yggdrasil: prepare container deployment

This commit is contained in:
Astro 2022-01-13 20:17:50 +01:00
parent 29c74782c7
commit d8bd90e049
3 changed files with 32 additions and 8 deletions

19
config/net/yggdrasil.nix Normal file
View File

@ -0,0 +1,19 @@
{
site.hosts.yggdrasil = {
role = "container";
interfaces = {
core = {
hwaddr = "0A:14:48:01:26:ff";
type = "veth";
};
};
ospf = {
allowedUpstreams =
[ "upstream3" "upstream1" "upstream4" "anon1" "freifunk" ];
stubNets6 = [ "200::/7" ];
};
services.yggdrasil.enable = true;
prebuilt = true;
};
}

View File

@ -401,6 +401,10 @@ let
type = types.bool;
default = false;
};
services.yggdrasil.enable = mkOption {
type = types.bool;
default = false;
};
links = mkOption {
description = "Which port is connected to what other device? Keys are either network names or known hostnames.";
default = {};

View File

@ -1,14 +1,15 @@
{ pkgs, lib, config, hostRegistry, zentralwerk, ... }:
{ pkgs, lib, config, hostName, ... }:
let
host = hostRegistry.hosts.yggdrasil;
yggAddress = host.ygg;
yggPrefix = "301:4561:bb58:4dac"; # 301:4561:bb58:4dac::/64
# taken from the output of "yggdrasilctl getself".
port = 46823;
in {
lib.mkIf config.site.hosts.${hostName}.services.yggdrasil.enable {
networking.firewall.enable = false;
boot.postBootCommands = ''
if [ ! -c /dev/net/tun ]; then
mkdir -p /dev/net
mknod -m 666 /dev/net/tun c 10 200
fi
'';
services.yggdrasil = {
enable = true;
persistentKeys = true;