nixfiles/hosts/dn42-il-gw6/configuration.nix

{ config, pkgs, lib, ... }:

{
  imports =
    [
      ./hardware-configuration.nix
    ];

  profiles.clerie.cybercluster-vm.enable = true;
  profiles.clerie.common-networking.enable = true;

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/vda";

  systemd.network.networks."10-wan" = {
    matchConfig.Name = "ens18";
    address = [
      "2001:638:904:ffc9::9/64"
    ];
    routes = [
      { Gateway = "2001:638:904:ffc9::1"; }
    ];
    linkConfig.RequiredForOnline = "routable";
  };
  systemd.network.networks."10-nat-netz-mercury" = {
    matchConfig.Name = "ens20";
    address = [
      "192.168.10.26/24"
    ];
    routes = [
      { Gateway = "192.168.10.1"; }
    ];
    linkConfig.RequiredForOnline = "routable";
  };
  systemd.network.networks."10-dn42-ospf-netz" = {
    matchConfig.Name = "ens21";
    linkConfig.RequiredForOnline = "no";
  };
  systemd.network.networks."10-dn42-ildix" = {
    matchConfig.Name = "ens19";
    address = [
      "fd81:edb3:71d8:ffff:2574::6/64"
    ];
    linkConfig.RequiredForOnline = "no";
  };

  profiles.clerie.dn42-router = {
    enable = true;
    loopbackIp = "fd56:4902:eca0:6::1";
    routerId = "192.168.10.26";

    ospfInterfaces = [
      "ens21"
    ];

    ibgpPeers = [
      {
        peerName = "gw1";
        remoteAddress = "fd56:4902:eca0:1::1";
      }
      {
        peerName = "gw5";
        remoteAddress = "fd56:4902:eca0:5::1";
      }
    ];

    bgpPeers = [
      {
        peerName = "peer_ildix_clerie";
        localAddress = "fd81:edb3:71d8:ffff:2574::6";
        remoteAddress = "fd81:edb3:71d8:ffff::13";
        remoteAsn = "4242422953";
      }
      {
        peerName = "peer_ildix_nex";
        localAddress = "fd81:edb3:71d8:ffff:2574::6";
        remoteAddress = "fd81:edb3:71d8:ffff::14";
        remoteAsn = "4242422953";
      }
    ];

    birdExtraConfig = ''
      # Internal
      protocol bgp peer_2953_dn42_ildix_service {
        local as 4242422574;
        neighbor fd81:edb3:71d8:ffff:2953::1 port 1179 as 4242422953;
        source address fd81:edb3:71d8:ffff:2574::6;
        multihop 64;
        ipv6 {
          table bgp6;
          igp table ospf6;
          next hop keep;
          add paths tx;
          import filter {
            reject;
          };
          export filter {
            accept;
          };
        };
      }
    '';
  };

  clerie.system-auto-upgrade = {
    allowReboot = true;
    autoUpgrade = true;
    startAt = "*-*-* 07:22:00";
  };

  clerie.monitoring = {
    enable = true;
    id = "306";
    pubkey = "5+/S3Fj0HknkKgUTgtmDhS7MoHZ2Ygsi/+eij+Gnf34=";
    bird = true;
  };

  system.stateVersion = "21.03";
}