forked from zentralwerk/network
yggdrasil: prepare container deployment
This commit is contained in:
parent
29c74782c7
commit
d8bd90e049
19
config/net/yggdrasil.nix
Normal file
19
config/net/yggdrasil.nix
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
{
|
||||||
|
site.hosts.yggdrasil = {
|
||||||
|
role = "container";
|
||||||
|
interfaces = {
|
||||||
|
core = {
|
||||||
|
hwaddr = "0A:14:48:01:26:ff";
|
||||||
|
type = "veth";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
ospf = {
|
||||||
|
allowedUpstreams =
|
||||||
|
[ "upstream3" "upstream1" "upstream4" "anon1" "freifunk" ];
|
||||||
|
stubNets6 = [ "200::/7" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.yggdrasil.enable = true;
|
||||||
|
prebuilt = true;
|
||||||
|
};
|
||||||
|
}
|
|
@ -401,6 +401,10 @@ let
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = false;
|
default = false;
|
||||||
};
|
};
|
||||||
|
services.yggdrasil.enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = false;
|
||||||
|
};
|
||||||
links = mkOption {
|
links = mkOption {
|
||||||
description = "Which port is connected to what other device? Keys are either network names or known hostnames.";
|
description = "Which port is connected to what other device? Keys are either network names or known hostnames.";
|
||||||
default = {};
|
default = {};
|
||||||
|
|
|
@ -1,14 +1,15 @@
|
||||||
{ pkgs, lib, config, hostRegistry, zentralwerk, ... }:
|
{ pkgs, lib, config, hostName, ... }:
|
||||||
|
|
||||||
let
|
lib.mkIf config.site.hosts.${hostName}.services.yggdrasil.enable {
|
||||||
host = hostRegistry.hosts.yggdrasil;
|
|
||||||
yggAddress = host.ygg;
|
|
||||||
yggPrefix = "301:4561:bb58:4dac"; # 301:4561:bb58:4dac::/64
|
|
||||||
# taken from the output of "yggdrasilctl getself".
|
|
||||||
port = 46823;
|
|
||||||
in {
|
|
||||||
networking.firewall.enable = false;
|
networking.firewall.enable = false;
|
||||||
|
|
||||||
|
boot.postBootCommands = ''
|
||||||
|
if [ ! -c /dev/net/tun ]; then
|
||||||
|
mkdir -p /dev/net
|
||||||
|
mknod -m 666 /dev/net/tun c 10 200
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
|
||||||
services.yggdrasil = {
|
services.yggdrasil = {
|
||||||
enable = true;
|
enable = true;
|
||||||
persistentKeys = true;
|
persistentKeys = true;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user