int;
      };
    };
  };
  bgpOpts = {
    asn = mkOption {
      type = types.int;
    };
-    peers4 = mkOption {
+    peers = mkOption {
-      type = with types; attrsOf (submodule bgpPeerOpts);
+      type = with types; attrsOf (submodule ({ name, ... }: {
-      default = {};
+        options = {
-    };
+          asn = mkOption {
-    peers6 = mkOption {
+            type = types.int;
-      type = with types; attrsOf (submodule bgpPeerOpts);
+          };
        };
      }));
      default = {};
    };
  };
--- a/nix/nixos-module/container/bird.nix
+++ b/nix/nixos-module/container/bird.nix
@ -13,6 +13,14 @@ let
       else if m == null
       then null
       else builtins.head m;
  enumerate = n: list:
    if list == []
    then []
    else [ {
      n = n;
      x = builtins.head list;
    } ] ++ (enumerate (n + 1) (builtins.tail list));
 in
 {
  services.bird2 = {
@ -138,6 +146,50 @@ in
          )}
        };
      }
      # Zentralwerk DN42
      protocol static {
        ipv4;
        route 172.20.72.0/21 unreachable;
      }
      protocol static {
        ipv6;
        route fd23:42:c3d2:580::/57 unreachable;
      }
      # Static Vodafone
      protocol static {
        ipv6;
        route 2a02:8106:208:5200::/56 unreachable;
        route 2a02:8106:211:e900::/56 unreachable;
      }
      ${lib.optionalString (hostConf.bgp != null) ''
        template bgp bgppeer {
          local as ${toString hostConf.bgp.asn};
          ipv4 {
            import all;
            export where source=RTS_STATIC;
          };
          ipv6 {
            import all;
            export where source=RTS_STATIC;
          };
        }
        ${builtins.concatStringsSep "\n" (
          map ({ n, x }:
            let
              peer = x;
              peerConf = hostConf.bgp.peers.${peer};
            in ''
              protocol bgp bgp_${toString n} from bgppeer {
                neighbor ${peer} as ${toString peerConf.asn};
              }
            ''
          ) (enumerate 1 (builtins.attrNames hostConf.bgp.peers))
        )}
      ''}
    '';
  };
 }