1 files changed, 49 insertions, 0 deletions
diff --git a/modules/yggdrasil/default.nix b/modules/yggdrasil/default.nix
new file mode 100644
index 00000000..91a550d6
--- /dev/null
+++ b/modules/yggdrasil/default.nix
@@ -0,0 +1,49 @@
+{ config, lib, customUtils, ... }:
+let
+  cfg = config.services.tinc.yggdrasil;
+in {
+  options = {
+    services.tinc.yggdrasil = lib.mkOption {
+      type = lib.types.submodule {
+        options = {
+          enable = lib.mkEnableOption "Yggdrasil tinc network";
+          
+          connect = lib.mkOption {
+            default = true;
+            type = lib.types.bool;
+            description = ''
+              Connect to central server
+            '';
+          };
+        };
+      };
+    };
+  };
+  
+  config = lib.mkIf cfg.enable {
+    services.tinc.networks.yggdrasil = {
+      name = config.networking.hostName;
+      hostSettings = customUtils.recImport { dir = ./hosts; };
+      debugLevel = 2;
+      interfaceType = "tap";
+      settings = {
+        Mode = "switch";
+        PingTimeout = 30;
+        ConnectTo = lib.mkIf cfg.connect "ymir";
+      };
+    };
+    sops.secrets = {
+      tinc-yggdrasil-rsa = {
+        key = "rsa";
+        path = "/etc/tinc/yggdrasil/rsa_key.priv";
+        sopsFile = ./hosts + "/${config.services.tinc.networks.yggdrasil.name}/private-keys.yaml";
+      };
+      tinc-yggdrasil-ed25519 = {
+        key = "ed25519";
+        path = "/etc/tinc/yggdrasil/rsa_key.priv";
+        sopsFile = ./hosts + "/${config.services.tinc.networks.yggdrasil.name}/private-keys.yaml";
+      };
+    };
+  };
+}

diff --git a/modules/yggdrasil/default.nix b/modules/yggdrasil/default.nix new file mode 100644 index 00000000..91a550d6 --- /dev/null +++ b/modules/yggdrasil/default.nix
@@ -0,0 +1,49 @@
	1	{ config, lib, customUtils, ... }:
	2	let
	3	cfg = config.services.tinc.yggdrasil;
	4	in {
	5	options = {
	6	services.tinc.yggdrasil = lib.mkOption {
	7	type = lib.types.submodule {
	8	options = {
	9	enable = lib.mkEnableOption "Yggdrasil tinc network";
	10
	11	connect = lib.mkOption {
	12	default = true;
	13	type = lib.types.bool;
	14	description = ''
	15	Connect to central server
	16	'';
	17	};
	18	};
	19	};
	20	};
	21	};
	22
	23	config = lib.mkIf cfg.enable {
	24	services.tinc.networks.yggdrasil = {
	25	name = config.networking.hostName;
	26	hostSettings = customUtils.recImport { dir = ./hosts; };
	27	debugLevel = 2;
	28	interfaceType = "tap";
	29	settings = {
	30	Mode = "switch";
	31	PingTimeout = 30;
	32	ConnectTo = lib.mkIf cfg.connect "ymir";
	33	};
	34	};
	35
	36	sops.secrets = {
	37	tinc-yggdrasil-rsa = {
	38	key = "rsa";
	39	path = "/etc/tinc/yggdrasil/rsa_key.priv";
	40	sopsFile = ./hosts + "/${config.services.tinc.networks.yggdrasil.name}/private-keys.yaml";
	41	};
	42	tinc-yggdrasil-ed25519 = {
	43	key = "ed25519";
	44	path = "/etc/tinc/yggdrasil/rsa_key.priv";
	45	sopsFile = ./hosts + "/${config.services.tinc.networks.yggdrasil.name}/private-keys.yaml";
	46	};
	47	};
	48	};
	49	}