{ config, lib, pkgs, ... }: with lib; let cfg = config.services.yggdrasilTinc; in { options = { services.yggdrasilTinc = { enable = mkEnableOption "yggdrasil tinc network"; connect = mkOption { default = true; type = types.bool; description = '' Connect to central server ''; }; useDNS = mkOption { default = true; types = types.bool; description = '' Use borealis as primary dns server ''; }; name = mkOption { default = config.networking.hostName; types = types.str; description = '' Node identifier ''; }; interfaceConfig = mkOption { default = {}; description = '' Additional configuration for the generated network interface ''; }; }; }; config = mkIf cfg.enable { services.customTinc.networks."yggdrasil" = { inherit (cfg) name interfaceConfig; debugLevel = 2; hosts = ( import ./hosts/yggdrasil.nix ); extraConfig = '' PingTimeout = 10 ${optionalString cfg.connect "ConnectTo = ymir"} ''; scripts = { "hosts/borealis-up" = "${config.security.wrapperDir}/borealis-up"; "hosts/borealis-down" = "${config.security.wrapperDir}/borealis-down"; }; }; security.wrappers = { "borealis-up" = { source = pkgs.writeScript "borealis-up.sh" '' #!${stdenv.shell} ${nettools}/bin/route add -net 10.141.1.0 netmask 255.255.255.0 gw 10.141.1.1 dev $INTERFACE metric 9999 ${optionalString cfg.useDNS '' ${openresolv}/bin/resolvconf -m 0 -a tinc.yggdrasil <