{ config, lib, ... }:

with lib;
with builtins;
let
  networks = attrNames (readDir ./tinc/private);
in {
  imports = map (network: (./tinc/private + "/${network}")) networks;

  options.topology = {
    mainVpn = {
      interfaceName = mkOption {
        type = types.str;
        description = "Interface name of the main VPN";
      };

      subnet = mkOption {
        type = types.str;
        description = "CIDR subnet of the main VPN";
      };

      currentNodeIP = mkOption {
        type = types.str;
        description = "The current node's IP address in the VPN";
      };
    };
  };

  config = {
    services.tinc.networks = genAttrs networks (network: {
      name = config.networking.hostName;

      hosts = let
        hosts = attrNames (readDir (./tinc/private + "/${network}/hosts"));
        config = hostname: readFile (./tinc/private + "/${network}/hosts/${hostname}");
      in genAttrs hosts config;
    });

    networking.firewall.allowedUDPPorts = [ 655 ];
    networking.firewall.allowedTCPPorts = [ 655 ];
  };
}