c3d2/nix-config
c3d2
/
nix-config
24
7
Fork 3
Code Issues 12 Pull Requests 2 Releases Wiki Activity

lib/yggdrasil-hq: init

This commit is contained in:
Astro 2019-11-29 21:29:50 +01:00
parent 44b080063b
commit e0c0fe1902
4 changed files with 47 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
hosts/server7/configuration.nix
View File

@ -4,7 +4,6 @@
imports = [ imports = [
<nixpkgs/nixos/modules/profiles/minimal.nix> <nixpkgs/nixos/modules/profiles/minimal.nix>
../../lib/hq.nix ../../lib/hq.nix
../../lib/yggdrasil.nix
../../lib/emery.nix ../../lib/emery.nix
./containers ./containers
./hardware-configuration.nix ./hardware-configuration.nix
@ -20,17 +19,6 @@
# DO NOT CHANGE, KINDERGARTEN IS OVER # DO NOT CHANGE, KINDERGARTEN IS OVER
}; };
services.yggdrasil = {
openMulticastPort = true;
configFile = "/var/lib/yggdrasil/keys";
config.Peers = [
"tcp://[2a03:3b40:fe:ab::1]:46370" # Praha
"tcp://ygg.thingylabs.io:443" # Nürnberg
"tcp://176.223.130.120:22632" # Wrocław
"tcp://[2a05:9403::8b]:7743" # Praha
];
};
programs.mosh.enable = true; programs.mosh.enable = true;
nix = { nix = {

6
hosts/server7/containers/adc/default.nix
View File

@ -1,6 +1,10 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ {
imports = [
../../../../lib/yggdrasil-hq.nix
];
services.uhub = { services.uhub = {
enable = true; enable = true;
enableTLS = false; enableTLS = false;
@ -16,4 +20,6 @@
}; };
networking.firewall.allowedTCPPorts = [ config.services.uhub.port ]; networking.firewall.allowedTCPPorts = [ config.services.uhub.port ];
hq.yggdrasil.enable = true;
} }

10
hosts/server7/containers/yggrasil/default.nix
View File

@ -3,11 +3,17 @@
{ {
imports = [ imports = [
<nixpkgs/nixos/modules/profiles/minimal.nix> <nixpkgs/nixos/modules/profiles/minimal.nix>
../../lib/hq.nix ../../../../lib/hq.nix
../../lib/yggdrasil.nix ../../../../lib/yggdrasil.nix
./yggdrasil-prefix.nix ./yggdrasil-prefix.nix
]; ];
networking.interfaces.eth0 = {
ipv6.addresses = [
{ address = "310:5217:69c0:9afc::1"; prefixLength = 64; }
];
};
services.yggdrasil = { services.yggdrasil = {
openMulticastPort = true; openMulticastPort = true;
configFile = "/var/lib/yggdrasil/keys"; configFile = "/var/lib/yggdrasil/keys";

33
lib/yggdrasil-hq.nix Normal file
View File

@ -0,0 +1,33 @@
{ config, lib }:
with lib;
let
cfg = config.hq.yggdrasil;
hostNameHash = hashString "sha256" networking.hostName;
hextets = map (i: substring (4 * i) (4 * (i + 1)) hostNameHash) [0 1 2 3];
hostAddr = concatStringsSep ":" hextets;
in
{
options = with types; {
hq.yggdrasil = {
enable = mkEnableOption "Configure Yggdrasil access via the Yggdrasil router";
interface = mkOption {
type = nullOr str;
default = "eth0";
description = "Network interface to the C3D2 HQ ethernet";
};
};
};
networking.interfaces = optionalAttrs cfg.enable {
"${cfg.interface}.ipv6" = {
addresses = [
{ address = "310:5217:69c0:9afc:${hostAddr}"; prefixLength = 64; }
];
routes = [
{ address = "200::"; prefixLength = 7; via = "310:5217:69c0:9afc::1"; }
];
};
};
}