clan/clan-core
12
3
Fork 15
Code Issues 95 Pull Requests 4 Actions Packages Projects 1 Releases Wiki Activity
cf68bd41d6
clan-core/nixosModules/clanCore/meshnamed/default.nix
a-kenji 1f03a9b7ec
All checks were successful
checks-impure / test (pull_request) Successful in 1m28s
Details
checks / test (pull_request) Successful in 1m40s
Details
Fix typo
2023-11-16 14:39:15 +01:00

83 lines
2.7 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
cfg = config.clan.networking.meshnamed;
in
{
options.clan.networking.meshnamed = {
enable = (lib.mkEnableOption "meshnamed") // {
default = config.clan.networking.meshnamed.networks != { };
};
listenAddress = lib.mkOption {
type = lib.types.str;
default = "fd66:29e9:f422:8dfe:beba:68ec:bd09:7876";
description = lib.mdDoc ''
The address to listen on.
'';
};
networks = lib.mkOption {
default = { };
type = lib.types.attrsOf (lib.types.submodule ({ name, ... }: {
options = {
name = lib.mkOption {
default = name;
type = lib.types.str;
example = "my-network";
description = lib.mdDoc ''
The name of the network.
'';
};
subnet = lib.mkOption {
type = lib.types.str;
example = "fd43:7def:4b50:28d0:4e99:9347:3035:17ef/88";
description = lib.mdDoc ''
The subnet to use for the mesh network.
'';
};
};
}));
};
};
config = lib.mkIf config.clan.networking.meshnamed.enable {
# we assign this random source address to bind meshnamed to.
systemd.network.netdevs."08-meshnamed" = {
netdevConfig = {
Name = "meshnamed";
Kind = "dummy";
};
};
systemd.network.networks."08-meshnamed" = {
matchConfig.Name = "meshnamed";
networkConfig = {
Address = [ "${cfg.listenAddress}/128" ];
DNS = [ config.clan.networking.meshnamed.listenAddress ];
Domains = [ "~${lib.concatMapStringsSep "," (network: network.name) (builtins.attrValues config.clan.networking.meshnamed.networks)}" ];
};
};
# for convenience, so we can debug with dig
networking.extraHosts = ''
${cfg.listenAddress} meshnamed
'';
systemd.services.meshnamed =
let
networks = lib.concatMapStringsSep "," (network: "${network.name}=${network.subnet}")
(builtins.attrValues config.clan.networking.meshnamed.networks);
in
{
# fix container test
after = [ "network.target" ] ++ lib.optional config.boot.isContainer "sys-devices-virtual-net-meshnamed.device";
bindsTo = lib.optional (!config.boot.isContainer) "sys-devices-virtual-net-meshnamed.device";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.callPackage ../../../pkgs/meshname/default.nix { }}/bin/meshnamed -networks ${networks} -listenaddr [${cfg.listenAddress}]:53";
# to bind port 53
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
DynamicUser = true;
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink