fix: more tweaks

kid · kid · commit 3b034c28cd01 · 2025-05-30T10:00:52.000+02:00
diff --git a/terraform/modules/ros-management-config/inputs.tf b/terraform/modules/ros-management-config/inputs.tf
@@ -1,8 +1,28 @@
+variable "hostname" {
+  type = string
+}
+
 variable "bridge_name" {
   type = string
 }
 
-variable "oob_mgmt_interface" {
+variable "mgmt_cidr_prefix" {
+  type = string
+}
+
+variable "mgmt_cidr_bits" {
+  type = number
+}
+
+variable "mgmt_hostnum" {
+  type = number
+}
+
+variable "mgmt_vlan_id" {
+  type = number
+}
+
+variable "oob_mgmt_port" {
   type = string
 }
 
@@ -15,7 +35,3 @@ variable "oob_mgmt_cidr_bits" {
   type    = number
   default = 24
 }
-
-variable "mgmt_vlan_id" {
-  type = number
-}
diff --git a/terraform/modules/ros-management-config/main.tf b/terraform/modules/ros-management-config/main.tf
@@ -1,42 +1,43 @@
-# TODO: set router identity
 # TODO: import SSH keys
-# TODO: add dhcp-server on management subnet
-# TODO: add dhcp-client on admin vlan
 # TODO: implement VRF for services
+# TODO: implement ROMON when resource is available
+# TODO: routerboard auto upgrade
 
 locals {
-  oob_mgmt_cidr = "${var.oob_mgmt_cidr_prefix}/${var.oob_mgmt_cidr_bits}"
+  mgmt_cidr = "${var.mgmt_cidr_prefix}/${var.mgmt_cidr_bits}"
 }
 
-resource "routeros_interface_list" "admin" {
-  name = "admin-ifces"
+resource "routeros_system_identity" "self" {
+  name = var.hostname
 }
 
-resource "routeros_interface_list_member" "admin_interface" {
-  list      = routeros_interface_list.admin.name
-  interface = var.oob_mgmt_interface
-}
-
-resource "routeros_interface_list_member" "admin_vlan" {
-  list      = routeros_interface_list.admin.name
-  interface = routeros_interface_vlan.admin.name
-}
-
-resource "routeros_interface_vlan" "admin" {
+# resource "routeros_interface_list" "mgmt" {
+#   name = "list-mgmt"
+# }
+#
+# resource "routeros_interface_list_member" "mgmt_port" {
+#   list      = routeros_interface_list.mgmt.name
+#   interface = var.oob_mgmt_port
+# }
+#
+# resource "routeros_interface_list_member" "mgmt_vlan" {
+#   list      = routeros_interface_list.mgmt.name
+#   interface = routeros_interface_vlan.mgmt.name
+# }
+
+resource "routeros_interface_vlan" "mgmt" {
+  name      = "vlan-mgmt"
   interface = var.bridge_name
-  name      = "admin-vlan"
   vlan_id   = var.mgmt_vlan_id
 }
 
-resource "routeros_ip_address" "oob" {
-  interface = var.oob_mgmt_interface
-  address   = "${cidrhost(local.oob_mgmt_cidr, 1)}/${var.oob_mgmt_cidr_bits}"
+resource "routeros_ip_address" "mgmt" {
+  interface = routeros_interface_vlan.mgmt.name
+  address   = "${cidrhost(local.mgmt_cidr, var.mgmt_hostnum)}/${var.mgmt_cidr_bits}"
 }
 
-module "oob_dhcp" {
-  source = "../ros-dhcp"
-
-  interface   = var.oob_mgmt_interface
-  cidr_prefix = var.oob_mgmt_cidr_prefix
-  cidr_bits   = var.oob_mgmt_cidr_bits
+# TODO: remove when we have OSPF?
+resource "routeros_ip_route" "gateway" {
+  dst_address = "0.0.0.0/0"
+  gateway     = cidrhost(local.mgmt_cidr, 1)
 }
diff --git a/terraform/stacks/network/routeros.tf b/terraform/stacks/network/routeros.tf
@@ -27,23 +27,18 @@ locals {
     iot = {
       id = 101
     }
-    # ioc = {
-    #   id = 102
-    # }
   }
   wan_port = "ether8"
   ports = {
     sfp-sfpplus1 = {
       comment = "crs320-trunk"
-      # pvid    = local.vlans.adm.id
       tagged = [
         local.vlans.srv.id,
         local.vlans.media.id,
         local.vlans.k8s.id,
         local.vlans.lan.id,
         local.vlans.adm.id,
         local.vlans.iot.id,
-        # 1099
       ]
     }
     ether1 = {
@@ -54,12 +49,19 @@ locals {
         local.vlans.k8s.id,
         local.vlans.lan.id,
         local.vlans.adm.id,
-        1099
       ]
     }
+    ether2 = {
+      comment = "crs320-admin"
+    }
+    ether3 = {
+      comment = "capxr0"
+    }
+    ether4 = {
+      comment = "capxr1"
+    }
     ether6 = {
       comment = "crs320-admin"
-      # pvid    = local.vlans.adm.id
     }
   }
   hosts = {
@@ -84,8 +86,7 @@ locals {
       dhcp_server = "adm"
     }
     pve0 = {
-      # mac         = "d0:50:99:fe:51:b4"
-      mac         = "4e:81:80:a2:bb:d2"
+      mac         = "a6:34:58:9f:98:09"
       ip          = cidrhost(local.vlan_cidrs.srv, 10)
       dhcp_server = "srv"
     }
@@ -95,7 +96,6 @@ locals {
       dhcp_server = "adm"
     }
     pve1 = {
-      # mac = "74:56:3c:69:1e:30",
       mac         = "be:4f:11:f4:ba:61",
       ip          = cidrhost(local.vlan_cidrs.srv, 20)
       dhcp_server = "srv"
@@ -128,7 +128,6 @@ locals {
   vlan_cidrs = { for k, v in local.vlans : k => lookup(v, "cidr", cidrsubnet(local.cidr, 15, v.id)) }
 }
 
-
 resource "routeros_interface_list" "wan" {
   name = "WAN"
 }
@@ -160,16 +159,3 @@ resource "routeros_ip_dns" "upstream" {
   max_concurrent_queries      = 200
   max_concurrent_tcp_sessions = 40
 }
-
-moved {
-  from = routeros_dhcp_server_lease.static_hosts["pve"]
-  to   = routeros_dhcp_server_lease.static_hosts["pve0"]
-}
-moved {
-  from = routeros_dhcp_server_lease.static_hosts["pve-ipmi"]
-  to   = routeros_dhcp_server_lease.static_hosts["pve0-ipmi"]
-}
-moved {
-  from = routeros_dhcp_server_lease.static_hosts["hypernix"]
-  to   = routeros_dhcp_server_lease.static_hosts["pve1"]
-}
