dhtech
diff --git a/‎README.md
+80 b/‎README.md
+80
diff --git a/‎config-sample.py
+114 b/‎config-sample.py
+114
diff --git a/‎configure
+58 b/‎configure
+58
diff --git a/‎dhcp-hook.py
+15 b/‎dhcp-hook.py
+15
@@ -0,0 +1,80 @@
+# swboot
+
+On-demand switch configuration system.
+
+License is GPLv3 if nothing else is stated.
+
+## Dependencies
+    sudo apt-get install redis-server python-redis libsnmp-python python-tempita python-ipcalc isc-dhcp-server snmp
+
+## Config
+    sudo /sbin/ifconfig eth1 inet 192.168.8.10 netmask 255.255.255.0
+
+## Install
+    cp config-sample.py config.py
+
+## dhcpd.conf
+    include "/srv/swboot/dhcpd.conf";
+
+## Start swtftpd
+    sudo python swtftpd.py
+
+## Test generation of configuration
+    python generate.py D20-A WS-C2950T-24
+
+## Boot procedure
+
+The Cisco switches will try to get DHCP and boot via TFTP if no config exists (wr erase).
+If you want to have a config stored on the switch it must include "boot host dhcp".
+
+## Default switch conf
+
+For event configs, see SVN allevents/access/default-paste/
+
+In general, something like this will work:
+
+  en
+  conf t
+  boot host dhcp
+  interface vlan 1
+  no ip address
+  no shut
+  !
+  snmp-server community public RO
+  snmp-server community private RW
+  snmp-server system-shutdown
+  !
+  wr
+  !
+
+
+## Dist switch
+
+  en
+  conf t
+  ip routing
+  !
+  ip dhcp snooping vlan 1
+  ! Perhaps needed:
+  ! ip dhcp snooping information option allow-untrusted
+  ip dhcp snooping
+  !         
+  !         
+  interface GigabitEthernet1/0/5
+   description DHCP-server
+   switchport access vlan 123
+   switchport mode access
+   spanning-tree portfast
+   ip dhcp snooping trust
+  !         
+  interface GigabitEthernet1/0/20
+   spanning-tree portfast
+   ip dhcp snooping vlan 1 information option format-type circuit-id string B01-B
+  !
+  interface Vlan1
+   ip address 10.80.10.1 255.255.255.0
+   ip helper-address 10.255.253.2
+  !
+  interface Vlan123
+   ip address 10.255.253.5 255.255.255.0
+  !
@@ -0,0 +1,114 @@
+import config
+import ipcalc
+import sqlite3
+import sys
+import tempita
+from tempita import bunch
+import hashlib
+
+# Note: To add new variables, the generate function will need to 
+# be modified as well
+
+password = ""
+enable = ""
+snmp_ro = ""
+snmp_salt = ""
+radius = ""
+# NOTE(bluecmd): 2950 doesn't support VLAN aware context, which means that
+# WhereAmI and dhmon needs v2. No reason to have v3 in that case.
+#snmp_user = ""
+#snmp_auth = ""
+#snmp_priv = ""
+wifi_vlanid = 851
+
+# Enable this if we cannot set special option82 tags
+franken_net_switches = [ ]
+
+# If you have franken net, you need snmpv3 credentials to dist
+# NOTE: THERE IS NO NEED TO USE THIS IF is_franken_net == False
+snmpv3_username = ''
+snmpv3_auth = ''
+snmpv3_priv = ''
+
+models = {
+  "WS-C2950T-24"      : bunch(template="switchconfig/c2950t.cfg",eth=24),
+  "WS-C2950G-24-EI"   : bunch(template="switchconfig/c2950t.cfg",eth=24),
+  "WS-C2950T-48-SI"   : bunch(template="switchconfig/c2950t.cfg",eth=48),
+  "WS-C2960G-48TC-L"  : bunch(template="switchconfig/c2960g.cfg",eth=48),
+  "WS-C2960X-48TS-L"  : bunch(template="switchconfig/c2960x.cfg",eth=48),
+}
+
+wifi_switches = [ ]
+
+#wifi_switches = [
+#  "B01-A", "B05-A", "B10-A", "B16-A", "B22-C", "B26-C", "B31-C", "B37-C", 
+#  "C04-A", "C08-A", "C12-A", "C17-C", "C21-C", "C25-C", "C29-C",
+#  "D03-A", "D09-B", "D19-B", "D23-A", "D29-A", "D34-C", "D40-C", "D44-C", "D48-C", "D56-C", "D62-C"
+#]
+
+# Files to be served as they are to all devices
+static_files = {
+    "c2950.bin"         : "ios/c2950-i6k2l2q4-mz.121-22.EA14.bin",
+}
+
+# ===============================================================
+# Do not change below this if you do not know what you're doing!
