gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor(access): network interface config

Browse source
This commit is contained in:
arcnmx 2024-03-23 21:13:01 -07:00
parent ee3834d72a
commit f2fddc1001
42 changed files with 466 additions and 189 deletions
Download patch file Download diff file Expand all files Collapse all files

21
nixos/reisen-ct/proxmox.nix
View file

@ -1,9 +1,14 @@
{
lib,
inputs,
modulesPath,
system,
...
}: let
inherit (lib.modules) mkDefault;
inherit (inputs.self.lib.lib) unmerged;
inherit (lib.modules) mkIf mkMerge mkDefault;
inherit (lib.attrsets) mapAttrsToList;
inherit (system) proxmox;
in {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
@ -16,4 +21,18 @@ in {
# nix default is way too big
GC_INITIAL_HEAP_SIZE = mkDefault "8M";
};
proxmoxLXC.privileged = mkIf (proxmox.container.enable && proxmox.container.privileged) true;
systemd.network = mkIf proxmox.enabled (mkMerge (mapAttrsToList (_: interface: mkIf (interface.enable && interface.networkd.enable) {
networks.${interface.name} = unmerged.mergeAttrs interface.networkd.networkSettings;
}) proxmox.network.interfaces));
networking.firewall.interfaces.int = let
inherit (proxmox.network.internal) interface;
in mkIf (interface != null) {
nftables.conditions = [
"iifname ${interface.name}"
];
};
}