tking/kedge
SHA256
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kedge/yang/site-config/homelab.xml
Tyler King 6058e62348 Initial commit: Kedge network automation platform 
Go-based network automation with YANG models, gRPC, Ansible,
Terraform, and Kubernetes integration.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-26 12:09:30 -05:00

101 lines
2.6 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<config xmlns="urn:sovereign:sdwan">
<site>
<site-id>homelab</site-id>
<sovereignty-domain>guildhouse.local</sovereignty-domain>
<oob-mesh>
<wireguard-pubkey>PLACEHOLDER_HOMELAB_PUBKEY</wireguard-pubkey>
<cloud-anchors>
<anchor-id>cloud-anchor-1</anchor-id>
<endpoint>anchor.guildhouse.example.com:51820</endpoint>
<priority>10</priority>
</cloud-anchors>
</oob-mesh>
</site>
<zone-policy>
<zone>
<name>transit</name>
<subnet>172.16.0.0/24</subnet>
<vlan-id>100</vlan-id>
<owner-device>fortigate.transit.local</owner-device>
<policy>
<dst-zone>tyler-lab</dst-zone>
<action>allow-stateful</action>
</policy>
<policy>
<dst-zone>dmz</dst-zone>
<action>allow-restricted</action>
<services>https</services>
<services>dns</services>
</policy>
</zone>
<zone>
<name>tyler-lab</name>
<subnet>10.0.1.0/24</subnet>
<vlan-id>10</vlan-id>
<owner-device>fortigate.transit.local</owner-device>
<policy>
<dst-zone>transit</dst-zone>
<action>allow-stateful</action>
</policy>
<policy>
<dst-zone>shared</dst-zone>
<action>allow-restricted</action>
<services>https</services>
<services>ssh</services>
</policy>
</zone>
<zone>
<name>roommate</name>
<subnet>192.168.1.0/24</subnet>
<vlan-id>20</vlan-id>
<owner-device>udr7.local</owner-device>
<policy>
<dst-zone>shared</dst-zone>
<action>allow-stateful</action>
</policy>
<policy>
<dst-zone>tyler-lab</dst-zone>
<action>deny</action>
</policy>
</zone>
<zone>
<name>shared</name>
<subnet>192.168.30.0/24</subnet>
<vlan-id>30</vlan-id>
<owner-device>udr7.local</owner-device>
</zone>
<zone>
<name>dmz</name>
<subnet>192.168.50.0/24</subnet>
<vlan-id>50</vlan-id>
<owner-device>fortigate.transit.local</owner-device>
<policy>
<dst-zone>transit</dst-zone>
<action>allow-restricted</action>
<services>https</services>
</policy>
</zone>
</zone-policy>
<wan-circuits>
<circuit>
<name>fios-primary</name>
<type>primary</type>
<interface-name>eth0</interface-name>
<sla>
<latency-target-ms>20</latency-target-ms>
<jitter-target-ms>5</jitter-target-ms>
<loss-target-pct>0.10</loss-target-pct>
</sla>
</circuit>
</wan-circuits>
</config>
Reference in a new issue View git blame Copy permalink