diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-23 15:35:21 +0200 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2021-10-23 15:35:21 +0200 |
| commit | 8690c489ff0a3469a001132803bd5f3ea6da68e3 (patch) | |
| tree | 70e49f8f50e171a9394b61556309ec8a67099a76 /modules/yggdrasil-wg | |
| parent | 1499b2ce8e4fce2f5de90954a68f0bd6934e9a41 (diff) | |
| download | nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar.gz nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar.bz2 nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.tar.xz nixos-8690c489ff0a3469a001132803bd5f3ea6da68e3.zip | |
yggdrasil-wg: ...
Diffstat (limited to 'modules/yggdrasil-wg')
| -rw-r--r-- | modules/yggdrasil-wg/default.nix | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index 316371ea..48672fcb 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix | |||
| @@ -37,9 +37,14 @@ let | |||
| 37 | sif = "${wgSubnet}:2::/${toString wgHostLength}"; | 37 | sif = "${wgSubnet}:2::/${toString wgHostLength}"; |
| 38 | }; | 38 | }; |
| 39 | greHostMACPrefixes = { | 39 | greHostMACPrefixes = { |
| 40 | surtr = "02:00:00:00:00"; | 40 | surtr = "02:00:01:00:00"; |
| 41 | vidhar = "02:00:00:00:01"; | 41 | vidhar = "02:00:01:00:01"; |
| 42 | sif = "02:00:00:00:02"; | 42 | sif = "02:00:01:00:02"; |
| 43 | }; | ||
| 44 | batHostMACs = { | ||
| 45 | surtr = "02:00:00:00:00:00"; | ||
| 46 | vidhar = "02:00:00:01:00:00"; | ||
| 47 | sif = "02:00:00:02:00:00"; | ||
| 43 | }; | 48 | }; |
| 44 | batHostIPs = { | 49 | batHostIPs = { |
| 45 | surtr = ["${batSubnet}::/${toString batHostLength}"]; | 50 | surtr = ["${batSubnet}::/${toString batHostLength}"]; |
| @@ -70,12 +75,10 @@ let | |||
| 70 | netdevConfig = { | 75 | netdevConfig = { |
| 71 | Name = "yggre-${other}"; | 76 | Name = "yggre-${other}"; |
| 72 | Kind = "ip6gretap"; | 77 | Kind = "ip6gretap"; |
| 73 | MTUBytes = toString (1280 + 58); | ||
| 74 | }; | 78 | }; |
| 75 | tunnelConfig = { | 79 | tunnelConfig = { |
| 76 | Local = stripSubnet wgHostIPs.${hostName}; | 80 | Local = stripSubnet wgHostIPs.${hostName}; |
| 77 | Remote = stripSubnet wgHostIPs.${other}; | 81 | Remote = stripSubnet wgHostIPs.${other}; |
| 78 | DiscoverPathMTU = false; | ||
| 79 | }; | 82 | }; |
| 80 | }; | 83 | }; |
| 81 | linkToGreNetwork = ix: opts@{from, to, ...}: | 84 | linkToGreNetwork = ix: opts@{from, to, ...}: |
| @@ -123,7 +126,6 @@ in { | |||
| 123 | netdevConfig = { | 126 | netdevConfig = { |
| 124 | Name = "yggdrasil-wg"; | 127 | Name = "yggdrasil-wg"; |
| 125 | Kind = "wireguard"; | 128 | Kind = "wireguard"; |
| 126 | MTUBytes = toString (1280 + 58 + 70); | ||
| 127 | }; | 129 | }; |
| 128 | wireguardConfig = { | 130 | wireguardConfig = { |
| 129 | PrivateKeyFile = config.sops.secrets."yggdrasil-wg.priv".path; | 131 | PrivateKeyFile = config.sops.secrets."yggdrasil-wg.priv".path; |
| @@ -135,7 +137,9 @@ in { | |||
| 135 | netdevConfig = { | 137 | netdevConfig = { |
| 136 | Name = "yggdrasil"; | 138 | Name = "yggdrasil"; |
| 137 | Kind = "batadv"; | 139 | Kind = "batadv"; |
| 138 | MTUBytes = toString 1280; | 140 | }; |
| 141 | linkConfig = { | ||
| 142 | MACAddress = "${batHostMACs.${hostName}}"; | ||
| 139 | }; | 143 | }; |
| 140 | }; | 144 | }; |
| 141 | } // listToAttrs (map linkToGreDev hostLinks); | 145 | } // listToAttrs (map linkToGreDev hostLinks); |