forked from c3d2/nix-config
Add c3d2.nncp options
This commit is contained in:
parent
732ae81533
commit
29da9eee7d
46
config/nncp-relays.nix
Normal file
46
config/nncp-relays.nix
Normal file
|
@ -0,0 +1,46 @@
|
|||
{ config, ... }:
|
||||
|
||||
{
|
||||
blackbox = {
|
||||
addrs.yggdrasil = "[20b:c3d2:4aa5:62bf:4f15:ed96:fcae:7a7]:5400";
|
||||
exchpub = "NM6PP4UOHQ3JZWHRJ66E2JIAJ5NE4E4VIXQBFDEWOBV4AAFPT4UA";
|
||||
id = "QOE2FEHKYHY2CESYIH7F2XUP4DHR7ETHYYGN3STCXFVFPZGBLNWQ";
|
||||
noisepub = "MSJYTL677QZGMSVJBBPN3QF2SACFWTGJ56KFNDAZNCMPRDBOMUYQ";
|
||||
signpub = "QYJPF3SRTJGPZAGDHAFLWPMCTBHZOKTLATYXVX6WCUSNVGBECYHA";
|
||||
};
|
||||
c3d2 = {
|
||||
addrs.clearnet = "[${config.c3d2.hosts.nncp.ip6}]:5400";
|
||||
exchpub = "MUZ3GI6GWEEIDQSUR6YGA3KNYERUFHIHLG24OG54QJJU2X5UGAJQ";
|
||||
id = "NGQLTVQVIRZEPXB6OEOZIEGZ4SQQ2P25HBXFPEX5C57VEKQDF4BA";
|
||||
noisepub = "YLJJGNQWNO3CGTBPROUUKVTSU3TFWHTBWREXMBBPMGMPJBWXAINA";
|
||||
signpub = "6SRGG5RO7D7YZB65G3F6PL7ZEAWL6UBLNWJZSHKOXUSEEVXFFZZA";
|
||||
};
|
||||
devian = {
|
||||
addrs.yggdrasil = "[200:ac5d:cab4:d15c:598a:f515:3362:c6e4]:5400";
|
||||
exchpub = "HISFY4YEXULGOBV2PDGDI26XMVELNO26C454OOZY3WN5R2LGOAEA";
|
||||
id = "LMZYGGVA4TKCIYCJK4XQ4JDTHALVCWB2OTHMSYRL2BNILXJXATPA";
|
||||
noisepub = "DKOHGPPAMSP2RY6PW4UCLOAW4KSCYNFUHZKWQOLPMOIKVGSMS5ZQ";
|
||||
signpub = "VXF7ZB45L3O6IVFSOTMNTD3UXFO4JZXEU2K2ZARNCJR7OOO6B7SQ";
|
||||
};
|
||||
emery = {
|
||||
exchpub = "7XICCCEAGTBEPHOZ6LZFK5YIEPQTQ2JDUWFDHHI2VZO7EWAOD4JQ";
|
||||
id = "BPEPGYPNZVOJM3GJBVRMOWIQA6PE7IIXLKWTDTBAT47N2LUZN4OQ";
|
||||
noisepub = "EVRKZ7YGBRZOI3HWJXOMTY7IQYWTBZJDZDNAG763A5ZX4WJWGVAQ";
|
||||
signpub = "O65ZBBZX53BXMD4YAZESFRLWQ7TWWIFS4V5SI3232MMMCKWCWKCA";
|
||||
via = [ "c3d2" ];
|
||||
};
|
||||
quux = {
|
||||
addrs.clearnet = "nncp.quux.org:5400";
|
||||
exchpub = "7L4GZ4LKXZREZFSBKCBX4CGUTLYKUHR4KNQ3O6NPJGGM6C5YGAPQ";
|
||||
id = "SXNADKNYBOU6VPDVZHZZGHPJXDDZTDWDT4YAQ5TJHBA6FTNUHTCA";
|
||||
noisepub = "C7JASCAKJDRQNWNBOUX6WGFN4U7KC3NFU472IW43NJIBUB3V3EZQ";
|
||||
signpub = "HS2Q2DNZWWCFY4V2UGYYJZFU4UPTUBFOTFYBY25QNOKDNG2OBKDQ";
|
||||
};
|
||||
unicron = {
|
||||
addrs.yggdrasil = "[201:7d01:2539:fb46:a575:bad1:98dd:d7ed]:5400";
|
||||
exchpub = "DYPGKZQWE5P3JOJ4GX76BCFKVQDGQAFGMRDAWKXMIA5K2JLTDF2Q";
|
||||
id = "WLK6PJUFVCFOMVLOWSKSZPRQHYVIITRDGI2JFL5OTXGFEFPI2UCA";
|
||||
noisepub = "ZDFDWAGDXQFFDBE2XP67ABADCXEQDFFG64R2WFBINYGBPVESEQHQ";
|
||||
signpub = "2ABRP3EMYXMGWUJPC4JQ23OE6YJG7MOBU2QLAGRO7RIFTPOYMB5A";
|
||||
};
|
||||
}
|
|
@ -501,13 +501,15 @@
|
|||
|
||||
nixosModule = self.nixosModules.c3d2;
|
||||
nixosModules = {
