From 5fc074fadc3ced4634865daf21518a393a8751ba Mon Sep 17 00:00:00 2001
From: Minijackson <minijackson@riseup.net>
Date: Sun, 7 Feb 2021 15:27:48 +0100
Subject: common/tinc: add topology options and allow port 655

---
 common/tinc.nix | 38 +++++++++++++++++++++++++++++++-------
 1 file changed, 31 insertions(+), 7 deletions(-)

diff --git a/common/tinc.nix b/common/tinc.nix
index 1016f42..d86b19c 100644
--- a/common/tinc.nix
+++ b/common/tinc.nix
@@ -7,12 +7,36 @@ let
 in {
   imports = map (network: (./tinc/private + "/${network}")) networks;
 
-  services.tinc.networks = genAttrs networks (network: {
-    name = config.networking.hostName;
+  options.topology = {
+    mainVpn = {
+      interfaceName = mkOption {
+        type = types.str;
+        description = "Interface name of the main VPN";
+      };
 
-    hosts = let
-      hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
-      config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
-    in genAttrs hosts config;
-  });
+      subnet = mkOption {
+        type = types.str;
+        description = "CIDR subnet of the main VPN";
+      };
+
+      currentNodeIP = mkOption {
+        type = types.str;
+        description = "The current node's IP address in the VPN";
+      };
+    };
+  };
+
+  config = {
+    services.tinc.networks = genAttrs networks (network: {
+      name = config.networking.hostName;
+
+      hosts = let
+        hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
+        config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
+      in genAttrs hosts config;
+    });
+
+    networking.firewall.allowedUDPPorts = [ 655 ];
+    networking.firewall.allowedTCPPorts = [ 655 ];
+  };
 }
-- 
cgit v1.2.3