diff options
Diffstat (limited to 'custom/tinc')
-rw-r--r-- | custom/tinc/yggdrasil.nix | 119 |
1 files changed, 81 insertions, 38 deletions
diff --git a/custom/tinc/yggdrasil.nix b/custom/tinc/yggdrasil.nix index 46d815a3..035b9b10 100644 --- a/custom/tinc/yggdrasil.nix +++ b/custom/tinc/yggdrasil.nix | |||
@@ -1,42 +1,85 @@ | |||
1 | { stdenv | 1 | { config, lib, pkgs, ... }: |
2 | , nettools | 2 | |
3 | , openresolv | 3 | with lib; |
4 | , name | 4 | |
5 | , connect ? true | 5 | let |
6 | , ipConf ? {} | 6 | cfg = config.services.yggdrasilTinc; |
7 | , useDNS ? true | 7 | in { |
8 | }: | 8 | |
9 | 9 | options = { | |
10 | with stdenv.lib; | 10 | services.yggdrasilTinc = { |
11 | 11 | enable = mkEnableOption "yggdrasil tinc network"; | |
12 | { | 12 | |
13 | "yggdrasil" = { | 13 | connect = mkOption { |
14 | inherit name; | 14 | default = true; |
15 | debugLevel = 2; | 15 | type = types.bool; |
16 | hosts = ( import ./hosts/yggdrasil.nix ); | 16 | description = '' |
17 | extraConfig = '' | 17 | Connect to central server |
18 | PingTimeout = 10 | 18 | ''; |
19 | ${optionalString connect "ConnectTo = ymir"} | 19 | }; |
20 | ''; | 20 | |
21 | scripts = { | 21 | useDNS = mkOption { |
22 | "hosts/borealis-up" = '' | 22 | default = true; |
23 | #!${stdenv.shell} | 23 | types = types.bool; |
24 | ${nettools}/bin/route add -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE metric 9999 | 24 | description = '' |
25 | ${optionalString useDNS '' | 25 | Use borealis as primary dns server |
26 | ${openresolv}/bin/resolvconf -m 0 -a tinc.yggdrasil <<EOF | 26 | ''; |
27 | domain yggdrasil | 27 | }; |
28 | nameserver 10.141.1.1 | 28 | |
29 | EOF | 29 | name = mkOption { |
30 | ''} | 30 | default = config.networking.hostName; |
31 | ''; | 31 | types = types.str; |
32 | "hosts/borealis-down" = '' | 32 | description = '' |
33 | #!${stdenv.shell} | 33 | Node identifier |
34 | ${nettools}/bin/route del -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE | 34 | ''; |
35 | ${optionalString useDNS '' | 35 | }; |
36 | ${openresolv}/bin/resolvconf -d tinc.yggdrasil | 36 | |
37 | ''} | 37 | interfaceConfig = mkOption { |
38 | default = {}; | ||
39 | description = '' | ||
40 | Additional configuration for the generated network interface | ||
41 | ''; | ||
42 | }; | ||
43 | }; | ||
44 | }; | ||
45 | |||
46 | config = mkIf cfg.enable { | ||
47 | services.customTinc.networks."yggdrasil" = { | ||
48 | inherit (cfg) name interfaceConfig; | ||
49 | debugLevel = 2; | ||
50 | hosts = ( import ./hosts/yggdrasil.nix ); | ||
51 | extraConfig = '' | ||
52 | PingTimeout = 10 | ||
53 | ${optionalString cfg.connect "ConnectTo = ymir"} | ||
38 | ''; | 54 | ''; |
55 | scripts = { | ||
56 | "hosts/borealis-up" = "${config.security.wrapperDir}/borealis-up"; | ||
57 | "hosts/borealis-down" = "${config.security.wrapperDir}/borealis-down"; | ||
58 | }; | ||
59 | }; | ||
60 | |||
61 | security.wrappers = { | ||
62 | "borealis-up" = { | ||
63 | source = pkgs.writeScript "borealis-up.sh" '' | ||
64 | #!${stdenv.shell} | ||
65 | ${nettools}/bin/route add -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE metric 9999 | ||
66 | ${optionalString cfg.useDNS '' | ||
67 | ${openresolv}/bin/resolvconf -m 0 -a tinc.yggdrasil <<EOF | ||
68 | domain yggdrasil | ||
69 | nameserver 10.141.1.1 | ||
70 | EOF | ||
71 | ''} | ||
72 | ''; | ||
73 | }; | ||
74 | "borealis-down" = { | ||
75 | source = pkgs.writeScript "borealis-down.sh" '' | ||
76 | #!${stdenv.shell} | ||
77 | ${nettools}/bin/route del -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE | ||
78 | ${optionalString cfg.useDNS '' | ||
79 | ${openresolv}/bin/resolvconf -d tinc.yggdrasil | ||
80 | ''} | ||
81 | ''; | ||
82 | }; | ||
39 | }; | 83 | }; |
40 | interfaceConfig = ipConf; | ||
41 | }; | 84 | }; |
42 | } | 85 | } |