server/network.nix: setup vlan/bridge infra

This commit is contained in:
Astro 2021-03-24 22:23:09 +01:00
parent 9d7d383740
commit 7109ae50cb
3 changed files with 73 additions and 2 deletions

View File

@ -13,6 +13,7 @@ in {
]
++ optionals (hostConfig.role == "server") [
./server/lxc-containers.nix
./server/network.nix
]
++ optionals (hostConfig.role == "container") [
./container/defaults.nix

View File

@ -27,9 +27,9 @@ let
} // (lib.optionalAttrs (ifData.type == "veth") {
veth.pair = "${ctName}-${netName}";
veth.mode = "bridge";
link = "br-${netName}";
link = "${netName}";
}) // (lib.optionalAttrs (ifData.type == "phys") {
link = "bond0.TODO";
link = "ext-${netName}";
})
) (builtins.attrNames interfaces);

View File

@ -0,0 +1,70 @@
{ hostName, self, config, lib, pkgs, ... }:
let
containers =
lib.filterAttrs (_: { role, model, location, ... }:
role == "container" &&
model == "lxc" &&
location == hostName
) config.site.hosts;
bridgeNets =
lib.lists.unique (
builtins.concatMap ({ interfaces, ... }:
builtins.attrNames (
lib.filterAttrs (_: { type, ... }: type == "veth") interfaces
)) (builtins.attrValues containers)
);
ctNets =
lib.lists.unique (
builtins.concatMap ({ interfaces, ... }:
builtins.attrNames interfaces
) (builtins.attrValues containers)
);
in
{
systemd.network = {
enable = true;
netdevs = {
bond0.netdevConfig = {
Kind = "bond";
Name = "bond0";
};
} // (
builtins.foldl' (result: net: result // {
"${net}".netdevConfig = {
Kind = "bridge";
Name = "${net}";
};
}) {} bridgeNets
) // (
builtins.foldl' (result: net: result // {
"ext-${net}" = {
netdevConfig = {
Kind = "vlan";
Name = "ext-${net}";
};
vlanConfig.Id = config.site.net.${net}.vlan;
};
}) {} ctNets
);
networks = {
eth = {
matchConfig.Name = "eth*";
networkConfig.Bond = "bond0";
};
en = {
matchConfig.Name = "en*";
networkConfig.Bond = "bond0";
};
bond0 = {
matchConfig.Name = "bond0";
networkConfig.VLAN = map (net: "ext-${net}") ctNets;
};
};
};
}