Add basic pillar structure and some meaningful exmaples.

Signed-off-by: Maximilian Wilhelm <max@rfc2324.org>

zz_EXAMPLE_PILLAR/ffho.sls

@@ -0,0 +1,10 @@
+#
+# FFHO global pillar
+#
+
+ffho:
+  tech_c_mail: "<where should root mails go?>"
+
+# SNMP
+  snmp:
+    ro_community: "<your secret community here>"

zz_EXAMPLE_PILLAR/nodes/ALL.sls

@@ -0,0 +1,6 @@
+include:
+ - nodes.bbr-kt
+ - nodes.cr03
+ - nodes.gw03
+ - nodes.fe01
+ # [...]

zz_EXAMPLE_PILLAR/nodes/bbr-kt.sls

@@ -0,0 +1,97 @@
+bbr-kt.in.ffho.net:
+  sysLocation: KT
+
+  roles:
+    - batman
+    - router
+    - ffrl-exit
+
+  sites:
+    - legacy
+    - pad-cty
+
+  ifaces:
+    lo:
+      prefixes:
+        - 10.132.255.197/32
+        - 2a03:2260:2342:ffff::197/128
+
+    bond0:
+      bond-slaves: "eth0 eth1"
+      mtu: 1600
+
+    vlan2200:
+      desc: "<-> bbr-voba"
+      vlan-raw-device: bond0
+      prefixes:
+        - <Transfer IP v4>/31
+        - <Transfer IP v6>/126
+      batman_connect_sites: legacy
+
+    vlan2201:
+      desc: "<-> bbr-upb"
+      vlan-raw-device: bond0
+      prefixes:
+        - <Transfer IP v4>/31
+        - <Transfer IP v6>/126
+      batman_connect_sites: legacy
+
+    vlan2205:
+      desc: "<-> bbr-dl0ps"
+      vlan-raw-device: bond0
+      prefixes:
+        - <Transfer IP v4>/31
+        - <Transfer IP v6>/126
+
+    vlan3007:
+      desc: "Mgmt KT"
+      vlan-raw-device: bond0
+      prefixes:
+        - <Mgmt network prefix>/24
+      mtu: 1500
+
+    vlan4006:
+      desc: "T-DSL"
+      vlan-raw-device: bond0
+      vrf: vrf_external
+      mtu: 1500
+
+
+#    # DUS
+#    gre_ffrl_dus_a:
+#      type: GRE_FFRL
+#      endpoint: 185.66.193.0
+#      local: <$DSL IP>
+#      tunnel-physdev: ppp0
+#      prefixes:
+#        - <Transfer Prefix v4>/31
+#        - <Transfer Prefix v6>/126
+#
+#    gre_ffrl_dus_b:
+#      [...]
+#
+#    # FRA
+#    gre_ffrl_fra_a:
+#
+#    gre_ffrl_fra_b:
+#
+#    # BER
+#    gre_ffrl_ber_a:
+#
+#    gre_ffrl_ber_b:
+
+    # NAT IP
+    nat:
+      link-type: dummy
+      prefixes:
+        - 185.66.x.y/32
+
+  alfred:
+    location_lat: '51.726572935605475'
+    location_lon: '8.798632621765135'
+
+{% if grains['id'] == 'bbr-kt.in.ffho.net' %}
+  pppoe:
+    user: "<081547112342>#0001@$ISP.de"
+    pass: "<1234567890>"
+{% endif %}

zz_EXAMPLE_PILLAR/nodes/cr03.sls

@@ -0,0 +1,57 @@
+cr03.in.ffho.net:
+  sysLocation: BER
+
+  roles:
+    - router
+    - routereflector
+    - ffrl-exit
+
+  ifaces:
+    lo:
+      prefixes:
+        - 10.132.255.3/32
+        - 2a03:2260:2342:ffff::3/128
+
+    eth0:
+      prefixes:
+        - 185.46.137.162/25
+        - 2a00:13c8:1000:2::162/64
+      gateway:
+        - 185.46.137.129
+        - 2a00:13c8:1000:2::1
+      vrf: vrf_external
+
+    vlan1015:
+      desc: "L2-BER"
+      prefixes:
+        - <POP L2-Subnet-IP v4>/28
+        - <POP L2-Subnet-IP v6>/64
+
+    # DUS
+    gre_ffrl_dus_a:
+      type: GRE_FFRL
+      endpoint: 185.66.193.0
+      tunnel-physdev: eth0
+      prefixes:
+        - <local tunnel IP v4>/31
+        - <local tunnel IP v6>/64
+
+#    gre_ffrl_dus_b:
+#      [...]
+#
+#    # FRA
+#    gre_ffrl_fra_a:
+#
+#    gre_ffrl_fra_b:
+#
+#    # BER
+#    gre_ffrl_ber_a:
+#
+#    gre_ffrl_ber_b:
+#
+
+    # NAT IP
+    nat:
+      link-type: dummy
+      prefixes:
+        - 185.66.x.y/32

