lynatic/flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

clean up mkMesh implementation

Browse source
This commit is contained in:
Lyn 2025-01-14 21:43:47 +01:00
parent 7f00516334
commit 8bf2420a2a
3 changed files with 14 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
hosts/supernova/default.nix
View file

@ -24,9 +24,9 @@ with config.lyn.lib; {
# Firmware updates: # Firmware updates:
services.fwupd.enable = true; services.fwupd.enable = true;
lyn.services.wgautomesh = { lyn.services.mkMesh = {
enable = true; enable = true;
enable_upnp = true; enable_upnp_portforward = true;
}; };
##1##3##3##7## ##1##3##3##7##

3
hosts/wg-gateway/default.nix
View file

@ -18,8 +18,9 @@
# network # network
lyn.services.wgautomesh = { lyn.services.mkMesh = {
enable = true; enable = true;
enable_lan_discovery = false;
}; };
networking.useDHCP = false; networking.useDHCP = false;

17
modules/services/wgautomesh.nix → modules/services/mkMesh.nix
View file

@ -39,11 +39,16 @@
currentHost = meshnetwork.hosts.${config.networking.hostName}; currentHost = meshnetwork.hosts.${config.networking.hostName};
in { in {
opt = { opt = {
enable_upnp = lib.mkOption { enable_upnp_portforward = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
description = "Whether to allow the wireguard port in the gateway using UPnP IGD. Necessary on some firewalls, might spam unnecessary debug messages on environments without IGD gateways."; description = "Whether to allow the wireguard port in the gateway using UPnP IGD. Necessary on some firewalls, might spam unnecessary debug messages on environments without IGD gateways.";
default = false; default = false;
}; };
enable_lan_discovery = lib.mkOption {
type = lib.types.bool;
description = "Try to discover mesh devices on the same local network.";
default = true;
};
}; };
config = rec { config = rec {
networking.firewall = { networking.firewall = {
@ -54,7 +59,7 @@ in {
] ]
# UPnP broadcast responses # UPnP broadcast responses
++ ( ++ (
if cfg.enable_upnp if cfg.enable_upnp_portforward
then [1900] then [1900]
else [] else []
); );
@ -77,7 +82,7 @@ in {
enable = true; enable = true;
settings = { settings = {
interfaces = interfaces =
if cfg.enable_upnp if cfg.enable_upnp_portforward
then [ then [
{ {
name = "wg0"; name = "wg0";
@ -88,13 +93,11 @@ in {
upnp_forward_external_port = config.networking.wireguard.interfaces.wg1.listenPort; upnp_forward_external_port = config.networking.wireguard.interfaces.wg1.listenPort;
} }
] ]
else null; else [];
peers = buildPeerlist "IPv6" meshnetwork.hosts ++ buildPeerlist "IPv4" meshnetwork.hosts; peers = buildPeerlist "IPv6" meshnetwork.hosts ++ buildPeerlist "IPv4" meshnetwork.hosts;
lan_discovery = cfg.lan_discovery;
}; };
gossipSecretFile = gossip_secret_path; gossipSecretFile = gossip_secret_path;
#DEBUG
logLevel = "trace";
}; };
}; };
} }