lynatic/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

clean up mkMesh implementation

Browse source
This commit is contained in:
Lyn 2025-01-14 21:43:47 +01:00
parent 7f00516334
commit 40e04843ef
3 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
hosts/supernova/default.nix
View file

@ -24,9 +24,9 @@ with config.lyn.lib; {
# Firmware updates:
services.fwupd.enable = true;
lyn.services.wgautomesh = {
lyn.services.mkMesh = {
enable = true;
enable_upnp = true;
enable_upnp_portforward = true;
};
##1##3##3##7##

3
hosts/wg-gateway/default.nix
View file

@ -18,8 +18,9 @@
# network
lyn.services.wgautomesh = {
lyn.services.mkMesh = {
enable = true;
enable_lan_discovery = false;
};
networking.useDHCP = false;

17
modules/services/wgautomesh.nix → modules/services/mkMesh.nix
View file

@ -39,11 +39,16 @@
currentHost = meshnetwork.hosts.${config.networking.hostName};
in {
opt = {
enable_upnp = lib.mkOption {
enable_upnp_portforward = lib.mkOption {
type = lib.types.bool;
description = "Whether to allow the wireguard port in the gateway using UPnP IGD. Necessary on some firewalls, might spam unnecessary debug messages on environments without IGD gateways.";
default = false;
};
enable_lan_discovery = lib.mkOption {
type = lib.types.bool;
description = "Try to discover mesh devices on the same local network.";
default = true;
};
};
config = rec {
networking.firewall = {
@ -54,7 +59,7 @@ in {
]
# UPnP broadcast responses
++ (
if cfg.enable_upnp
if cfg.enable_upnp_portforward
then [1900]
else []
);
@ -77,7 +82,7 @@ in {
enable = true;
settings = {
interfaces =
if cfg.enable_upnp
if cfg.enable_upnp_portforward
then [
{
name = "wg0";
@ -88,13 +93,11 @@ in {
upnp_forward_external_port = config.networking.wireguard.interfaces.wg1.listenPort;
}
]
else null;
else [];
peers = buildPeerlist "IPv6" meshnetwork.hosts ++ buildPeerlist "IPv4" meshnetwork.hosts;
lan_discovery = cfg.enable_lan_discovery;
};
gossipSecretFile = gossip_secret_path;
#DEBUG
logLevel = "trace";
};
};
}