From e2e7587cfa7497aba164ec0e338791999479b56b Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Thu, 16 Dec 2021 09:41:50 +0100 Subject: yggdrasil-wg: routing --- modules/yggdrasil-wg/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/yggdrasil-wg/default.nix b/modules/yggdrasil-wg/default.nix index b1d4ee5d..cbe09955 100644 --- a/modules/yggdrasil-wg/default.nix +++ b/modules/yggdrasil-wg/default.nix @@ -76,6 +76,7 @@ let vidhar = ["${batSubnet}:1::/${toString batHostLength}"]; sif = ["${batSubnet}:2::/${toString batHostLength}"]; }; + routers = [ "surtr" ]; mkPublicKeyPath = family: host: ./hosts + "/${family}" + "/${host}.pub"; mkPrivateKeyPath = family: host: ./hosts + "/${family}" + "/${host}.priv"; @@ -91,7 +92,7 @@ let let other = if thisHost from then to else from; in { - AllowedIPs = wgHostIPs.${family}.${other}; + AllowedIPs = if elem other routers then ["0.0.0.0/0" "::/0"] else wgHostIPs.${family}.${other}; PublicKey = trim (readFile (mkPublicKeyPath family other)); } // (optionalAttrs (thisHost from) (linkCfgFilterCustom opts // linkMkEndpointCfg family opts)); linkCfgFilterCustom = filterAttrs (n: _v: !(elem n ["from" "to" "endpointHost"])); @@ -202,7 +203,7 @@ in { Destination = "${batSubnet}::/${toString batSubnetLength}"; }; } - ]; + ] ++ (concatMap (router: concatMap (family: { routeConfig = { Destination = "::/0"; Metric = 1; Gateway = wgHostIPs.${family}.${router}; }; }) families) routers); linkConfig = { MACAddress = "${batHostMACs.${hostName}}"; RequiredForOnline = false; -- cgit v1.2.3