141 lines
2.9 KiB
Text
141 lines
2.9 KiB
Text
version ${'.'.join(node.metadata.get('junos/version'))};
|
|
system {
|
|
host-name ${node.name.split('.')[-1]};
|
|
time-zone GMT;
|
|
root-authentication {
|
|
encrypted-password "$5$1hGrR8Kk$lx3CIdxqvesBrZUtDftROEoyXQuMENEu62JVtHw6WGD"; ## SECRET-DATA
|
|
}
|
|
name-server {
|
|
% for srv in repo.libs.defaults.nameservers_ipv4:
|
|
${srv};
|
|
% endfor
|
|
}
|
|
login {
|
|
% for uid, (uname, uconfig) in enumerate(sorted(users.items())):
|
|
user ${uname} {
|
|
full-name ${uname};
|
|
uid ${1000+uid};
|
|
class super-user;
|
|
authentication {
|
|
% for pubkey in sorted(uconfig['ssh_pubkey']):
|
|
${pubkey.split(' ', 1)[0]} "${pubkey}";
|
|
% endfor
|
|
}
|
|
}
|
|
% endfor
|
|
}
|
|
services {
|
|
ssh {
|
|
protocol-version v2;
|
|
}
|
|
netconf {
|
|
ssh;
|
|
}
|
|
# web-management {
|
|
# http;
|
|
# }
|
|
}
|
|
syslog {
|
|
user * {
|
|
any emergency;
|
|
}
|
|
file messages {
|
|
any notice;
|
|
authorization info;
|
|
}
|
|
file interactive-commands {
|
|
interactive-commands any;
|
|
}
|
|
}
|
|
ntp {
|
|
% for srv in sorted(ntp_servers):
|
|
server ${srv};
|
|
% endfor;
|
|
}
|
|
}
|
|
interfaces {
|
|
% for iface, config in sorted(interfaces.items()):
|
|
${iface} {
|
|
unit 0 {
|
|
% if not config['enabled']:
|
|
disable;
|
|
% endif
|
|
% if config['mode'] == 'trunk':
|
|
family ethernet-switching {
|
|
port-mode trunk;
|
|
vlan {
|
|
members [ ${' '.join(sorted(config['tagged_vlans']))} ];
|
|
}
|
|
% if config['untagged_vlan']:
|
|
native-vlan-id ${config['untagged_vlan']};
|
|
% endif
|
|
}
|
|
% else:
|
|
family ethernet-switching;
|
|
% endif
|
|
}
|
|
}
|
|
% endfor
|
|
vlan {
|
|
% for idx, (vlan, vconfig) in enumerate(sorted(vlans.items())):
|
|
% if vconfig['ip_address']:
|
|
unit ${idx} {
|
|
family inet {
|
|
address ${vconfig['ip_address']};
|
|
}
|
|
}
|
|
% endif
|
|
% endfor
|
|
}
|
|
}
|
|
snmp {
|
|
contact "${repo.libs.defaults.hostmaster_email}";
|
|
community public {
|
|
authorization read-only;
|
|
}
|
|
}
|
|
routing-options {
|
|
static {
|
|
route 0.0.0.0/0 next-hop ${gateway};
|
|
}
|
|
}
|
|
protocols {
|
|
igmp-snooping {
|
|
vlan all;
|
|
}
|
|
rstp;
|
|
lldp {
|
|
interface all;
|
|
}
|
|
lldp-med {
|
|
interface all;
|
|
}
|
|
}
|
|
ethernet-switching-options {
|
|
voip;
|
|
storm-control {
|
|
interface all;
|
|
}
|
|
}
|
|
vlans {
|
|
% for idx, (vlan, vconfig) in enumerate(sorted(vlans.items())):
|
|
${vlan} {
|
|
% if vconfig['id']:
|
|
vlan-id ${vconfig['id']};
|
|
% endif
|
|
interface {
|
|
% for iface, iconfig in sorted(interfaces.items()):
|
|
% if iconfig['untagged_vlan'] == vlan:
|
|
${iface}.0;
|
|
% endif
|
|
% endfor
|
|
}
|
|
% if vconfig['ip_address']:
|
|
l3-interface vlan.${idx};
|
|
% endif
|
|
}
|
|
% endfor
|
|
}
|
|
poe {
|
|
interface all;
|
|
}
|