gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

hosts: Refactor and new nomenclature

Browse source
This commit is contained in:
kat witch 2021-09-09 00:56:01 +01:00
parent 7b079e36d8
commit f88022f847
No known key found for this signature in database
GPG key ID: 1B477797DCA5EC72
45 changed files with 471 additions and 591 deletions
Download patch file Download diff file Expand all files Collapse all files

24
config/profiles/network.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: with lib;
{ config, lib, pkgs, sources, ... }: with lib;
{
options.network = with lib; {
@ -9,6 +9,28 @@
};
config = {
network.yggdrasil.extern = let
hexchen = (import sources.hexchen) { };
hexYgg = filterAttrs (_: c: c.enable)
(mapAttrs (_: host: host.config.network.yggdrasil) hexchen.hosts);
in {
endpoints = flatten (map (c: c.listen.endpoints) (filter
(c:
c.listen.enable && (c.pubkey
!= "0000000000000000000000000000000000000000000000000000000000000000"))
(attrValues hexYgg)));
pubkeys = {
satorin =
"53d99a74a648ff7bd5bc9ba68ef4f472fb4fb8b2e26dfecea33c781f0d5c9525";
shanghai =
"0cc3c26366cbfddfb1534b25c5655733d8f429edc941bcce674c46566fc87027";
grimoire =
"2a1567a2848540070328c9e938c58d40f2b1a3f08982c15c7edc5dcabfde3330";
boline =
"89684441745467da0d1bf7f47dc74ec3ca65e05c72f752298ef3c22a22024d43";
} // (mapAttrs (_: c: c.pubkey) hexYgg);
};
networking.firewall.extraCommands = "ip6tables -A INPUT -p 89 -i wgmesh-+ -j ACCEPT";
networking.nftables.extraInput = ''
meta l4proto 89 iifname wgmesh-* accept