From 29c74782c7a6485104ff99467bda94b0a347958a Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Thu, 13 Jan 2022 19:49:33 +0100
Subject: [PATCH] Add yggdrasil container

---
 flake.nix                                |  4 +--
 nix/nixos-module/container/yggdrasil.nix | 37 ++++++++++++++++++++++++
 nix/nixos-module/default.nix             |  1 +
 3 files changed, 39 insertions(+), 3 deletions(-)
 create mode 100644 nix/nixos-module/container/yggdrasil.nix

diff --git a/flake.nix b/flake.nix
index 53c777a..fed8f7f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -40,9 +40,7 @@
 
       # Configuration for nixosConfigurations
       # (see nix/nixos-module/default.nix)
-      nixosModule = { ... }: {
-        imports = [ ./nix/nixos-module ];
-      };
+      nixosModule = import ./nix/nixos-module;
 
       # NixOS host systems (servers, and containers)
       nixosConfigurations =
diff --git a/nix/nixos-module/container/yggdrasil.nix b/nix/nixos-module/container/yggdrasil.nix
new file mode 100644
index 000000000..89d795d
--- /dev/null
+++ b/nix/nixos-module/container/yggdrasil.nix
@@ -0,0 +1,37 @@
+{ pkgs, lib, config, hostRegistry, zentralwerk, ... }:
+
+let
+  host = hostRegistry.hosts.yggdrasil;
+  yggAddress = host.ygg;
+  yggPrefix = "301:4561:bb58:4dac"; # 301:4561:bb58:4dac::/64
+  # taken from the output of "yggdrasilctl getself".
+  port = 46823;
+in {
+  networking.firewall.enable = false;
+
+  services.yggdrasil = {
+    enable = true;
+    persistentKeys = true;
+    config = {
+      IfName = "ygg";
+      Peers = # https://publicpeers.neilalexander.dev/
+        [
+          # deutschland
+          "tcp://ygg.mkg20001.io:80"
+
+          # czechia
+          "tcp://[2a03:3b40:fe:ab::1]:46370" # emery vpsfree.cz
+
+          # nederlands
+          "tls://77.249.167.165:8084" # emery nijmegen
+        ];
+      NodeInfo = {
+        # This information is visible to the network.
+        name = "y.c3d2.de";
+        location = "Dresden";
+        email = "ehmry@c3d2.de";
+      };
+    };
+  };
+
+}
diff --git a/nix/nixos-module/default.nix b/nix/nixos-module/default.nix
index 07fcf4a..d8bbaa2 100644
--- a/nix/nixos-module/default.nix
+++ b/nix/nixos-module/default.nix
@@ -25,6 +25,7 @@ in {
     ./container/wireguard.nix
     ./container/dns.nix
     ./container/dnscache.nix
+    ./container/yggdrasil.nix
   ] ++
   optionals lib.config.site.hosts.${hostName}.isRouter [
     ./container/bird.nix