dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

nixos: Add extra VIPs from ColoClue

Browse Source
This commit is contained in:
Jack O'Sullivan
2022-11-21 01:21:50 +00:00
parent 48566d2ef9
commit f9ed1d49a2
8 changed files with 94 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
nixos/boxes/colony/vms/estuary/bgp.nix
View File

@@ -13,8 +13,12 @@ in
# TODO: Clean up and modularise
config = ''
define OWNAS = 211024;
define CCVIP1 = ${lib.my.colony.prefixes.vip1};
define OWNIP4 = ${assignments.internal.ipv4.address};
define OWNNETSET4 = [ ${assignments.internal.ipv4.address}/32 ];
define CCNETSET4 = [ ${lib.my.colony.prefixes.vip1} ];
define INTNET6 = ${intnet6};
define AMSNET6 = ${amsnet6};
@@ -29,15 +33,14 @@ in
define PREFIXP = 110;
define PREFPEER = 120;
#function should_export6() {
# return net ~ OWNNETSET6 || (transit && net ~ TRANSSET6);
#}
filter bgp_import {
if net !~ OWNNETSET6 then accept; else reject;
if net !~ OWNNETSET4 && net !~ OWNNETSET6 then accept; else reject;
}
filter bgp_export {
if net ~ OWNNETSET6 then accept; else reject;
if net ~ OWNNETSET4 || net ~ OWNNETSET6 then accept; else reject;
}
filter bgp_export_cc {
if net ~ OWNNETSET4 || net ~ OWNNETSET6 || net ~ CCNETSET4 then accept; else reject;
}
router id from "wan";
@@ -48,11 +51,20 @@ in
ipv4;
ipv6;
}
protocol static {
protocol static static4 {
route CCVIP1 via "base";
ipv4 {
import all;
export none;
};
}
protocol static static6 {
# Special case: We have to do the routing on behalf of this _internal_ next-hop
route INTNET6 via "as211024";
route AMSNET6 via "base";
route HOMENET6 via DUB1IP6;
ipv6 {
import all;
export none;
@@ -161,10 +173,12 @@ in
protocol bgp upstream4_coloclue_eun2 from upstream_bgp4 {
description "ColoClue euNetworks 2 (IPv4)";
neighbor 94.142.240.253 as 8283;
ipv4 { export filter bgp_export_cc; };
}
protocol bgp upstream4_coloclue_eun3 from upstream_bgp4 {
description "ColoClue euNetworks 3 (IPv4)";
neighbor 94.142.240.252 as 8283;
ipv4 { export filter bgp_export_cc; };
}
protocol bgp upstream6_coloclue_eun2 from upstream_bgp6 {

11
nixos/boxes/colony/vms/estuary/default.nix
View File

@@ -282,15 +282,20 @@ in
}
];
routes = map (r: { routeConfig = r; }) (flatten
([ ] ++
([
{
Destination = lib.my.colony.prefixes.vip1;
Gateway = allAssignments.colony.routing.ipv4.address;
}
] ++
(map (pName: [
{
Gateway = allAssignments.colony.internal.ipv4.address;
Gateway = allAssignments.colony.routing.ipv4.address;
Destination = lib.my.colony.prefixes."${pName}".v4;
}
{
Gateway = allAssignments.colony.internal.ipv6.address;
Destination = lib.my.colony.prefixes."${pName}".v6;
Gateway = allAssignments.colony.internal.ipv6.address;
}
]) [ "vms" "ctrs" "oci" ])));
}

6
nixos/boxes/colony/vms/estuary/dns.nix
View File

@@ -143,11 +143,11 @@ in
allAssignments)))
assignments)));
genFor = [ "internal" "base" "vms" "ctrs" ];
genFor = [ "internal" "base" "vms" "ctrs" "routing" ];
intRecords =
genRecords genFor (a: ''
${a.name} IN A ${a.ipv4.address}
${a.name} IN AAAA ${a.ipv6.address}
${optionalString (a.ipv6.address != null) "${a.name} IN AAAA ${a.ipv6.address}"}
${concatMapStringsSep "\n" (alt: "${alt} IN CNAME ${a.name}") a.altNames}
'');
intPtrRecords =
@@ -162,7 +162,7 @@ in
genFor
(a:
optionalString
a.ipv4.genPTR
(a.ipv6.address != null && a.ipv6.genPTR)
''@@PTR:${a.ipv6.address}:${toString ptrDots6}@@ IN PTR ${a.name}.${config.networking.domain}.'');
wildcardPtrDef = ''IN LUA PTR "createReverse('ip-%3%-%4%.${config.networking.domain}')"'';