ok no macro lol

netconf/util-test.rkt

@@ -1,6 +1,7 @@
 #lang racket
 
 (require rackunit "util.rkt")
+(require net/ip)
 
 (check-equal? (expand-command-tree '()) '(()))
 (check-equal? (expand-command-tree '(a b)) '((a b)))
@@ -40,4 +41,26 @@
 (check-equal? (command->string '(set policy route-map dn42-roa rule 10 action permit))
               "set policy route-map dn42-roa rule 10 action permit")
 (check-equal? (command->string '(set interfaces ethernet eth0 hw-id "ab:cd:ef:gh:ij:kl"))
-              "set interfaces ethernet eth0 hw-id 'ab:cd:ef:gh:ij:kl'")
+              "set interfaces ethernet eth0 hw-id 'ab:cd:ef:gh:ij:kl'")
+
+(check-equal?
+ (wireguard/tunnel:render-vyos
+  (wireguard/tunnel
+   #:ifname 'wg42
+   #:description "peering with some guy"
+   #:our-address "192.168.1.1/24"
+   #:our-private-key "test key"
+   #:peers (list (wireguard/peer
+                  #:name 'thepeer
+                  #:public-key "foobar"
+                  #:endpoint (cons "10.0.0.1" 1000)))
+   #:our-endpoint-port 10))
+ '((delete interfaces wireguard wg42)
+   (set interfaces wireguard wg42
+        [(address "192.168.1.1/24")
+         (description "peering with some guy")
+         (peer thepeer [(public-key (wireguard/peer-public-key r))
+                        (allowed-ips "::/0")
+                        (allowed-ips "0.0.0.0/0")
+                        (address "10.0.0.1")
+                        (port 1000)])])))

netconf/util.rkt

@@ -5,6 +5,7 @@
 (require net/ip)
 (require rebellion/type/record)
 (require racket/symbol)
+(require (for-syntax racket/syntax))
 
 
 (provide
@@ -31,7 +32,10 @@
    (set policy route-map dn42-roa rule 20 action permit)
    (set policy route-map dn42-roa rule 20 match rpki notfound)
    (set policy route-map dn42-roa rule 30 action deny)
-   (set policy route-map dn42-roa rule 30 match rpki invalid))]}))
+   (set policy route-map dn42-roa rule 30 match rpki invalid))]})
+ wireguard/tunnel:render-vyos
+ wireguard/tunnel
+ wireguard/peer)
 
 (define (command->string c)
   (string-join (map (match-lambda
@@ -57,41 +61,47 @@
 
 (struct dual-stack (v4 v6))
 
-(define-syntax (network-struct stx)
-  (syntax-case stx ()
-    [(_ name fields)
-     (syntax-case (datum->syntax #'name
-                                 (string->symbol (format "~a-raw" (syntax->datum #'name)))) ()
-       [raw-constructor-name #'(struct name fields #:transparent #:constructor-name raw-constructor-name)])]))
-
 (define-record-type wireguard/tunnel
   (ifname
    our-address
    our-private-key
    description
    peers
    our-endpoint-port))
+(define-record-setter wireguard/tunnel)
+
+(define (wireguard/tunnel:render-vyos r)
+  `((delete interfaces wireguard ,(wireguard/tunnel-ifname r))
+    (set interfaces wireguard ,(wireguard/tunnel-ifname r)
+         [(address ,(wireguard/tunnel-our-address r))
+          (description ,(wireguard/tunnel-description r))
+          ,@(map wireguard/peer:render-vyos (wireguard/tunnel-peers r))])))
 
 (define-record-type wireguard/peer
   (name
    public-key
    endpoint))
+(define-record-setter wireguard/peer)
+(define (wireguard/peer:render-vyos r)
+  `(peer ,(wireguard/peer-name r) [(public-key (wireguard/peer-public-key r))
+                                   (allowed-ips "::/0")
+                                   (allowed-ips "0.0.0.0/0")
+                                   ,@(match (wireguard/peer-endpoint r)
+                                       [(cons address port) `((address ,address) (port ,port))]
+                                       ['() `()]
+                                       [_ (error "expected endpoint to be either nil or (cons address port)")])]))
 
 (define-record-type bgp/link-local-peer
   (link-ifname
    description
    peer-address
    peer-asn
    peer-group))
-
-(network-struct firewall/rule
-                (description
-                 cmds
-                 src
-                 dst))
-
-#;(define (firewall/rule-fmap f))
-
-;(define orig (firewall/rule-id #:description "test rule" #:cmds '(a) #:src 'a #:dst 'a))
-
-;(struct-copy firewall/rule orig [src 'b])
+(define-record-setter bgp/link-local-peer)
+
+(define-record-type firewall/rule
+  (description
+   cmds
+   src
+   dst))
+(define-record-setter firewall/rule)