zz_EXAMPLE_PILLAR/nodes/fe01.sls

@@ -0,0 +1,46 @@
+fe01.in.ffho.net:
+  sysLocation: Vega
+
+  roles:
+    - router
+    - frontend
+
+  ifaces:
+    lo:
+      prefixes:
+        - 10.132.255.29/32
+        - 2a03:2260:2342:ffff::29/128
+
+    vlan1013:
+      desc: "L2-Vega"
+      prefixes:
+        - <POP L2-Subnet prefix v4>/28
+        - <POP L2-Subnet prefix v6>/64
+
+    eth0:
+      desc: "Ext. Vega"
+      prefixes:
+        - 80.70.181.61/32
+        - 2a02:450:1:6::10/64
+      pointopoint: 80.70.181.56
+      gateway:
+        - 80.70.181.56
+        - 2a02:450:1:6::1
+      vrf: vrf_external
+
+    veth_int2ext:
+      prefixes:
+        - <vEth transfer prefix v4>/31
+        - <vEth transfer prefix v6>/126
+
+    veth_ext2int:
+      prefixes:
+        - <vEth transfer prefix v4>/31
+        - <vEth transfer prefix v6>/126
+      vrf: vrf_external
+
+
+  nginx:
+    websites:
+      - ff-frontend.conf
+      - node.ffho.net

zz_EXAMPLE_PILLAR/nodes/gw03.sls

@@ -0,0 +1,82 @@
+gw03.in.ffho.net:
+  id: 11
+
+  sysLocation: BER
+
+  roles:
+    - router
+    - batman
+    - batman_gw
+    - batman_ext
+    - fastd
+
+  sites:
+    - legacy
+    - pad-cty
+    - hx-nord
+
+  ifaces:
+    lo:
+      prefixes:
+        - 10.132.255.11/32
+        - 2a03:2260:2342:ffff::11/128
+
+    eth0:
+      desc: SysEleven
+      _udev_mac: 52:54:1f:03:01:63
+      #
+      prefixes:
+        - 185.46.137.163/25
+        - 2a00:13c8:1000:2::163/64
+      gateway:
+        - 185.46.137.129
+        - 2a00:13c8:1000:2::1
+      vrf: vrf_external
+
+    vlan1015:
+      desc: L2-BER
+      _udev_mac: 52:54:1f:03:10:15
+      prefixes:
+        - <POP L2-Subnet prefix v4>/28
+        - <POP L2-Subnet prefix v6>/64
+
+    he-ipv6:
+      method: tunnel
+      desc: HE IPv6 Transit
+      mode: sit
+      ttl: 255
+      local: 185.46.137.163
+      endpoint: <HE endpoint>
+      tunnel-physdev: vrf_external
+      prefixes:
+        - <v6 transfer network>/64
+
+    br-legacy:
+      desc: "Site Legacy"
+      bridge-ports: bat-legacy
+      prefixes:
+        - 2001:470:6d:860:8::3/64
+
+    br-pad-cty:
+      desc: "Site Paderborn City"
+      bridge-ports: bat-pad-cty
+      prefixes:
+        - 10.132.32.3/20
+        - 2a03:2260:2342:100::3/64
+
+    br-hx-nord:
+      desc: "Site Hoexter Nord"
+      bridge-ports: bat-hx-nord
+      prefixes:
+        - 10.132.96.3/21
+        - 2a03:2260:2342:800::3/64
+
+
+  fastd:
+    nodes_pubkey: <public key here>
+    intergw_pubkey: <public key here>
+
+{% if grains['id'] == 'gw03.in.ffho.net' %}
+    nodes_privkey: <private key here>
+    intergw_privkey: <private key here>
+{% endif %}

