{ lib, config, ... }: let local = { asn = 205479; }; peering = { ixvm = { local = local // { v4 = "141.98.136.124"; v6 = "2a09:11c0:f1:bc0b::2"; }; remote = { asn = 209844; routers = [{ v4 = "141.98.136.97"; v6 = "2a09:11c0:f1:bc0b::1"; } { v4 = "141.98.136.126"; v6 = "2a09:11c0:f1:bc0b::3"; }]; }; }; kleyrex = { local = local // { v4 = "193.189.83.41"; v6 = "2001:7f8:33::a120:5479:1"; }; remote = { asn = 31142; routers = [{ v4 = "193.189.82.251"; v6 = "2001:7f8:33::a103:1142:1"; } { v4 = "193.189.82.252"; v6 = "2001:7f8:33::a103:1142:2"; } { v4 = "193.189.82.253"; v6 = "2001:7f8:33::a103:1142:3"; }]; }; }; locix = { local = local // { v4 = "185.1.166.219"; v6 = "2001:7f8:f2:e1::a20:5479:1"; }; remote = { asn = 202409; routers = [{ v4 = "185.1.166.100"; v6 = "2001:7f8:f2:e1::babe:1"; } { v4 = "185.1.166.200"; v6 = "2001:7f8:f2:e1::dead:1"; } { v4 = "185.1.166.254"; v6 = "2001:7f8:f2:e1::be5a"; }]; }; }; nlix = { local = local // { v4 = "193.239.118.225"; v6 = "2001:7f8:13::a520:5479:1"; }; remote = { asn = 34307; routers = [{ v4 = "193.239.116.255"; v6 = "2001:7f8:13::a503:4307:1"; } { enabled = false; v4 = "193.239.117.0"; v6 = "2001:7f8:13::a503:4307:2"; }]; }; }; }; generateSnippet = base: args: lib.concatStringsSep "\n" (lib.mapAttrsToList ( ixName: ix: generateSnippetForIX (args // { ixName = ixName; ix = ix; }) ) base ); generateSnippetForIX = { ixName, ix, ... }@args: '' ipv4 table ${ixName}4; ipv6 table ${ixName}6; protocol pipe ${ixName}pipe_4 { table ${ixName}4; peer table master4; import none; export all; }; protocol pipe ${ixName}pipe_6 { table ${ixName}6; peer table master6; import none; export all; }; '' + lib.concatImapStringsSep "\n" ( i: v: generateSnippetForRouter (args // { routerNum = i; router = v; }) ) ix.remote.routers; enabledSnippet = { enabled ? true, ... }: "disabled ${if enabled then "off" else "on"}"; generateSnippetForRouter = { ixName, ix, routerNum, router, ... }: '' protocol bgp ${ixName}${toString routerNum}_4 { ${enabledSnippet router}; local ${ix.local.v4} as ${toString ix.local.asn}; neighbor ${router.v4} as ${toString ix.remote.asn}; ipv4 { table ${ixName}4; import all; export none; }; }; protocol bgp ${ixName}${toString routerNum}_6 { ${enabledSnippet router}; local ${ix.local.v6} as ${toString ix.local.asn}; neighbor ${router.v6} as ${toString ix.remote.asn}; ipv6 { table ${ixName}6; import all; export none; }; }; ''; in { services.bird2 = { enable = true; config = '' router id 141.98.136.124; ${generateSnippet peering {}} protocol kernel { persist; ipv4 { import none; export none; }; }; protocol kernel { persist; ipv6 { import none; export none; }; }; protocol device { }; ''; }; networking.firewall.allowedTCPPorts = lib.mkAfter [ 179 ]; }