From f386e19d299ae5b3a6d5147d2766dee702f26d83 Mon Sep 17 00:00:00 2001 From: Lyn Date: Wed, 13 Nov 2024 19:19:13 +0100 Subject: [PATCH] made the hosts thingy into a hacky module --- hosts/network.nix | 75 ++++++++++++++++++++++++++++++--- modules/services/wgautomesh.nix | 4 +- 2 files changed, 70 insertions(+), 9 deletions(-) diff --git a/hosts/network.nix b/hosts/network.nix index 1514462..7db1d32 100644 --- a/hosts/network.nix +++ b/hosts/network.nix @@ -52,22 +52,83 @@ in { options = { ${prefix} = { network.wg_subnets.IPv4 = lib.mkOption { - type = str; + type = types.str; description = "The IPv6 range that wireguard peers will use"; }; network.wg_subnets.IPv6 = lib.mkOption { - type = str; + type = types.str; description = "The IPv4 range that wireguard peers will use"; }; + + # defining the entire hosts part as a module network.hosts = lib.mkOption { - type = lib.types.set; + type = types.attrsOf (lib.types.submodule { + options = { + wg = lib.mkOption { + type = lib.types.submodule { + options = { + enabled = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable WireGuard"; + }; + pubkey = lib.mkOption { + type = types.nullOr types.str; + default = null; + description = "Public key for WireGuard"; + }; + port = lib.mkOption { + type = lib.types.int; + default = 51820; + description = "Port for WireGuard"; + }; + }; + }; + description = "WireGuard configuration"; + }; + v4 = lib.mkOption { + type = lib.types.submodule { + options = { + public = lib.mkOption { + type = types.nullOr types.str; + default = null; + description = "Public IPv4 address"; + }; + internal = lib.mkOption { + type = lib.types.str; + description = "Wireguard-internal IPv4 address"; + }; + }; + default = {}; + }; + description = "IPv4 configuration"; + }; + v6 = lib.mkOption { + type = lib.types.submodule { + options = { + public = lib.mkOption { + type = types.nullOr types.str; + description = "Public IPv6 address"; + }; + internal = lib.mkOption { + type = lib.types.str; + description = "Wireguard-internal IPv6 address"; + }; + }; + }; + description = "IPv6 configuration"; + default = {}; + }; + }; + }); + default = {}; description = "All hosts in this network that this config should be aware of"; }; }; - }; - config = { - ${prefix}.network = { - inherit hosts wg_subnets; + config = { + ${prefix}.network = { + inherit hosts wg_subnets; + }; }; }; } diff --git a/modules/services/wgautomesh.nix b/modules/services/wgautomesh.nix index a068e32..5d2b694 100644 --- a/modules/services/wgautomesh.nix +++ b/modules/services/wgautomesh.nix @@ -38,8 +38,8 @@ in { networking.wireguard.interfaces.wg0 = { ips = if cfg.useIPv6 - then [${meshnetwork.wg_subnets.IPv6}] - else [${meshnetwork.wg_subnets.IPv4}]; + then ["${meshnetwork.wg_subnets.IPv6}"] + else ["${meshnetwork.wg_subnets.IPv4}"]; listenPort = cfg.wireguardPort; privateKeyFile = "/var/lib/wireguard-keys/private"; mtu = 1420;