From 52e5bdf81eb5a5ddddc433a68568fc923bd77bde Mon Sep 17 00:00:00 2001
From: clerie <git@clerie.de>
Date: Mon, 7 Dec 2020 18:27:38 +0100
Subject: [PATCH] Add host dn42-il-gw5

---
 configuration/dn42/default.nix               |   7 +
 hosts/dn42-il-gw5/configuration.nix          | 155 +++++++++++++++++++
 hosts/dn42-il-gw5/hardware-configuration.nix |  23 +++
 3 files changed, 185 insertions(+)
 create mode 100644 configuration/dn42/default.nix
 create mode 100644 hosts/dn42-il-gw5/configuration.nix
 create mode 100644 hosts/dn42-il-gw5/hardware-configuration.nix

diff --git a/configuration/dn42/default.nix b/configuration/dn42/default.nix
new file mode 100644
index 0000000..0e940b9
--- /dev/null
+++ b/configuration/dn42/default.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    wireguard-tools
+  ];
+}
diff --git a/hosts/dn42-il-gw5/configuration.nix b/hosts/dn42-il-gw5/configuration.nix
new file mode 100644
index 0000000..63fa168
--- /dev/null
+++ b/hosts/dn42-il-gw5/configuration.nix
@@ -0,0 +1,155 @@
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+      ../../configuration/common
+      ../../configuration/proxmox-vm
+      ../../dn42
+    ];
+
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  boot.loader.grub.device = "/dev/vda";
+
+  boot.kernel.sysctl = {
+    "net.ipv4.ip_forward" = true;
+    "net.ipv6.conf.all.forwarding" = true;
+  };
+
+  networking.hostName = "dn42-il-gw5";
+
+  networking.useDHCP = false;
+  # VM Nat Netz mercury
+  networking.interfaces.ens18.ipv4.addresses = [ { address = "192.168.10.25"; prefixLength = 24; } ];
+  # ?
+  networking.interfaces.ens19.ipv6.useDHCP = true;
+  # Transport
+  networking.interfaces.ens20.ipv6.addresses = [ { address = "fd56:4902:eca0:5::1"; prefixLength = 64; } ];
+  # IPv6 Uplink
+  networking.interfaces.ens21.ipv6.addresses = [ { address = "2001:638:904:ffc9::a"; prefixLength = 64; } ];
+  # Ildix
+  networking.interfaces.ens22.ipv6.addresses = [ { address = "fd81:edb3:71d8:ffff:2574::5"; prefixLength = 64; } ];
+
+  networking.defaultGateway = { address = "192.168.10.1"; interface = "ens18"; };
+  networking.defaultGateway6 = { address = "2001:638:904:ffc9::1"; interface = "ens21"; };
+  networking.nameservers = [ "2001:638:904:ffcc::3" "2001:638:904:ffcc::4" "141.24.40.3" "141.24.40.4" ];
+
+  services.bird2.enable = true;
+  services.bird2.config = ''
+  router id ${ (lib.head config.networking.interfaces.ens18.ipv4.addresses).address };
+
+  ipv6 table ospf6;
+  ipv6 table bgp6;
+
+  protocol direct {
+    interface "ens20";
+    ipv6 {
+      table ospf6;
+    };
+  }
+
+  protocol static {
+          ipv6 {
+                  table bgp6;
+          };
+          route fd56:4902:eca0::/48 via "lo";
+          route fd56:4902:eca0::/52 via "lo";
+  }
+
+  protocol kernel {
+    ipv6 {
+      table ospf6;
+      export filter {
+        krt_prefsrc=fd56:4902:eca0:5::1;
+        accept;
+      };
+      import none;
+    };
+    kernel table 1337;
+  }
+
+  protocol kernel {
+          ipv6 {
+                  table bgp6;
+                  export filter {
+                          krt_prefsrc=fd56:4902:eca0:5::1;
+        accept;
+                  };
+                  import none;
+          };
+    kernel table 2342;
+  }
+
+  protocol ospf v3 {
+    ipv6 {
+      table ospf6;
+      import all;
+      export all;
+    };
+    area 0 {
+      interface "ens19" {
+        cost 80;
+      };
+    };
+  }
+
+  protocol bgp gw1 {
+          local as 4242422574;
+          graceful restart on;
+          neighbor fd56:4902:eca0:1::1 as 4242422574;
+          source address fd56:4902:eca0:5::1;
+          ipv6 {
+                  table bgp6;
+                  igp table ospf6;
+                  next hop self;
+                  import keep filtered;
+                  import all;
+                  export all;
+          };
+  }
+
+  protocol bgp gw6 {
+          local as 4242422574;
+          graceful restart on;
+          neighbor fd56:4902:eca0:6::1 as 4242422574;
+          source address fd56:4902:eca0:5::1;
+          ipv6 {
+      table bgp6;
+      igp table ospf6;
+                  next hop self;
+                  import keep filtered;
+                  import all;
+                  export all;
+          };
+  }
+
+  protocol bgp peer_ildix {
+          local as 4242422574;
+          graceful restart on;
+          neighbor fd81:edb3:71d8:ffff::13 as 4242422953;
+          source address fd81:edb3:71d8:ffff:2574::5;
+          ipv6 {
+                  table bgp6;
+                  igp table ospf6;
+                  next hop self;
+                  import keep filtered;
+                  import filter {
+                          if net ~ [fd00::/8{8,64}] then accept;
+                          reject;
+                  };
+                  export filter {
+                          if net ~ [fd00::/8{8,64}] then accept;
+                          reject;
+                  };
+          };
+  }
+
+  protocol device {
+    scan time 10;
+  }
+  '';
+
+  system.stateVersion = "21.03";
+}
diff --git a/hosts/dn42-il-gw5/hardware-configuration.nix b/hosts/dn42-il-gw5/hardware-configuration.nix
new file mode 100644
index 0000000..072e86b
--- /dev/null
+++ b/hosts/dn42-il-gw5/hardware-configuration.nix
@@ -0,0 +1,23 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/6ab01fb1-fc6a-4612-ac3b-cfcd19f7e8ac";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+
+}