From 6f77028a62f35ff5c6bbe0fd149f0a9e14bb3bcc Mon Sep 17 00:00:00 2001
From: Luke Granger-Brown <hg@lukegb.com>
Date: Wed, 30 Nov 2022 10:50:47 +0000
Subject: [PATCH] ops: pending changes

---
 ops/nixos/etheroute-lon01/default.nix |  2 +-
 ops/nlnog/amazon.py                   | 35 +++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100755 ops/nlnog/amazon.py

diff --git a/ops/nixos/etheroute-lon01/default.nix b/ops/nixos/etheroute-lon01/default.nix
index 0ada31e96d..3de82cb9c5 100644
--- a/ops/nixos/etheroute-lon01/default.nix
+++ b/ops/nixos/etheroute-lon01/default.nix
@@ -168,7 +168,7 @@ in {
   my.ip.tailscale = "100.111.191.21";
 
   networking.greTunnels.quadv1-4 = {
-    remote = "82.163.116.114";
+    remote = "213.41.69.70";
     local = "83.97.19.68";
     dev = "eno1";
     type = "tun";
diff --git a/ops/nlnog/amazon.py b/ops/nlnog/amazon.py
new file mode 100755
index 0000000000..1991a5ac52
--- /dev/null
+++ b/ops/nlnog/amazon.py
@@ -0,0 +1,35 @@
+#!/usr/bin/env nix-shell
+#!nix-shell -i python3 -p python3 -p python3.pkgs.requests
+
+import ipaddress
+import requests
+import socket
+
+
+IP_RANGES_URL = 'https://ip-ranges.amazonaws.com/ip-ranges.json'
+NLNOG_PARTICIPANTS_URL = 'https://ring.nlnog.net/scripts/participants.cgi'
+
+def main():
+    ip_ranges = requests.get(IP_RANGES_URL).json()
+    for prefix in ip_ranges['prefixes']:
+        prefix['network'] = ipaddress.ip_network(prefix['ip_prefix'])
+
+    nlnog_participants = requests.get(NLNOG_PARTICIPANTS_URL).json()
+    nlnog_amazon = nlnog_participants["participants"]["75"]
+    for machine in sorted(nlnog_amazon['machines']):
+        addrinfos = socket.getaddrinfo(f'{machine}.ring.nlnog.net', 22, proto=socket.IPPROTO_TCP, family=socket.AF_INET)
+        for addrinfo in addrinfos:
+            _, _, _, _, (addr, _) = addrinfo
+            ip_addr = ipaddress.ip_address(addr)
+            matched_prefix = None
+            for prefix in ip_ranges['prefixes']:
+                if ip_addr in prefix['network']:
+                    if not matched_prefix or matched_prefix['service'] == 'AMAZON':
+                        matched_prefix = prefix
+                    else:
+                        print(machine, ip_addr, 'overlap', prefix, matched_prefix)
+            print(f"\t'{ip_addr}',  // AWS region {matched_prefix['region']} - {machine}.ring.nlnog.net")
+
+
+if __name__ == '__main__':
+    main()