+# ===============================================================
+
+def generate(switch, model_id):
+  model = config.models[model_id]
+
+  mgmt, vlanid = parse_metadata(switch)
+  if mgmt is None:
+    raise Exception("The switch " + switch + " was not found in ipplan")
+
+  cfg = tempita.Template(file(model.template).read())
+  return \
+      cfg.substitute(
+            hostname=switch,
+            model=model,
+            mgmt_ip=mgmt['ip'],
+            mgmt_mask=mgmt['mask'],
+            mgmt_gw=mgmt['gw'],
+            mgmt_vlanid=mgmt['vlanid'],
+            vlanid=vlanid,
+            wifi_switches=config.wifi_switches,
+            wifi_vlanid=config.wifi_vlanid,
+            password=config.password,
+            enable=config.enable,
+            radius=config.radius,
+            snmp_ro=config.snmp_ro,
+            snmp_rw=hashlib.sha1(config.snmp_salt + mgmt['ip']).hexdigest(),
+#           snmp_user=config.snmp_user,
+#           snmp_auth=config.snmp_auth,
+#           snmp_priv=config.snmp_priv
+            )
+
+def parse_metadata(switch):
+  sql = '''SELECT n_mgmt.ipv4_txt, h.ipv4_addr_txt, n_mgmt.ipv4_gateway_txt, 
+n_mgmt.vlan, n.vlan FROM active_switch as s, network as n, host as h, 
+network as n_mgmt WHERE s.switch_name LIKE ? AND n.node_id = s.node_id
+AND h.name = s.switch_name AND n_mgmt.node_id = h.network_id'''
+
+  db = sqlite3.connect('/etc/ipplan.db')
+  cursor = db.cursor()
+
+  network_str, mgmt_ip, gateway, mgmt_vlan, vlan = cursor.execute(
+      sql, ('%s%%' % switch.lower(),)).fetchone()
+
+  network = ipcalc.Network(network_str)
+
+  mgmt = {}
+  mgmt['ip'] = mgmt_ip
+  mgmt['mask'] = str(network.netmask())
+  mgmt['gw'] = str(network.host_first())
+  mgmt['vlanid'] = mgmt_vlan
+
+  return mgmt, vlan
+
+if __name__ == '__main__':
+  if len(sys.argv) == 3 and sys.argv[1] == 'dump-snmp-rw':
+    mgmt, _ = parse_metadata(sys.argv[2])
+    print hashlib.sha1(config.snmp_salt + mgmt['ip']).hexdigest()
+  else:
+    print generate("D23-A", "WS-C2950T-24")
@@ -0,0 +1,58 @@
+#!/bin/bash
+#
+# Tell a switch to fetch configuration from TFTP.
+#
+# Wait until it responds to SNMP and wait until the transfer is complete.
+#
+
+ID=$RANDOM
+IP=$1
+
+CNT=0
+while [ true ];
+do
+  snmpget -Ov -v 2c -c private $IP 1.3.6.1.2.1.1.5.0 &> /dev/null
+  if [ "$?" = "0" ]; then
+    break
+  fi
+
+  CNT=$(($CNT + 1))
+  if [ "$CNT" = 20 ]; then
+    echo "Timeout waiting for SNMP for $IP." \
+      | logger -p error -t configure
+    exit 1
+  fi
+
+  echo "Waiting for SNMP ..."
+  sleep 5
+done
+
+snmpset -v 2c -c private $IP .1.3.6.1.4.1.9.9.96.1.1.1.1.2.$ID i 1
+snmpset -v 2c -c private $IP .1.3.6.1.4.1.9.9.96.1.1.1.1.3.$ID i 1
+snmpset -v 2c -c private $IP .1.3.6.1.4.1.9.9.96.1.1.1.1.4.$ID i 4
+snmpset -v 2c -c private $IP .1.3.6.1.4.1.9.9.96.1.1.1.1.5.$ID a 192.168.20.10
+snmpset -v 2c -c private $IP .1.3.6.1.4.1.9.9.96.1.1.1.1.6.$ID s BASE-confg
+snmpset -v 2c -c private $IP .1.3.6.1.4.1.9.9.96.1.1.1.1.14.$ID i 1
+
+RET=2
+CNT=0
+while [ "$RET" = "2" ];
+do
+  echo "Waiting for switch to apply configuration ..."
+  sleep 10
+  RET=$(snmpget -Ov -v 2c -c private $IP \
+    .1.3.6.1.4.1.9.9.96.1.1.1.1.10.$ID | cut -f 2 -d ' ')
+  CNT=$(($CNT + 1))
+  if [ "$CNT" = 6 ]; then
+    echo "Timeout waiting for switch to apply configuration for $IP." \
+      | logger -p error -t configure
+    exit 1
+  fi
+done
+
+echo "Return: $RET"
+snmpset -v 2c -c private $IP .1.3.6.1.4.1.9.9.96.1.1.1.1.14.$ID i 6
+
+SWITCH=$(redis-cli --raw get $IP)
+echo "Successfully pushed configuration to $SWITCH ($IP)" \
+  | logger -t configure
@@ -0,0 +1,15 @@
+#!/usr/bin/env python
+import os
+import redis
+import sys
+
+db = redis.Redis()
+
+if sys.argv[1] == "commit":
+  ip = sys.argv[2]
+  sw = sys.argv[3]
+  relay = sys.argv[5]
+  db.set(ip, sw)
+  if relay != '0.0.0.0':
+    db.set('relay-%s' % ip, relay)
+  os.system("/srv/swboot/configure " + ip + " &")