made the hosts thingy into a hacky module
This commit is contained in:
parent
2ed2a77263
commit
f386e19d29
2 changed files with 70 additions and 9 deletions
|
@ -52,17 +52,77 @@ in {
|
|||
options = {
|
||||
${prefix} = {
|
||||
network.wg_subnets.IPv4 = lib.mkOption {
|
||||
type = str;
|
||||
type = types.str;
|
||||
description = "The IPv6 range that wireguard peers will use";
|
||||
};
|
||||
network.wg_subnets.IPv6 = lib.mkOption {
|
||||
type = str;
|
||||
type = types.str;
|
||||
description = "The IPv4 range that wireguard peers will use";
|
||||
};
|
||||
|
||||
# defining the entire hosts part as a module
|
||||
network.hosts = lib.mkOption {
|
||||
type = lib.types.set;
|
||||
description = "All hosts in this network that this config should be aware of";
|
||||
type = types.attrsOf (lib.types.submodule {
|
||||
options = {
|
||||
wg = lib.mkOption {
|
||||
type = lib.types.submodule {
|
||||
options = {
|
||||
enabled = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Enable WireGuard";
|
||||
};
|
||||
pubkey = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = "Public key for WireGuard";
|
||||
};
|
||||
port = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 51820;
|
||||
description = "Port for WireGuard";
|
||||
};
|
||||
};
|
||||
};
|
||||
description = "WireGuard configuration";
|
||||
};
|
||||
v4 = lib.mkOption {
|
||||
type = lib.types.submodule {
|
||||
options = {
|
||||
public = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = "Public IPv4 address";
|
||||
};
|
||||
internal = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Wireguard-internal IPv4 address";
|
||||
};
|
||||
};
|
||||
default = {};
|
||||
};
|
||||
description = "IPv4 configuration";
|
||||
};
|
||||
v6 = lib.mkOption {
|
||||
type = lib.types.submodule {
|
||||
options = {
|
||||
public = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
description = "Public IPv6 address";
|
||||
};
|
||||
internal = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Wireguard-internal IPv6 address";
|
||||
};
|
||||
};
|
||||
};
|
||||
description = "IPv6 configuration";
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
});
|
||||
default = {};
|
||||
description = "All hosts in this network that this config should be aware of";
|
||||
};
|
||||
};
|
||||
config = {
|
||||
|
@ -70,4 +130,5 @@ in {
|
|||
inherit hosts wg_subnets;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -38,8 +38,8 @@ in {
|
|||
networking.wireguard.interfaces.wg0 = {
|
||||
ips =
|
||||
if cfg.useIPv6
|
||||
then [${meshnetwork.wg_subnets.IPv6}]
|
||||
else [${meshnetwork.wg_subnets.IPv4}];
|
||||
then ["${meshnetwork.wg_subnets.IPv6}"]
|
||||
else ["${meshnetwork.wg_subnets.IPv4}"];
|
||||
listenPort = cfg.wireguardPort;
|
||||
privateKeyFile = "/var/lib/wireguard-keys/private";
|
||||
mtu = 1420;
|
||||
|
|
Loading…
Reference in a new issue