ffho-salt-public/snmpd/snmpd.conf.tmpl

{%- set node_config = salt['pillar.get'] ('nodes:' ~ grains['id']) %}
{%- set ro_community = salt['pillar.get'] ('globals:snmp:ro_community', "Configure globals:snmp:ro_community in pillar...") %}
{%- set sys_contact = salt['pillar.get'] ('globals:ops_mail', "Configure globals:ops_mail in pillar...") %}
{%- set sys_location = salt['pillar.get'] ('nodes:' ~ grains['id'] ~ 'location:site:code', node_config.get ('sysLocation', "Please fix sysLocation...")) %}
{%- set nms_list = salt['pillar.get'] ('globals:snmp:nms_list', []) %}
{%- set sites_config = salt['pillar.get'] ('sites', {}) %}
{%- set ifaces = salt['ffho_net.get_interface_config'] (node_config, sites_config) %}
#
# /etc/snmp/snmpd.conf (Salt managed)
#

sysLocation	{{ sys_location }}
sysContact	{{ sys_contact }}
sysServices	72

# Listen for connections from the local system
agentAddress  udp:127.0.0.1:161
agentAddress  udp6:[::1]:161

# Listen for connections on Loopback-IPs
agentAddress  udp:{{ salt['ffho_net.get_primary_ip'] (node_config, 'v4').ip }}:161
agentAddress  udp6:[{{ salt['ffho_net.get_primary_ip'] (node_config, 'v6').ip }}]:161

# We accept requests from those fine boxes
rocommunity	{{ ro_community }}	127.0.0.1
rocommunity6	{{ ro_community }}	::1
{%- for entry in nms_list %}
  {%- if ':' in entry %}
rocommunity6	{{ ro_community }}	{{ entry }}
  {%- else %}
rocommunity	{{ ro_community }}	{{ entry }}
  {%- endif %}
{%- endfor %}

#
# Network interfaces
#
# Set bandwidth of some virtual interfaces to meaningful values (for us).
# The default is 10Mb/s which makes LibreNMS whine quite a lot if there is
# a little traffic.
interface	lo		6	1000000000	#   1 Gb/s
{%- for iface in ifaces|sort %}
 {%- set config = ifaces.get (iface) %}
 {%- if "vlan" in config or "vxlan" in config %}
   {%- continue %}
 {%- endif %}
 {%- if "batman" in config or "bridge" in config %}
interface	{{ iface }}	6	 500000000	# 500 Mb/s
 {%- endif %}
 {%- if "wireguard" in config %}
interface	{{ iface }}	6	 300000000	# 300 Mb/s
 {%- endif %}
{%- endfor %}

{%- if "fastd" in node_config.get ('roles') %}
  {%- for site in node_config.get ('sites') %}
    {%- if loop.first %}
# Fastd interfaces
    {%- endif %}
interface	{{ site }}_intergw	6	 500000000	# 500 Mb/s
interface	{{ site }}_nodes4	6	 500000000	# 500 Mb/s
interface	{{ site }}_nodes6	6	 500000000	# 500 Mb/s
  {%- endfor %}
{%- endif %}

{%- set ovpn_networks = [] %}
{%- for netname, network in salt['pillar.get']('ovpn', {}).items () if grains['id'] in network %}
  {%- do ovpn_networks.append (netname) %}
{%- endfor %}
{%- for netname in ovpn_networks|sort %}
  {%- set network = salt['pillar.get']('ovpn:' ~ netname) %}
  {%- set network_config = network.get ('config') %}
  {%- set host_stanza = network.get (grains['id']) %}
  {%- set host_config = host_stanza.get ('config', {}) %}
  {%- set interface = host_config.get ('interface', network_config.get ('interface')) %}
  {%- if loop.first %}
# OpenVPN tunnels
  {%- endif %}
interface	{{ interface }}	6	 100000000	# 100 Mb/s
{%- endfor %}

{%- set vm_ifaces = [] %}
{%- for vm_fqdn, vm_cfg in node_config.get ('vms', {}).items ()|sort %}
  {%- set vm_name = vm_fqdn.split ('.')[0].split ('-')[0] %}
  {%- for vm_iface, iface_cfg in vm_cfg['ifaces'].items ()|sort %}
    {%- if iface_cfg.get ('untagged_vlan') %}
      {%- set host_iface = "%s_v%s" % (vm_name, iface_cfg.get ('untagged_vlan')) %}
    {%- else %}
      {%- set host_iface = "%s_%s" % (vm_name, vm_iface.replace ('vlan', 'v')) %}
    {%- endif %}
    {%- do vm_ifaces.append (host_iface) %}
  {%- endfor %}
{%- endfor %}
{%- for iface in vm_ifaces|sort %}
  {%- if loop.first %}
# VM interfaces
  {%- endif %}
interface	{{ iface }}	6	1000000000	#   1 Gb/s
{%- endfor %}