gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compatibility, bringing Sumireko into the fold. Deprecate katexprs.

Browse source
This commit is contained in:
kat 2022-04-12 13:25:56 +01:00 committed by kat
parent efae399c70
commit 40edeef897
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
39 changed files with 879 additions and 175 deletions
Download patch file Download diff file Expand all files Collapse all files

54
config/modules/home/firewall.nix Normal file
View file

@ -0,0 +1,54 @@
{ config, lib, pkgs, ... }:
with lib;
let cfg = config.network.firewall;
in
{
options.network.firewall = {
public.tcp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
public.udp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
private.tcp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
private.udp.ports = mkOption {
type = types.listOf types.port;
default = [ ];
};
public.tcp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
public.udp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
private.tcp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
private.udp.ranges = mkOption {
type = types.listOf (types.attrsOf types.port);
default = [ ];
};
public.interfaces = mkOption {
type = types.listOf types.str;
description = "Public firewall interfaces";
default = [ ];
};
private.interfaces = mkOption {
type = types.listOf types.str;
description = "Private firewall interfaces";
default = [ ];
};
};
}

81
config/modules/home/network.nix Normal file
View file

@ -0,0 +1,81 @@
{ config, nixos, lib, ... }:
with lib;
{
options.network = {
enable = mkEnableOption "Use kat's network module?";
addresses = mkOption {
type = with types; attrsOf (submodule ({ name, ... }: {
options = {
enable = mkEnableOption "Is the system a part of the ${name} network?";
ipv4 = {
enable = mkOption {
type = types.bool;
};
address = mkOption {
type = types.str;
};
};
ipv6 = {
enable = mkOption {
type = types.bool;
};
address = mkOption {
type = types.str;
};
};
prefix = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
out = {
identifierList = mkOption {
type = types.listOf types.str;
default = if config.enable then singleton config.domain ++ config.out.addressList else [ ];
};
addressList = mkOption {
type = types.listOf types.str;
default = if config.enable then concatMap (i: optional i.enable i.address) [ config.ipv4 config.ipv6 ] else [ ];
};
};
};
}));
};
privateGateway = mkOption {
type = types.str;
};
tf = {
enable = mkEnableOption "Was the system provisioned by terraform?";
ipv4_attr = mkOption {
type = types.str;
};
ipv6_attr = mkOption {
type = types.str;
};
};
dns = {
enable = mkEnableOption "Do you want DNS to be semi-managed through this module?";
isRoot = mkEnableOption "Is this system supposed to be the @ for the domain?";
email = mkOption {
type = types.nullOr types.str;
};
zone = mkOption {
type = types.nullOr types.str;
};
domain = mkOption {
type = types.nullOr types.str;
};
dynamic = mkEnableOption "Enable Glauca Dynamic DNS Updater";
};
};
config = {
network.addresses = nixos.network.addresses or {};
network.privateGateway = nixos.network.privateGateway or "";
network.tf = nixos.network.tf or {};
network.dns = nixos.network.dns or {};
};
}