73 lines
1.9 KiB
Nix
73 lines
1.9 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
...
|
|
}: let
|
|
prefix = "meshconfig";
|
|
|
|
#define wireguard subnets
|
|
wg_subnets = {
|
|
IPv4 = "10.35.0.1/24";
|
|
IPv6 = "fd1a:acab:cafe:1337::/64";
|
|
};
|
|
|
|
#Below is where all hosts are defined
|
|
hosts = {
|
|
wg-gateway = {
|
|
wg = {
|
|
enabled = true;
|
|
pubkey = "lol";
|
|
port = 51820;
|
|
};
|
|
v4 = {
|
|
public = "78.47.226.47";
|
|
# we use 10.35.0.0/16 as a range for private subnets, specifically 10.35.0.0/24 for wireguard peers
|
|
internal = "10.35.0.1";
|
|
};
|
|
v6 = {
|
|
public = "2a01:4f8:1c1b:d2db::";
|
|
# 1aacabcafe is the global ID and 1337 is the wireguard peer subnet ID, resulting in the ULA fd1a:acab:cafe:1337::/64
|
|
internal = "fd1a:acab:cafe:1337:8f4c:68cd";
|
|
};
|
|
};
|
|
supernova = {
|
|
wg = {
|
|
enabled = true;
|
|
pubkey = "lol";
|
|
port = 51820;
|
|
};
|
|
v4 = {
|
|
public = "";
|
|
# we use 10.35.0.0/16 as a range for private subnets, specifically 10.35.0.0/24 for wireguard peers
|
|
internal = "10.35.0.2";
|
|
};
|
|
v6 = {
|
|
public = "";
|
|
# 1aacabcafe is the global ID and 1337 is the wireguard peer subnet ID, resulting in the ULA fd1a:acab:cafe:1337::/64
|
|
internal = "fd1a:acab:cafe:1337:6722:3657";
|
|
};
|
|
};
|
|
};
|
|
in {
|
|
options = {
|
|
${prefix} = {
|
|
network.wg_subnets.IPv4 = lib.mkOption {
|
|
type = str;
|
|
description = "The IPv6 range that wireguard peers will use";
|
|
};
|
|
network.wg_subnets.IPv6 = lib.mkOption {
|
|
type = str;
|
|
description = "The IPv4 range that wireguard peers will use";
|
|
};
|
|
network.hosts = lib.mkOption {
|
|
type = lib.types.set;
|
|
description = "All hosts in this network that this config should be aware of";
|
|
};
|
|
};
|
|
};
|
|
config = {
|
|
${prefix}.network = {
|
|
inherit hosts wg_subnets;
|
|
};
|
|
};
|
|
}
|