common/tinc: add topology options and allow port 655

author: Minijackson <minijackson@riseup.net> 2021-02-07 15:27:48 +0100
committer: Minijackson <minijackson@riseup.net> 2021-02-07 15:27:48 +0100
commit: 5fc074fadc3ced4634865daf21518a393a8751ba (patch)
tree: 62afc532b7746efb4ee6d1f6b30f10ab4ef2ec7a
parent: 218e1b84d0101aba732dab78683c12dafaf3fdb9 (diff)
download: nixos-config-reborn-5fc074fadc3ced4634865daf21518a393a8751ba.tar.gz
nixos-config-reborn-5fc074fadc3ced4634865daf21518a393a8751ba.zip
1 files changed, 31 insertions, 7 deletions
diff --git a/common/tinc.nix b/common/tinc.nix
index 1016f42..d86b19c 100644
--- a/common/tinc.nix
+++ b/common/tinc.nix
@@ -7,12 +7,36 @@ let
 in {
  imports = map (network: (./tinc/private + "/${network}")) networks;
-  services.tinc.networks = genAttrs networks (network: {
+  options.topology = {
-    name = config.networking.hostName;
+    mainVpn = {
+      interfaceName = mkOption {
+        type = types.str;
+        description = "Interface name of the main VPN";
+      };
-    hosts = let
+      subnet = mkOption {
-      hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
+        type = types.str;
-      config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
+        description = "CIDR subnet of the main VPN";
-    in genAttrs hosts config;
+      };
-  });
+      currentNodeIP = mkOption {
+        type = types.str;
+        description = "The current node's IP address in the VPN";
+      };
+    };
+  };
+  config = {
+    services.tinc.networks = genAttrs networks (network: {
+      name = config.networking.hostName;
+      hosts = let
+        hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
+        config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
+      in genAttrs hosts config;
+    });
+    networking.firewall.allowedUDPPorts = [ 655 ];
+    networking.firewall.allowedTCPPorts = [ 655 ];
+  };
 }
author	Minijackson <minijackson@riseup.net>	2021-02-07 15:27:48 +0100
committer	Minijackson <minijackson@riseup.net>	2021-02-07 15:27:48 +0100
commit	5fc074fadc3ced4634865daf21518a393a8751ba (patch)
tree	62afc532b7746efb4ee6d1f6b30f10ab4ef2ec7a
parent	218e1b84d0101aba732dab78683c12dafaf3fdb9 (diff)
download	nixos-config-reborn-5fc074fadc3ced4634865daf21518a393a8751ba.tar.gz nixos-config-reborn-5fc074fadc3ced4634865daf21518a393a8751ba.zip

diff --git a/common/tinc.nix b/common/tinc.nix index 1016f42..d86b19c 100644 --- a/common/tinc.nix +++ b/common/tinc.nix
@@ -7,12 +7,36 @@ let
7	in {	7	in {
8	imports = map (network: (./tinc/private + "/${network}")) networks;	8	imports = map (network: (./tinc/private + "/${network}")) networks;
9		9
10	services.tinc.networks = genAttrs networks (network: {	10	options.topology = {
11	name = config.networking.hostName;	11	mainVpn = {
		12	interfaceName = mkOption {
		13	type = types.str;
		14	description = "Interface name of the main VPN";
		15	};
12		16
13	hosts = let	17	subnet = mkOption {
14	hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));	18	type = types.str;
15	config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");	19	description = "CIDR subnet of the main VPN";
16	in genAttrs hosts config;	20	};
17	});	21
		22	currentNodeIP = mkOption {
		23	type = types.str;
		24	description = "The current node's IP address in the VPN";
		25	};
		26	};
		27	};
		28
		29	config = {
		30	services.tinc.networks = genAttrs networks (network: {
		31	name = config.networking.hostName;
		32
		33	hosts = let
		34	hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
		35	config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
		36	in genAttrs hosts config;
		37	});
		38
		39	networking.firewall.allowedUDPPorts = [ 655 ];
		40	networking.firewall.allowedTCPPorts = [ 655 ];
		41	};
18	}	42	}