kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests Releases Activity

bundles/routeros: adjust for routeros 7

Browse source
This commit is contained in:
Franzi 2025-06-24 18:28:05 +02:00
parent 3761ee6ee8
commit d724716c7c
Signed by: kunsi
GPG key ID: 12E3D2136B818350
2 changed files with 48 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

53
bundles/routeros/items.py
View file

@ -1,3 +1,5 @@
ROUTEROS_VERSION = node.os_version[0]
routeros['/ip/dns'] = { routeros['/ip/dns'] = {
'servers': '8.8.8.8', 'servers': '8.8.8.8',
} }
@ -18,7 +20,7 @@ for service in (
'ssh', 'ssh',
'www', 'www',
): ):
routeros[f'/ip/service?name={service}'] = { routeros[f'/ip/service?name={service}&dynamic=false'] = {
'disabled': False, 'disabled': False,
} }
@ -57,16 +59,26 @@ routeros['/system/clock'] = {
'time-zone-name': 'UTC', 'time-zone-name': 'UTC',
} }
routeros['/ip/neighbor/discovery-settings'] = {
'protocol': 'lldp',
}
routeros['/system/identity'] = { routeros['/system/identity'] = {
'name': node.name, 'name': node.name,
# doing this first gives us some chance to notice an IP mixup # doing this first gives us some chance to notice an IP mixup
'before': {'routeros:'}, 'before': {'routeros:'},
} }
routeros['/system/ntp/client'] = { if ROUTEROS_VERSION < 7:
'enabled': True, routeros['/system/ntp/client'] = {
'server-dns-names': 'de.pool.ntp.org', 'enabled': True,
} 'server-dns-names': 'de.pool.ntp.org',
}
else:
routeros['/system/ntp/client'] = {
'enabled': True,
'servers': 'de.pool.ntp.org',
}
if node.metadata.get('routeros/gateway'): if node.metadata.get('routeros/gateway'):
routeros['/ip/route?dst-address=0.0.0.0/0'] = { routeros['/ip/route?dst-address=0.0.0.0/0'] = {
@ -76,6 +88,7 @@ if node.metadata.get('routeros/gateway'):
routeros['/interface/bridge?name=bridge'] = { routeros['/interface/bridge?name=bridge'] = {
'priority': node.metadata.get('routeros/bridge_priority', '0x8000'), 'priority': node.metadata.get('routeros/bridge_priority', '0x8000'),
'protocol-mode': 'rstp', 'protocol-mode': 'rstp',
'igmp-snooping': False,
'vlan-filtering': True, 'vlan-filtering': True,
} }
@ -159,7 +172,13 @@ for vlan, conf in node.metadata.get('routeros/vlans').items():
} }
# assign ports to vlans # assign ports to vlans
routeros[f"/interface/bridge/vlan?vlan-ids={conf['id']}"] = { #
# Be sure to only consider non-dynamic VLANs: When you remove a
# port from a VLAN (if that VLAN is the PVID of the port) while
# the port is UP, then a dynamic temporary VLAN object will be
# created in the switch. That is harmless and it will vanish as
# soon as the PVID of the port also changes.
routeros[f"/interface/bridge/vlan?vlan-ids={conf['id']}&dynamic=false"] = {
'bridge': 'bridge', 'bridge': 'bridge',
'untagged': sorted(conf['untagged']), 'untagged': sorted(conf['untagged']),
'tagged': sorted(conf['tagged']), 'tagged': sorted(conf['tagged']),
@ -170,3 +189,25 @@ for vlan, conf in node.metadata.get('routeros/vlans').items():
'tag:routeros-vlan', 'tag:routeros-vlan',
}, },
} }
# purge unused vlans
routeros['/interface/vlan'] = {
'purge': {
'id-by': 'name',
},
'needed_by': {
'tag:routeros-vlan',
}
}
routeros['/interface/bridge/vlan'] = {
'purge': {
'id-by': 'vlan-ids',
'keep': {
'dynamic': True,
},
},
'needed_by': {
'tag:routeros-vlan',
}
}

1
nodes/home.switch-rack.toml
View file

@ -1,3 +1,4 @@
groups = ["switches-mikrotik"] groups = ["switches-mikrotik"]
hostname = "172.19.138.4" hostname = "172.19.138.4"
password = "encrypt$gAAAAABkI1Eqsust7XuYFK2-FaRzXWM5fOXumhdi5fWNokLtM0CBAqVqc5zcg37XH_JIZvkhp3buKvswcvd_znaV3Rb8kKeJTs4_VJo6OsvbiWkujfT50HspoUXER0JSZSmeZts8a_2i" password = "encrypt$gAAAAABkI1Eqsust7XuYFK2-FaRzXWM5fOXumhdi5fWNokLtM0CBAqVqc5zcg37XH_JIZvkhp3buKvswcvd_znaV3Rb8kKeJTs4_VJo6OsvbiWkujfT50HspoUXER0JSZSmeZts8a_2i"
os_version = [6]