From f290e16bd7da06f0be2b6dc69d85811ad0b21088 Mon Sep 17 00:00:00 2001
From: Luke Granger-Brown <hg@lukegb.com>
Date: Mon, 12 Feb 2024 19:25:16 +0000
Subject: [PATCH] bvm-radius: update roaming0/roaming1 IPs

---
 ops/nixos/bvm-radius/default.nix        | 11 ++++-------
 ops/nixos/bvm-radius/raddb/clients.conf |  8 ++++----
 2 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/ops/nixos/bvm-radius/default.nix b/ops/nixos/bvm-radius/default.nix
index e3c25ad7a8..8215f29ec9 100644
--- a/ops/nixos/bvm-radius/default.nix
+++ b/ops/nixos/bvm-radius/default.nix
@@ -34,14 +34,11 @@ in {
       extraCommands = ''
         # Allow JANET inbound RADIUS traffic.
         # roaming0.ja.net
-        iptables -A nixos-fw -p udp --dport 1812 --src 194.82.174.185 -j nixos-fw-accept
-        ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:128::185 -j nixos-fw-accept
+        iptables -A nixos-fw -p udp --dport 1812 --src 193.63.195.58 -j nixos-fw-accept
+        ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:133::58 -j nixos-fw-accept
         # roaming1.ja.net
-        iptables -A nixos-fw -p udp --dport 1812 --src 194.83.56.233 -j nixos-fw-accept
-        ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:12a::233 -j nixos-fw-accept
-        # roaming2.ja.net (old)
-        iptables -A nixos-fw -p udp --dport 1812 --src 194.83.56.249 -j nixos-fw-accept
-        ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:129::249 -j nixos-fw-accept
+        iptables -A nixos-fw -p udp --dport 1812 --src 193.63.195.34 -j nixos-fw-accept
+        ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:132::34 -j nixos-fw-accept
         # roaming2.ja.net (new)
         iptables -A nixos-fw -p udp --dport 1812 --src 193.63.195.50 -j nixos-fw-accept
         ip6tables -A nixos-fw -p udp --dport 1812 --src 2001:630:1:133::50 -j nixos-fw-accept
diff --git a/ops/nixos/bvm-radius/raddb/clients.conf b/ops/nixos/bvm-radius/raddb/clients.conf
index 008e010ee0..16a8512bcb 100644
--- a/ops/nixos/bvm-radius/raddb/clients.conf
+++ b/ops/nixos/bvm-radius/raddb/clients.conf
@@ -5,25 +5,25 @@ client localhost {
 
 client eduroam_flr_server_1_v4 {
 	# roaming0.ja.net
-        ipaddr = 194.82.174.185
+        ipaddr = 193.63.195.58
         secret = {{JANET_ROAMING0_SECRET}}
 	nastype = 'eduroam_flr'
 }
 client eduroam_flr_server_1_v6 {
 	# roaming0.ja.net
-        ipv6addr = 2001:630:1:128::185
+        ipv6addr = 2001:630:1:133::58
         secret = {{JANET_ROAMING0_SECRET}}
 	nastype = 'eduroam_flr'
 }
 client eduroam_flr_server_2_v4 {
 	# roaming1.ja.net
-        ipaddr = 194.83.56.233
+        ipaddr = 193.63.195.34
         secret = {{JANET_ROAMING1_SECRET}}
 	nastype = 'eduroam_flr'
 }
 client eduroam_flr_server_2_v6 {
 	# roaming1.ja.net
-        ipv6addr = 2001:630:1:12a::233
+        ipv6addr = 2001:630:1:132::34
         secret = {{JANET_ROAMING1_SECRET}}
 	nastype = 'eduroam_flr'
 }