1 files changed, 33 insertions, 12 deletions
diff --git a/common/tinc.nix b/common/tinc.nix
index d86b19c..e06bd27 100644
--- a/common/tinc.nix
+++ b/common/tinc.nix
@@ -1,11 +1,15 @@
+inputs:
 { config, lib, ... }:
 with lib;
 with builtins;
-let
+{
-  networks = attrNames (readDir ./tinc/private);
+  imports = [
-in {
+    (inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/networking/tinc.nix")
-  imports = map (network: (./tinc/private + "/${network}")) networks;
+  ];
+  disabledModules = [ "services/networking/tinc.nix" ];
  options.topology = {
    mainVpn = {
@@ -27,16 +31,33 @@ in {
  };
  config = {
-    services.tinc.networks = genAttrs networks (network: {
+    # Tinc configuration is in downstream repo
-      name = config.networking.hostName;
-      hosts = let
-        hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
-        config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
-      in genAttrs hosts config;
-    });
    networking.firewall.allowedUDPPorts = [ 655 ];
    networking.firewall.allowedTCPPorts = [ 655 ];
+    networking.hosts =
+      with builtins;
+      with lib;
+      let
+        networks = config.services.tinc.networks;
+        hosts = (flatten
+          (mapAttrsToList
+            (name: network: mapAttrsToList
+              (host: settings: {
+                host = "${host}.${name}.vpn";
+                addresses = map (subnet: subnet.address) settings.subnets;
+              })
+              network.hostSettings)
+            networks));
+        addresses =
+          zipAttrs
+            (flatten
+              (forEach hosts ({ host, addresses }:
+                (forEach addresses (address:
+                  { "${address}" = host; })))));
+      in
+      addresses;
  };
 }

diff --git a/common/tinc.nix b/common/tinc.nix index d86b19c..e06bd27 100644 --- a/common/tinc.nix +++ b/common/tinc.nix
@@ -1,11 +1,15 @@
		1	inputs:
		2
1	{ config, lib, ... }:	3	{ config, lib, ... }:
2		4
3	with lib;	5	with lib;
4	with builtins;	6	with builtins;
5	let	7	{
6	networks = attrNames (readDir ./tinc/private);	8	imports = [
7	in {	9	(inputs.nixpkgs-unstable.outPath + "/nixos/modules/services/networking/tinc.nix")
8	imports = map (network: (./tinc/private + "/${network}")) networks;	10	];
		11
		12	disabledModules = [ "services/networking/tinc.nix" ];
9		13
10	options.topology = {	14	options.topology = {
11	mainVpn = {	15	mainVpn = {
@@ -27,16 +31,33 @@ in {
27	};	31	};
28		32
29	config = {	33	config = {
30	services.tinc.networks = genAttrs networks (network: {	34	# Tinc configuration is in downstream repo
31	name = config.networking.hostName;
32
33	hosts = let
34	hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
35	config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
36	in genAttrs hosts config;
37	});
38		35
39	networking.firewall.allowedUDPPorts = [ 655 ];	36	networking.firewall.allowedUDPPorts = [ 655 ];
40	networking.firewall.allowedTCPPorts = [ 655 ];	37	networking.firewall.allowedTCPPorts = [ 655 ];
		38
		39	networking.hosts =
		40	with builtins;
		41	with lib;
		42	let
		43	networks = config.services.tinc.networks;
		44	hosts = (flatten
		45	(mapAttrsToList
		46	(name: network: mapAttrsToList
		47	(host: settings: {
		48	host = "${host}.${name}.vpn";
		49	addresses = map (subnet: subnet.address) settings.subnets;
		50	})
		51	network.hostSettings)
		52	networks));
		53
		54	addresses =
		55	zipAttrs
		56	(flatten
		57	(forEach hosts ({ host, addresses }:
		58	(forEach addresses (address:
		59	{ "${address}" = host; })))));
		60	in
		61	addresses;
41	};	62	};
42	}	63	}