zz_EXAMPLE_PILLAR/nodes/init.sls

@@ -0,0 +1,3 @@
+include:
+  - nodes.ALL:
+     key: nodes

zz_EXAMPLE_PILLAR/nodes/lnx02-pad.sls

@@ -0,0 +1,81 @@
+lnx02.pad.in.ffho.net:
+  sysLocation: Vega
+
+  roles:
+    - router
+    - kvm
+
+  ifaces:
+    lo:
+      prefixes:
+        - 10.132.255.12/32
+        - 2a03:2260:2342:ffff::12/128
+
+    bond0:
+      bond-slaves: "eth1"
+      bridge-vids: "100 101 200 201 1013 2000 2004 2006 3002 4002"
+
+    br0:
+      bridge-ports: bond0
+      bridge-vlan-aware: yes
+      bridge-ports-condone-regex: "^[a-zA-Z0-9]+_(eth[0-9]+|v[0-9]{1,4})$"
+      bridge-vids: "100 101 200 201 1013 2000 2004 2006 3002 4002"
+
+    br0.1013:
+      desc: "L2-Vega"
+      prefixes:
+        - <POP L2-Subnet prefix v4>/28
+        - <POP L2-Subnet prefix v6>/64
+      ospf:
+        mode: active
+
+    br0.4002:
+      vlan-raw-device: br0
+      prefixes:
+        - 80.70.180.52/29
+        - 2a02:450:0:6::52/64
+      gateway:
+        - 80.70.180.49
+        - 2a02:450:0:6::1
+      vrf: vrf_external
+
+    veth_int2ext:
+      prefixes:
+        - <vEth transfer prefix v4>/31
+        - <vEth transfer prefix v6>/126
+
+    veth_ext2int:
+      prefixes:
+        - <vEth transfer prefix v4>/31
+        - <vEth transfer prefix v6>/126
+      vrf: vrf_external
+
+    br-vm:
+      bridge-ports: none
+      bridge-ports-condone-regex: "^[a-zA-Z0-9]+_(v[0-9]{1,4}|)eth[0-9])$"
+      prefixes:
+        - <VM Gateway prefixes>
+      vrf: vrf_external
+
+    fe01_eth0:
+      auto: False
+      post-up:
+        - "ip    route add 80.70.181.61/32 dev br-vm table vrf_external"
+        - "ip -6 route add 2a02:450:1:6::10/128 dev br-vm table vrf_external"
+
+    mail_eth0:
+      auto: False
+      post-up:
+        - "ip    route add 80.70.181.59/32 dev br-vm table vrf_external"
+        - "ip -6 route add 2a02:450:1::10/128 dev br-vm table vrf_external"
+
+    cr02_eth0:
+      desc: "cr02 external"
+      auto: False
+      post-up:
+        - "ip    route add 80.70.181.62/32 dev br-vm table vrf_external"
+        - "ip -6 route add 2a02:450:1:5::10/128 dev br-vm table vrf_external"
+
+    cr02_eth1:
+      desc: "cr02 internal trunk"
+      bridge-vids: "1013 2000 2004 2006 3002"

zz_EXAMPLE_PILLAR/sites.sls

@@ -0,0 +1,24 @@
+sites:
+  # Legacy
+  legacy:
+    site_no: 0
+    name: paderborn.freifunk.net
+    prefix_v4: 10.132.0.0/19
+    prefix_v6: fdca:ffee:ff12:132::/64
+
+
+  # Paderborn City
+  pad-cty:
+    site_no: 1
+    name: Paderborn City
+    prefix_v4: 10.132.32.0/20
+    prefix_v6: 2a03:2260:2342:100::/64
+
+  # Paderborn Umland
+  pad-uml:
+    site_no: 2
+    name: Paderborn Umland
+    prefix_v4: 10.132.48.0/21
+    prefix_v6: 2a03:2260:2342:200::/64
+
+  # [...]

zz_EXAMPLE_PILLAR/te.sls

@@ -0,0 +1,55 @@
+te:
+
+# Which communities should be evaluated at which nodes for which routing
+# decisions?
+  community_map:
+
+#  EXAMPLE
+#
+#  node01.in.ffho.net:
+#    <logical entity, e.g. "ffrl">:
+#      - COMMUNITY_ONE
+#
+#  Up to now the only predefined entity is "ffrl" which controls which
+#  routes tagged with "EXPORT_RESTRICT" will be exported to AS20101 at
+#  the given node.
+    
+    cr03.in.ffho.net:
+      ffrl:
+        - EXPORT_ONLY_AT_CR03
+
+
+# Tag prefixes with communities at given nodes
+  prefixes:
+
+#  EXAMPLE
+#
+#   <prefix/mask>:
+#     desc: "my magic prefix"
+#     communities:
+#       - COMMUNITY_ONE
+#       - "(12345, 4711)"
+#     nodes:
+#       - node01.in.ffho.net
+
+    2a03:2260:2342::/52:
+      desc: "Mesh Prefixes"
+      communities:
+        - EXPORT_RESTRICT
+        - EXPORT_ONLY_AT_CR03
+      nodes:
+        - cr03.in.ffho.net
+
+    10.132.32.0/23:
+      desc: "Gw03 Pad-Cty prefix"
+      communities:
+        - GATEWAY_TE_ROUTE
+      nodes:
+        - gw03.in.ffho.net
+
+    10.132.96.0/23:
+      desc: "Gw03 PB-Nord prefix"
+      communities:
+        - GATEWAY_TE_ROUTE
+      nodes:
+        - gw03.in.ffho.net

zz_EXAMPLE_PILLAR/top.sls

@@ -0,0 +1,8 @@
+base:
+  '*':
+    - nodes
+    - sites
+    - ffho
+#    - cert
+#    - ovpn
+    - te