|
||||
c3d2 = {
|
||||
c3d2 = { config, ... }: {
|
||||
imports = [
|
||||
sops-nix.nixosModule
|
||||
./modules/c3d2.nix
|
||||
./modules/nncp.nix
|
||||
];
|
||||
c3d2.hosts = hostRegistry.hosts;
|
||||
c3d2.users = import ./users.nix;
|
||||
c3d2.nncp.neigh = import ./config/nncp-relays.nix { inherit config; };
|
||||
};
|
||||
nncp = ./modules/nncp.nix;
|
||||
plume = {
|
||||
|
|
|
@ -2,12 +2,35 @@
|
|||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let cfg = config.c3d2;
|
||||
let
|
||||
cfg = config.c3d2;
|
||||
neighMod = with lib; types.submodule {
|
||||
options = {
|
||||
addrs = mkOption {
|
||||
type = with types; attrsOf str;
|
||||
default = { };
|
||||
};
|
||||
via = mkOption
|
||||
{
|
||||
type = with types; listOf str;
|
||||
default = [ ];
|
||||
};
|
||||
} // (with builtins; let value = mkOption { type = types.str; }; in
|
||||
listToAttrs (map (name: { inherit name value; }) [ "exchpub" "id" "noisepub" "signpub" ]));
|
||||
};
|
||||
in
|
||||
{
|
||||
options.c3d2 = with lib;
|
||||
with lib.types; {
|
||||
|
||||
acmeEmail = mkOption {
|
||||
type = str;
|
||||
default = "mail@c3d2.de";
|
||||
description = ''
|
||||
Admin email address to use for Letsencrypt
|
||||
'';
|
||||
};
|
||||
|
||||
allUsersCanSshRoot = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
|
@ -41,13 +64,10 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
acmeEmail = mkOption {
|
||||
type = str;
|
||||
default = "mail@c3d2.de";
|
||||
description = ''
|
||||
Admin email address to use for Letsencrypt
|
||||
mergeNncpSettings = mkEnableOption ''
|
||||
Whether to merge <literal>c3d2.nncp.<…>.nncp</literal>
|
||||
into <literal>programs.nncp.settings</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
k-ot.enable = mkEnableOption ''
|
||||
Add k-ot user to this machine. Anyone with an SSH key listed in
|
||||
|
@ -108,6 +128,17 @@ in
|
|||
});
|
||||
};
|
||||
|
||||
nncp = {
|
||||
neigh = mkOption {
|
||||
type = with types; attrsOf neighMod;
|
||||
default = { };
|
||||
description = ''
|
||||
Attrset of NNCP neighbours for relaying packets.
|
||||
User endpoints go in <literal>c3d2.users</literal>.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
users =
|
||||
mkOption {
|
||||
type = attrsOf (submodule {
|
||||
|
@ -130,6 +161,8 @@ in
|
|||
));
|
||||
in
|
||||
{
|
||||
programs.nncp.settings = lib.mkIf cfg.mergeNncpSettings cfg.nncp;
|
||||
|
||||
users.motd = lib.mkIf cfg.enableMotd (builtins.readFile ./motd);
|
||||
|
||||
users.users.k-ot = lib.mkIf cfg.k-ot.enable {
|
||||
|
|
Loading…
Reference in New Issue
Block a user