summaryrefslogtreecommitdiff
path: root/modules/yggdrasil-wg
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-10-23 15:35:21 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2021-10-23 15:35:21 +0200
commit8690c489ff0a3469a001132803bd5f3ea6da68e3 (patch)
tree70e49f8f50e171a9394b61556309ec8a67099a76 /modules/yggdrasil-wg
parent1499b2ce8e4fce2f5de90954a68f0bd6934e9a41 (diff)
downloadnixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar
nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar.gz
nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar.bz2
nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar.xz
nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.zip
yggdrasil-wg: ...
Diffstat (limited to 'modules/yggdrasil-wg')
-rw-r--r--modules/yggdrasil-wg/default.nix18
1 files changed, 11 insertions, 7 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix
index 316371ea..48672fcb 100644
--- a/modules/yggdrasil-wg/default.nix
+++ b/modules/yggdrasil-wg/default.nix
@@ -37,9 +37,14 @@ let
37 sif = "${wgSubnet}:2::/${toString wgHostLength}"; 37 sif = "${wgSubnet}:2::/${toString wgHostLength}";
38 }; 38 };
39 greHostMACPrefixes = { 39 greHostMACPrefixes = {
40 surtr = "02:00:00:00:00"; 40 surtr = "02:00:01:00:00";
41 vidhar = "02:00:00:00:01"; 41 vidhar = "02:00:01:00:01";
42 sif = "02:00:00:00:02"; 42 sif = "02:00:01:00:02";
43 };
44 batHostMACs = {
45 surtr = "02:00:00:00:00:00";
46 vidhar = "02:00:00:01:00:00";
47 sif = "02:00:00:02:00:00";
43 }; 48 };
44 batHostIPs = { 49 batHostIPs = {
45 surtr = ["${batSubnet}::/${toString batHostLength}"]; 50 surtr = ["${batSubnet}::/${toString batHostLength}"];
@@ -70,12 +75,10 @@ let
70 netdevConfig = { 75 netdevConfig = {
71 Name = "yggre-${other}"; 76 Name = "yggre-${other}";
72 Kind = "ip6gretap"; 77 Kind = "ip6gretap";
73 MTUBytes = toString (1280 + 58);
74 }; 78 };
75 tunnelConfig = { 79 tunnelConfig = {
76 Local = stripSubnet wgHostIPs.${hostName}; 80 Local = stripSubnet wgHostIPs.${hostName};
77 Remote = stripSubnet wgHostIPs.${other}; 81 Remote = stripSubnet wgHostIPs.${other};
78 DiscoverPathMTU = false;
79 }; 82 };
80 }; 83 };
81 linkToGreNetwork = ix: opts@{from, to, ...}: 84 linkToGreNetwork = ix: opts@{from, to, ...}:
@@ -123,7 +126,6 @@ in {
123 netdevConfig = { 126 netdevConfig = {
124 Name = "yggdrasil-wg"; 127 Name = "yggdrasil-wg";
125 Kind = "wireguard"; 128 Kind = "wireguard";
126 MTUBytes = toString (1280 + 58 + 70);
127 }; 129 };
128 wireguardConfig = { 130 wireguardConfig = {
129 PrivateKeyFile = config.sops.secrets."yggdrasil-wg.priv".path; 131 PrivateKeyFile = config.sops.secrets."yggdrasil-wg.priv".path;
@@ -135,7 +137,9 @@ in {
135 netdevConfig = { 137 netdevConfig = {
136 Name = "yggdrasil"; 138 Name = "yggdrasil";
137 Kind = "batadv"; 139 Kind = "batadv";
138 MTUBytes = toString 1280; 140 };
141 linkConfig = {
142 MACAddress = "${batHostMACs.${hostName}}";
139 }; 143 };
140 }; 144 };
141 } // listToAttrs (map linkToGreDev hostLinks); 145 } // listToAttrs (map linkToGreDev hostLinks);