Feat/one per file

hosts/clients/default.nix

@@ -1,10 +1,11 @@
-args@{ lib, ... }:
-let
-  blacklist = [ ];
-  folders = builtins.attrNames (
-    lib.filterAttrs (n: v: v == "directory" && !lib.hasPrefix "_" n && !builtins.elem n blacklist) (
-      builtins.readDir ./.
-    )
-  );
-in
-lib.genAttrs folders (folder: (import (./. + "/${folder}") (args // { })))
+# args@{ lib, ... }:
+# let
+#   blacklist = [ ];
+#   folders = builtins.attrNames (
+#     lib.filterAttrs (n: v: v == "directory" && !lib.hasPrefix "_" n && !builtins.elem n blacklist) (
+#       builtins.readDir ./.
+#     )
+#   );
+# in
+# lib.genAttrs folders (folder: (import (./. + "/${folder}") (args // { })))
+{...}: {}

hosts/miscservers/default.nix

@@ -1,11 +1,12 @@
-args@{ lib, ... }:
-let
-  blacklist = [ ];
+# args@{ lib, ... }:
+# let
+#   blacklist = [ ];
 
-  folders = builtins.attrNames (
-    lib.filterAttrs (n: v: v == "directory" && !lib.hasPrefix "_" n && !builtins.elem n blacklist) (
-      builtins.readDir ./.
-    )
-  );
-in
-lib.genAttrs folders (folder: (import (./. + "/${folder}") (args // { })))
+#   folders = builtins.attrNames (
+#     lib.filterAttrs (n: v: v == "directory" && !lib.hasPrefix "_" n && !builtins.elem n blacklist) (
+#       builtins.readDir ./.
+#     )
+#   );
+# in
+# lib.genAttrs folders (folder: (import (./. + "/${folder}") (args // { })))
+{...}: {}

hosts/routereflectors/default.nix

@@ -2,13 +2,14 @@
 #   iguane-kit-rr91 = import ./iguane-kit-rr91 { };
 # }
 
-args@{ lib, ... }:
-let
-  blacklist = [ ];
-  folders = builtins.attrNames (
-    lib.filterAttrs (n: v: v == "directory" && !lib.hasPrefix "_" n && !builtins.elem n blacklist) (
-      builtins.readDir ./.
-    )
-  );
-in
-lib.genAttrs folders (folder: (import (./. + "/${folder}") (args // { })))
+# args@{ lib, ... }:
+# let
+#   blacklist = [ ];
+#   folders = builtins.attrNames (
+#     lib.filterAttrs (n: v: v == "directory" && !lib.hasPrefix "_" n && !builtins.elem n blacklist) (
+#       builtins.readDir ./.
+#     )
+#   );
+# in
+# lib.genAttrs folders (folder: (import (./. + "/${folder}") (args // { })))
+{...}: {}

hosts/routers/__virtua-kit-edge/configuration.nix

@@ -0,0 +1,91 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{
+  config,
+  targetConfig,
+  lib,
+  pkgs,
+  ...
+}:
+let
+  iface = if targetConfig ? interface then targetConfig.interface else null;
+in
+{
+  #imports = [ ./wireguard.nix ];
+  # Bootloader.
+  #boot.loader.systemd-boot.enable = true;
+  #boot.loader.systemd-boot.configurationLimit = 5;
+  #boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.grub.efiSupport = false;
+  boot.loader.grub.enable = true;
+  # boot.loader.grub.efiInstallAsRemovable = true;
+  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
+  # Define on which hard drive you want to install Grub.
+  #boot.loader.grub.devices = [ "${targetConfig.bootdisk}" ]; # or "nodev" for efi only
+
+  # Pick only one of the below networking options.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+  networking = {
+    #nameservers = [ "1.3.3.7" ];
+    interfaces = {
+      "${iface}" = {
+        ipv4.addresses = [
+          {
+            address = "185.10.17.209";
+            prefixLength = 24;
+          }
+        ];
+
+        ipv6.addresses = [
+          {
+            address = "2a07:8dc0:19:1cf::1";
+            prefixLength = 128;
+          }
+        ];
+      };
+    };
+    defaultGateway = {
+      address = "185.10.17.254";
+      metric = 42;
+      interface = iface;
+    };
+    defaultGateway6 = {
+      address = "fe80::1";
+      metric = 42;
+      interface = iface;
+    };
+    useDHCP = false;
+    #dhcpcd.enable = false;
+  };
+
+  systemd.network.enable = true;
+
+  # Set your time zone.
+  time.timeZone = "Europe/Paris";
+
+  nixpkgs.config.allowUnfree = true;
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # This option defines the first version of NixOS you have installed on this particular machine,
+  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
+  #
+  # Most users should NEVER change this value after the initial install, for any reason,
+  # even if you've upgraded your system to a new NixOS release.
+  #
+  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
+  # so changing it will NOT upgrade your system.
+  #
+  # This value being lower than the current NixOS release does NOT mean your system is
+  # out of date, out of support, or vulnerable.
+  #
+  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
+  # and migrated your data accordingly.
+  #
+  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
+  system.stateVersion = "23.11"; # Did you read the comment?
+}

