summaryrefslogtreecommitdiff
path: root/custom/tinc
diff options
context:
space:
mode:
Diffstat (limited to 'custom/tinc')
-rw-r--r--custom/tinc/yggdrasil.nix119
1 files changed, 81 insertions, 38 deletions
diff --git a/custom/tinc/yggdrasil.nix b/custom/tinc/yggdrasil.nix
index 46d815a3..035b9b10 100644
--- a/custom/tinc/yggdrasil.nix
+++ b/custom/tinc/yggdrasil.nix
@@ -1,42 +1,85 @@
1{ stdenv 1{ config, lib, pkgs, ... }:
2, nettools 2
3, openresolv 3with lib;
4, name 4
5, connect ? true 5let
6, ipConf ? {} 6 cfg = config.services.yggdrasilTinc;
7, useDNS ? true 7in {
8}: 8
9 9 options = {
10with stdenv.lib; 10 services.yggdrasilTinc = {
11 11 enable = mkEnableOption "yggdrasil tinc network";
12{ 12
13 "yggdrasil" = { 13 connect = mkOption {
14 inherit name; 14 default = true;
15 debugLevel = 2; 15 type = types.bool;
16 hosts = ( import ./hosts/yggdrasil.nix ); 16 description = ''
17 extraConfig = '' 17 Connect to central server
18 PingTimeout = 10 18 '';
19 ${optionalString connect "ConnectTo = ymir"} 19 };
20 ''; 20
21 scripts = { 21 useDNS = mkOption {
22 "hosts/borealis-up" = '' 22 default = true;
23 #!${stdenv.shell} 23 types = types.bool;
24 ${nettools}/bin/route add -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE metric 9999 24 description = ''
25 ${optionalString useDNS '' 25 Use borealis as primary dns server
26 ${openresolv}/bin/resolvconf -m 0 -a tinc.yggdrasil <<EOF 26 '';
27 domain yggdrasil 27 };
28 nameserver 10.141.1.1 28
29 EOF 29 name = mkOption {
30 ''} 30 default = config.networking.hostName;
31 ''; 31 types = types.str;
32 "hosts/borealis-down" = '' 32 description = ''
33 #!${stdenv.shell} 33 Node identifier
34 ${nettools}/bin/route del -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE 34 '';
35 ${optionalString useDNS '' 35 };
36 ${openresolv}/bin/resolvconf -d tinc.yggdrasil 36
37 ''} 37 interfaceConfig = mkOption {
38 default = {};
39 description = ''
40 Additional configuration for the generated network interface
41 '';
42 };
43 };
44 };
45
46 config = mkIf cfg.enable {
47 services.customTinc.networks."yggdrasil" = {
48 inherit (cfg) name interfaceConfig;
49 debugLevel = 2;
50 hosts = ( import ./hosts/yggdrasil.nix );
51 extraConfig = ''
52 PingTimeout = 10
53 ${optionalString cfg.connect "ConnectTo = ymir"}
38 ''; 54 '';
55 scripts = {
56 "hosts/borealis-up" = "${config.security.wrapperDir}/borealis-up";
57 "hosts/borealis-down" = "${config.security.wrapperDir}/borealis-down";
58 };
59 };
60
61 security.wrappers = {
62 "borealis-up" = {
63 source = pkgs.writeScript "borealis-up.sh" ''
64 #!${stdenv.shell}
65 ${nettools}/bin/route add -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE metric 9999
66 ${optionalString cfg.useDNS ''
67 ${openresolv}/bin/resolvconf -m 0 -a tinc.yggdrasil <<EOF
68 domain yggdrasil
69 nameserver 10.141.1.1
70 EOF
71 ''}
72 '';
73 };
74 "borealis-down" = {
75 source = pkgs.writeScript "borealis-down.sh" ''
76 #!${stdenv.shell}
77 ${nettools}/bin/route del -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE
78 ${optionalString cfg.useDNS ''
79 ${openresolv}/bin/resolvconf -d tinc.yggdrasil
80 ''}
81 '';
82 };
39 }; 83 };
40 interfaceConfig = ipConf;
41 }; 84 };
42} 85}