forked from zentralwerk/network
nixos-module/network.nix: configure host IP
This commit is contained in:
parent
46c16e4413
commit
704f007ae5
|
@ -13,6 +13,17 @@ let
|
|||
type = with types; nullOr str;
|
||||
default = null;
|
||||
};
|
||||
subnet4Len = mkOption {
|
||||
type = with types; nullOr types.int;
|
||||
default =
|
||||
let
|
||||
inherit (config.site.net.${name}) subnet4;
|
||||
s = lib.splitString "/" subnet4;
|
||||
in
|
||||
if subnet4 != null && builtins.length s == 2
|
||||
then lib.toInt (elemAt s 1)
|
||||
else null;
|
||||
};
|
||||
subnets6 = mkOption {
|
||||
description = "IPv6 subnets w/o prefixlen (always 64)";
|
||||
type = with types; attrsOf str;
|
||||
|
@ -77,6 +88,10 @@ let
|
|||
default = {};
|
||||
type = with types; attrsOf (submodule interfaceOpts);
|
||||
};
|
||||
isRouter = mkOption {
|
||||
type = types.bool;
|
||||
default = config.site.hosts.${name}.interfaces ? core;
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
|
|
|
@ -1,27 +1,59 @@
|
|||
{ hostName, config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
findGw6 = net: gw6:
|
||||
let
|
||||
inherit (config.site.net.${net}) hosts6;
|
||||
in
|
||||
builtins.foldl' (result: ctx:
|
||||
let
|
||||
h = hosts6.${ctx};
|
||||
in
|
||||
if result == null && h ? ${hostName} && h ? ${gw6}
|
||||
then h.${gw6}
|
||||
else result
|
||||
) null (builtins.attrNames hosts6);
|
||||
in
|
||||
{
|
||||
networking.firewall.enable = lib.mkDefault false;
|
||||
|
||||
networking.useDHCP = false;
|
||||
|
||||
networking.useHostResolvConf = false;
|
||||
services.resolved.enable = false;
|
||||
environment.etc."resolv.conf".text = ''
|
||||
nameserver 172.20.73.8 9.9.9.9
|
||||
'';
|
||||
|
||||
networking.useNetworkd = true;
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
|
||||
networks =
|
||||
builtins.mapAttrs (ifName: { gw4, gw6, ... }: {
|
||||
matchConfig.Name = ifName;
|
||||
# addresses = [ {
|
||||
# addressConfig.Address = "127.0.0.1/8";
|
||||
# } ];
|
||||
# TODO: lookup hostname
|
||||
gateway = with lib;
|
||||
optional (gw4 != null) gw4 ++
|
||||
optional (gw6 != null) gw6;
|
||||
}) config.site.hosts.${hostName}.interfaces;
|
||||
builtins.mapAttrs (ifName: { gw4, gw6, ... }:
|
||||
let
|
||||
netConfig = config.site.net.${ifName};
|
||||
in {
|
||||
matchConfig.Name = ifName;
|
||||
|
||||
addresses =
|
||||
let
|
||||
address = netConfig.hosts4.${hostName};
|
||||
prefixLen = netConfig.subnet4Len;
|
||||
in
|
||||
lib.optional (netConfig.hosts4 ? ${hostName}) {
|
||||
addressConfig.Address = "${address}/${toString prefixLen}";
|
||||
} ++
|
||||
builtins.concatMap (hosts6:
|
||||
lib.optional (hosts6 ? ${hostName}) {
|
||||
addressConfig.Address = "${hosts6.${hostName}}/64";
|
||||
}
|
||||
) (builtins.attrValues netConfig.hosts6);
|
||||
|
||||
gateway = with lib;
|
||||
optional (gw4 != null) netConfig.${gw4} ++
|
||||
optional (gw6 != null) (findGw6 ifName gw6);
|
||||
|
||||
}) config.site.hosts.${hostName}.interfaces;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -65,6 +65,14 @@ in
|
|||
matchConfig.Name = "bond0";
|
||||
networkConfig.VLAN = map (net: "ext-${net}") ctNets;
|
||||
};
|
||||
};
|
||||
} // builtins.foldl' (result: net: result // {
|
||||
"${net}" = {
|
||||
matchConfig.Name = net;
|
||||
networkConfig = {
|
||||
IPForward = config.site.hosts.${hostName}.isRouter;
|
||||
IPv6AcceptRA = !config.site.hosts.${hostName}.isRouter;
|
||||
};
|
||||
};
|
||||
}) {} bridgeNets;
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user