diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-07-29 11:07:19 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-07-29 11:07:19 +0200 |
commit | bda1a6b603a3944223707a6d090622b574ea7505 (patch) | |
tree | e223290d0c3e4f91862f429e65f083d3ecb3b1cd /modules/yggdrasil-wg | |
parent | ece84e99219c1d57dcee7ee93045edc81cd0cbc7 (diff) | |
download | nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar.gz nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar.bz2 nixos-bda1a6b603a3944223707a6d090622b574ea7505.tar.xz nixos-bda1a6b603a3944223707a6d090622b574ea7505.zip |
bump & vpn
Diffstat (limited to 'modules/yggdrasil-wg')
-rw-r--r-- | modules/yggdrasil-wg/default.nix | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index 55fb1e9d..1e52ba06 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
@@ -202,7 +202,7 @@ in { | |||
202 | Name = "yggdrasil"; | 202 | Name = "yggdrasil"; |
203 | }; | 203 | }; |
204 | address = batHostIPs.${hostName}; | 204 | address = batHostIPs.${hostName}; |
205 | dns = ["[2a03:4000:52:ada:1:1::]"]; | 205 | dns = ["2a03:4000:52:ada:1:1::"]; |
206 | domains = ["yggdrasil"]; | 206 | domains = ["yggdrasil"]; |
207 | routes = [ | 207 | routes = [ |
208 | { routeConfig = { | 208 | { routeConfig = { |
@@ -222,7 +222,7 @@ in { | |||
222 | Table = "yggdrasil"; | 222 | Table = "yggdrasil"; |
223 | }; | 223 | }; |
224 | } | 224 | } |
225 | ] ++ (concatMap (router: map (rAddr: { routeConfig = { Destination = "::/0"; Gateway = stripSubnet rAddr; GatewayOnLink = true; Table = "yggdrasil"; }; }) batHostIPs.${router}) routers); | 225 | ] ++ (concatMap (router: map (rAddr: { routeConfig = { Destination = "::/0"; Gateway = stripSubnet rAddr; GatewayOnLink = true; Table = "yggdrasil"; }; }) batHostIPs.${router}) (filter (router: router != hostName) routers)); |
226 | routingPolicyRules = map (addr: { routingPolicyRuleConfig = { Table = "yggdrasil"; From = stripSubnet addr; Priority = 1; }; }) batHostIPs.${hostName}; | 226 | routingPolicyRules = map (addr: { routingPolicyRuleConfig = { Table = "yggdrasil"; From = stripSubnet addr; Priority = 1; }; }) batHostIPs.${hostName}; |
227 | linkConfig = { | 227 | linkConfig = { |
228 | MACAddress = "${batHostMACs.${hostName}}"; | 228 | MACAddress = "${batHostMACs.${hostName}}"; |
@@ -236,13 +236,8 @@ in { | |||
236 | }; | 236 | }; |
237 | }; | 237 | }; |
238 | } // listToAttrs (map familyToYggdrasilNetwork hostFamilies) // listToAttrs (concatMap (family: imap0 (linkToGreNetwork family) hostLinks.${family}) hostFamilies); | 238 | } // listToAttrs (map familyToYggdrasilNetwork hostFamilies) // listToAttrs (concatMap (family: imap0 (linkToGreNetwork family) hostLinks.${family}) hostFamilies); |
239 | }; | ||
240 | 239 | ||
241 | environment.etc."systemd/networkd.conf" = mkIf inNetwork { | 240 | config.routeTables.yggdrasil = 1024; |
242 | text = '' | ||
243 | [Network] | ||
244 | RouteTable=yggdrasil:1024 | ||
245 | ''; | ||
246 | }; | 241 | }; |
247 | 242 | ||
248 | sops.secrets = listToAttrs (map familyToSopsSecret hostFamilies); | 243 | sops.secrets = listToAttrs (map familyToSopsSecret hostFamilies); |