From edbdae6b8381a868a746d6394a82ce4e4622eb7b Mon Sep 17 00:00:00 2001
From: cronekorkn <git@ckn.li>
Date: Tue, 6 Jun 2023 17:21:12 +0200
Subject: [PATCH] iperf3 servers

---
 bundles/iperf3/items.py    | 13 +++++++
 bundles/iperf3/metadata.py | 77 ++++++++++++++++++++++++++++++++++++++
 groups/os/debian.py        |  1 +
 3 files changed, 91 insertions(+)
 create mode 100644 bundles/iperf3/items.py
 create mode 100644 bundles/iperf3/metadata.py

diff --git a/bundles/iperf3/items.py b/bundles/iperf3/items.py
new file mode 100644
index 0000000..a7b7242
--- /dev/null
+++ b/bundles/iperf3/items.py
@@ -0,0 +1,13 @@
+# directories = {
+#     '/etc/iperf3': {
+#         'purge': True,
+#     }
+# }
+
+# files = {
+#     '/etc/iperf3/authorized_users': {
+#         'content': '\n'.join(
+#             node.metadata.get('iperf3/authorized_users')
+#         )
+#     },
+# }
diff --git a/bundles/iperf3/metadata.py b/bundles/iperf3/metadata.py
new file mode 100644
index 0000000..59085e2
--- /dev/null
+++ b/bundles/iperf3/metadata.py
@@ -0,0 +1,77 @@
+from hashlib import sha256
+
+
+defaults = {
+    'apt': {
+        'packages': {
+            'iperf3': {},
+            'iperf': {
+                'installed': False,
+            },
+        }
+    },
+    # 'iperf3': {
+    #     'username': node.name,
+    #     'password': repo.vault.password_for(f'{node.name} iperf3').value,
+    #     'authorized_users': {},
+    # },
+    'nftables': {
+        'input': {
+            'tcp dport 5202 ip saddr { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 } accept',
+            'udp dport 5202 ip saddr { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 } accept',
+        },
+    },
+    'systemd': {
+        'units': {
+            'iperf3.service': {
+                'Unit': {
+                    'Description': 'iperf3 server',
+                    'After': {
+                        'syslog.target',
+                        'network.target',
+                    },
+                },
+                'Service': {
+                    # 'ExecStart': '/usr/bin/iperf3 --server --port 5202 --authorized-users-path /etc/iperf3/authorized_users',
+                    'ExecStart': '/usr/bin/iperf3 --server --port 5202',
+                },
+                'Install': {
+                    'WantedBy': {
+                        'multi-user.target',
+                    },
+                },
+            },
+        },
+        'services': {
+            'iperf3.service': {},
+        },
+    },
+}
+
+
+# @metadata_reactor.provides(
+#     'iperf3/hash',
+# )
+# def hash(metadata):
+#     username, password = metadata.get('iperf3/username'), metadata.get('iperf3/password')
+
+#     return {
+#         'iperf3': {
+#             'hash': sha256(f'{{{username}}}{password}'.encode()).hexdigest(),
+#         },
+#     }
+
+
+# @metadata_reactor.provides(
+#     'iperf3/authorized_users',
+# )
+# def iperf3(metadata):
+#     return {
+#         'iperf3': {
+#             'authorized_users': set(
+#                 f"{other_node.metadata.get('iperf3/username')},{other_node.metadata.get('iperf3/hash')}"
+#                     for other_node in repo.nodes
+#                     if other_node.has_bundle('iperf3')
+#             ),
+#         },
+#     }
diff --git a/groups/os/debian.py b/groups/os/debian.py
index 0c2d28f..e51c083 100644
--- a/groups/os/debian.py
+++ b/groups/os/debian.py
@@ -6,6 +6,7 @@
         'apt',
         'nftables',
         'pip',
+        'iperf3',
     ],
     'metadata': {
         'apt': {