mirror of
https://github.com/gensokyo-zone/infrastructure.git
synced 2026-02-09 12:29:19 -08:00
feat(exports): service access
This commit is contained in:
arcnmx
parent
91918b8061
commit
871b1c5b2d
69 changed files with 1317 additions and 509 deletions
|
|
@ -8,10 +8,12 @@
|
|||
}: let
|
||||
inherit (inputs.self) nixosConfigurations;
|
||||
inherit (inputs.self.lib) systems;
|
||||
inherit (inputs.self.lib.lib) domain;
|
||||
inherit (inputs.self.lib.lib) domain mkAddress6;
|
||||
inherit (lib.options) mkOption mkEnableOption;
|
||||
inherit (lib.modules) mkIf mkMerge mkDefault mkOptionDefault;
|
||||
inherit (lib.attrsets) mapAttrs;
|
||||
inherit (lib.attrsets) mapAttrs attrValues;
|
||||
inherit (lib.lists) findSingle;
|
||||
inherit (lib.trivial) mapNullable;
|
||||
cfg = config.access;
|
||||
systemConfig = config;
|
||||
systemAccess = access;
|
||||
|
|
@ -42,20 +44,29 @@
|
|||
config = {
|
||||
networking.access = {
|
||||
moduleArgAttrs = let
|
||||
mkGetAddressFor = addressForAttr: hostName: network: let
|
||||
mkGetAddressFor = nameAllowed: addressForAttr: hostName: network: let
|
||||
forSystem = access.systemFor hostName;
|
||||
err = throw "no lan interface found between ${config.networking.hostName} and ${hostName}";
|
||||
err = throw "no interface found between ${config.networking.hostName} -> ${hostName}@${network}";
|
||||
fallback = if nameAllowed
|
||||
then lib.warn "getAddressFor hostname fallback for ${config.networking.hostName} -> ${hostName}@${network}" (access.getHostnameFor hostName network)
|
||||
else err;
|
||||
local = forSystem.access.${addressForAttr}.local or forSystem.access.address4ForNetwork.local or fallback;
|
||||
int = forSystem.access.${addressForAttr}.int or forSystem.access.address4ForNetwork.int or fallback;
|
||||
tail = forSystem.access.${addressForAttr}.tail or fallback;
|
||||
in {
|
||||
lan =
|
||||
if has'Int then forSystem.access.${addressForAttr}.int or forSystem.access.${addressForAttr}.local or err
|
||||
else if has'Local then forSystem.access.${addressForAttr}.local or err
|
||||
else err;
|
||||
${if has'Local then "local" else null} = forSystem.access.${addressForAttr}.local or err;
|
||||
${if has'Int then "int" else null} = forSystem.access.${addressForAttr}.int or err;
|
||||
${if has'Tail then "tail" else null} = forSystem.access.${addressForAttr}.tail or err;
|
||||
}.${network} or err;
|
||||
if hostName == system.name then forSystem.access.${addressForAttr}.localhost
|
||||
else if has'Int then int
|
||||
else if has'Local then local
|
||||
else fallback;
|
||||
${if has'Local then "local" else null} = local;
|
||||
${if has'Int then "int" else null} = int;
|
||||
${if has'Tail then "tail" else null} = tail;
|
||||
}.${network} or fallback;
|
||||
in {
|
||||
inherit (systemAccess) hostnameForNetwork address4ForNetwork address6ForNetwork;
|
||||
inherit (systemAccess)
|
||||
hostnameForNetwork address4ForNetwork address6ForNetwork
|
||||
systemForService systemForServiceId;
|
||||
addressForNetwork = systemAccess.${addressForAttr};
|
||||
systemFor = hostName:
|
||||
if hostName == config.networking.hostName
|
||||
|
|
@ -73,21 +84,39 @@
|
|||
if hostName == config.networking.hostName
|
||||
then config
|
||||
else systemAccess.nixosForOrNull hostName;
|
||||
getAddressFor = mkGetAddressFor addressForAttr;
|
||||
getAddress4For = mkGetAddressFor "address4ForNetwork";
|
||||
getAddress6For = mkGetAddressFor "address6ForNetwork";
|
||||
getAddressFor = mkGetAddressFor true addressForAttr;
|
||||
getAddress4For = mkGetAddressFor false "address4ForNetwork";
|
||||
getAddress6For = mkGetAddressFor false "address6ForNetwork";
|
||||
getHostnameFor = hostName: network: let
|
||||
forSystem = access.systemFor hostName;
|
||||
err = throw "no ${network} interface found between ${config.networking.hostName} and ${hostName}";
|
||||
in {
|
||||
lan =
|
||||
