44 lines
1,006 B
Nix
44 lines
1,006 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
|
|
with lib;
|
|
let
|
|
hosts = import ./hosts;
|
|
|
|
cfg = config.services.my-tinc;
|
|
|
|
mapAttrs =
|
|
f: attrs:
|
|
builtins.listToAttrs (
|
|
map (name: {
|
|
inherit name;
|
|
value = f name (builtins.getAttr name attrs);
|
|
}) (builtins.attrNames attrs)
|
|
);
|
|
in
|
|
{
|
|
config = mkIf cfg.enable {
|
|
# All hosts we know of
|
|
services.tinc.networks.my-tinc.hostSettings = mapAttrs (name: host: {
|
|
addresses = if (host ? address) then [ { address = host.address; } ] else [ ];
|
|
subnets = [ { address = host.subnetAddr; } ];
|
|
rsaPublicKey = mkIf (host ? "rsaPublicKey") host.rsaPublicKey;
|
|
settings.Ed25519PublicKey = mkIf (host ? "ed25519PublicKey") host.ed25519PublicKey;
|
|
}) hosts;
|
|
|
|
# Add all of them to host
|
|
nki.services.edns = {
|
|
enable = true;
|
|
cloaking-rules = (
|
|
lib.attrsets.mapAttrs' (name: host: {
|
|
name = "${name}.tinc";
|
|
value = host.subnetAddr;
|
|
}) hosts
|
|
);
|
|
};
|
|
};
|
|
}
|