hosts/routers/__virtua-kit-edge/default.nix

@@ -0,0 +1,29 @@
+{ ... }:
+let
+  IFACE = "ens18";
+in
+{
+  type = "targetConfig";
+
+  bootdisk = "/dev/sda";
+  diskTemplate = "simple_singleFullRoot";
+  swap = true;
+
+  interface = IFACE;
+  # mainSerial = 0;
+  birdConfig = {
+    transitInterface = IFACE;
+    # router-id = ;
+
+    # loopback4 = "";
+    loopback6 = "2a13:79c0:ffff:fefe::12:10";
+
+    static6 = [
+      # ''2a0d:e680:0::b:1/128 via "enp1s0"'' # Vultr bgp neighbor
+      "2a13:79c0:ffff:fefe::b00b/128 unreachable"
+      #"2a13:79c0:ffff::/48 unreachable" # Networking stuff
+      #"2a13:79c0:ffff:fefe::/64 unreachable" # LoopBacks
+      "2a13:79c0:ff00::/40 unreachable" # full range /40
+    ];
+  };
+}

hosts/routers/__virtua-kit-edge/hardware-configuration.nix

@@ -0,0 +1,24 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+
+  boot.initrd.availableKernelModules = [
+    "ata_piix"
+    "uhci_hcd"
+    "sd_mod"
+    "sr_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+}

hosts/routers/__virtua-kit-edge/peers/KIT-IG1-RTR.nix

@@ -0,0 +1,30 @@
+{ ... }:
+let
+  kittenASN = 4242421945;
+in
+{
+  peerAS = kittenASN;
+  peerIP = "2a13:79c0:ffff:feff::103";
+  localAS = kittenASN;
+
+  wireguard = {
+    address = "2a13:79c0:ffff:feff::102";
+    port = 6969;
+
+    peerKey = "gDriA5mhKKh44OHEIxmmevphoVRLK45TRJmFS1DV1i4=";
+  };
+
+  template = "kittunderlay";
+  bgpMED = 100;
+  ipv6 = {
+    #imports = null;
+    imports = x: "filter filter6_IN_BGP_${toString x}";
+    #exports = [ "2a12:dd47:9330::/44" ];
+
+    #exports = null;
+  };
+  ipv4 = {
+    imports = x: "filter filter4_IN_BGP_${toString x}";
+    #exports = x: "filter6_IN_BGP_${toString x}";
+  };
+}

hosts/routers/__virtua-kit-edge/peers/KIT-VIRTUA-EDGE.legacy.nix

@@ -0,0 +1,50 @@
+{ ... }:
+let
+  kittenASN = 4242421945;
+in
+{
+  # vultr6
+  # AS64515
+  # Peer-IP : 2001:19f0:ffff::1
+
+  # protocol bgp TRANSIT_VULTR6 {
+  # 
+  #     multihop 2;
+  # 
+
+  #     ipv6 {
+  #             export filter {
+  #             if ( net ~ [ 2a13:79c0:ff00::/40, 2a12:dd47:9330::/44 ] ) then {
+  #                     accept;
+  #             }
+  #             reject;
+  #         };
+  #         import none;
+  #     };
+  # 
+  # }
+  peerAS = kittenASN;
+  peerIP = "2a13:79c0:ffff:feff::110";
+  localAS = kittenASN;
+
+  wireguard = {
+    address = "2a13:79c0:ffff:feff::111";
+    port = 6978;
+    # endpoint = "[2a07:8dc0:19:1cf::1]:51800";
+    # peerKey = "p200ujtoVhMNnbrdljxoHqAF7cbfRDRFTA+6ibGvIEg=";
+    peerKey = "rMTaMWJYlgTKJoE0PnVOo9SKHTppEfYK5KtWjBI9mC8=";
+  };
+  template = "kittunderlay";
+  bgpMED = 6666;
+  ipv6 = {
+    #imports = null;
+    imports = x: "filter filter6_IN_BGP_${toString x}";
+    #exports = [ "2a12:dd47:9330::/44" ];
+
+    #exports = null;
+  };
+  ipv4 = {
+    imports = x: "filter filter4_IN_BGP_${toString x}";
+    #exports = x: "filter6_IN_BGP_${toString x}";
+  };
+}

hosts/routers/__virtua-kit-edge/peers/KIT-vultr-edge.nix

@@ -0,0 +1,30 @@
+{ ... }:
+let
+  kittenASN = 4242421945;
+in
+{
+  peerAS = kittenASN;
+  peerIP = "2a13:79c0:ffff:feff::10f";
+  localAS = kittenASN;
+
+  wireguard = {
+    address = "2a13:79c0:ffff:feff::10e";
+    port = 51801;
+    endpoint = "[2001:19f0:6801:365:5400:4ff:fe82:5c6e]:51801";
+    peerKey = "H8z/i9mmbIukPwLJooVP/d+T4pi9IRFC/UYA7gcEzFM=";
+  };
+
+  template = "kittunderlay";
+  bgpMED = 100;
+  ipv6 = {
+    #imports = null;
+    imports = x: "filter filter6_IN_BGP_${toString x}";
+    #exports = [ "2a12:dd47:9330::/44" ];
+
+    #exports = null;
+  };
+  ipv4 = {
+    imports = x: "filter filter4_IN_BGP_${toString x}";
+    #exports = x: "filter6_IN_BGP_${toString x}";
+  };
+}

hosts/routers/__virtua-kit-edge/peers/TRS-virtua6-RS01.nix

@@ -0,0 +1,19 @@
+{ ... }:
+{
+  localAS = 207175;
+  peerAS = 35661;
+  peerIP = "2a0d:e680:0::b:1";
+  multihop = 5;
+
+  passwordRef = "virtua";
+
+  ipv6 = {
+    imports = null;
+    exports = [
+      "2a13:79c0:ff00::/40" # Prod /40
+
+      # "2a12:dd47:9330::/44"
+    ];
+    #exports = null;
+  };
+}

hosts/routers/__virtua-kit-edge/peers/TRS-virtua6-RS02.nix

@@ -0,0 +1,18 @@
+{ ... }:
+{
+  localAS = 207175;
+  peerAS = 35661;
+  peerIP = "2a0d:e680:0::b:2";
+  multihop = 5;
+
+  passwordRef = "virtua";
+
+  ipv6 = {
+    imports = null;
+    exports = [
+      "2a13:79c0:ff00::/40" # Prod /40
+      "2a12:dd47:9330::/44"
+    ];
+    #exports = null;
+  };
+}

hosts/routers/__virtua-kit-edge/peers/default.nix

@@ -0,0 +1,16 @@
+{ ... }:
+let
+  defaultPeers = import ../../_peers { };
+in
+defaultPeers
+// {
+
+  # Transit
+  TRS_virtua6_RS01 = import ./TRS-virtua6-RS01.nix { };
+  TRS_virtua6_RS02 = import ./TRS-virtua6-RS02.nix { };
+
+  # Internal Tunnels
+  KIT_IG1_RTR = import ./KIT-IG1-RTR.nix { };
+  vultrNix_PAR = import ./KIT-vultr-edge.nix { };
+  # LGC_virtua_PAR = import ./KIT-VIRTUA-EDGE.legacy.nix { };
+}