if has'Int then forSystem.access.hostnameForNetwork.int or forSystem.access.hostnameForNetwork.local or err
|
||||
if hostName == system.name then forSystem.access.hostnameForNetwork.localhost
|
||||
else if has'Int then forSystem.access.hostnameForNetwork.int or forSystem.access.hostnameForNetwork.local or err
|
||||
else if has'Local then forSystem.access.hostnameForNetwork.local or err
|
||||
else err;
|
||||
${if has'Local then "local" else null} = forSystem.access.hostnameForNetwork.local or err;
|
||||
${if has'Int then "int" else null} = forSystem.access.hostnameForNetwork.int or err;
|
||||
${if has'Tail then "tail" else null} = forSystem.access.hostnameForNetwork.tail or err;
|
||||
}.${network} or err;
|
||||
proxyUrlFor = {
|
||||
system ? if serviceId != null then access.systemForServiceId serviceId else access.systemForService serviceName,
|
||||
serviceName ? mapNullable (serviceId: (findSingle (s: s.id == serviceId) null null (attrValues system.exports.services)).name) serviceId,
|
||||
serviceId ? null,
|
||||
service ? system.exports.services.${serviceName},
|
||||
portName ? "default",
|
||||
network ? "lan",
|
||||
scheme ? null,
|
||||
}: let
|
||||
port = service.ports.${portName};
|
||||
scheme' = if scheme == null then port.protocol else scheme;
|
||||
port' = if !port.enable
|
||||
then throw "${system.name}.exports.services.${service.name}.ports.${portName} isn't enabled"
|
||||
else ":${toString port.port}";
|
||||
host = access.getAddressFor system.name network;
|
||||
url = "${scheme'}://${mkAddress6 host}${port'}";
|
||||
in assert service.enable; url;
|
||||
};
|
||||
};
|
||||
networking.tempAddresses = mkIf cfg.global.enable (
|
||||
|
|
@ -110,7 +139,6 @@ in {
|
|||
type = str;
|
||||
default = domain;
|
||||
};
|
||||
tailscale.enable = mkEnableOption "tailscale access";
|
||||
global.enable = mkEnableOption "globally routeable";
|
||||
hostnameForNetwork = mkOption {
|
||||
type = attrsOf str;
|
||||
|
|
@ -143,6 +171,7 @@ in {
|
|||
hostnameForNetwork = mkMerge [
|
||||
(mapAttrs (_: mapNetworkFqdn) config.network.networks)
|
||||
{
|
||||
localhost = mkOptionDefault "localhost";
|
||||
lan = mkMerge [
|
||||
(mapNetwork' mkDefault "fqdn" int)
|
||||
(mapNetworkFqdn local)
|
||||
|
|
@ -153,6 +182,7 @@ in {
|
|||
address4ForNetwork = mkMerge [
|
||||
(mapAttrs (_: mapNetwork4) config.network.networks)
|
||||
{
|
||||
localhost = mkOptionDefault "127.0.0.1";
|
||||
lan = mkMerge [
|
||||
(mapNetwork' mkDefault "address4" int)
|
||||
(mapNetwork4 local)
|
||||
|
|
@ -162,6 +192,7 @@ in {
|
|||
address6ForNetwork = mkMerge [
|
||||
(mapAttrs (_: mapNetwork6) config.network.networks)
|
||||
{
|
||||
localhost = mkOptionDefault "::1";
|
||||
lan = mkMerge [
|
||||
(mapNetwork' mkDefault "address6" int)
|
||||
(mapNetwork6 local)
|
||||
|
|
@ -176,6 +207,16 @@ in {
|
|||
systemForOrNull = hostName: systems.${hostName}.config or null;
|
||||
nixosFor = hostName: nixosConfigurations.${hostName}.config or (access.systemFor hostName).built.config;
|
||||
nixosForOrNull = hostName: nixosConfigurations.${hostName}.config or (access.systemForOrNull hostName).built.config or null;
|
||||
systemForService = service: let
|
||||
hasService = system: system.config.exports.services.${service}.enable;
|
||||
notFound = throw "no system found serving ${service}";
|
||||
multiple = throw "multiple systems found serving ${service}";
|
||||
in (findSingle hasService notFound multiple (attrValues systems)).config;
|
||||
systemForServiceId = serviceId: let
|
||||
hasService = system: findSingle (service: service.id == serviceId && service.enable) null multiple (attrValues system.config.exports.services) != null;
|
||||
notFound = throw "no system found serving ${serviceId}";
|
||||
multiple = throw "multiple systems found serving ${serviceId}";
|
||||
in (findSingle hasService notFound multiple (attrValues systems)).config;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue