kfm/niveum
1
0
Fork 0
mirror of https://github.com/kmein/niveum synced 2026-03-19 03:21:10 +01:00
Code Releases Activity

~ retiolum

Browse Source
This commit is contained in:
Kierán Meinhardt
2019-02-05 20:21:41 +01:00
parent 4020f7018e
commit 77f8416914
2 changed files with 26 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
configs/scripts.nix
View File

@@ -353,6 +353,12 @@ let
executable = true; executable = true;
}; };
in unstable.writers.writeDashBin "generate-shell-nix" ''${generateShellNixPath} $*''; in unstable.writers.writeDashBin "generate-shell-nix" ''${generateShellNixPath} $*'';
scripts.tinc-generate-key =
unstable.writers.writeDashBin "tinc-generate-key" ''
TMPDIR=/tmp
${pkgs.openssl}/bin/openssl genrsa -out $TMPDIR/retiolum.rsa_key.priv 4096 2>/dev/null > /dev/null
${pkgs.openssl}/bin/openssl rsa -in $TMPDIR/retiolum.rsa_key.priv -pubout -out $TMPDIR/retiolum.rsa_key.pub 2>/dev/null > /dev/null
'';
scripts.dic = scripts.dic =
let dicPath = pkgs.fetchurl { let dicPath = pkgs.fetchurl {
url = "https://cgit.krebsco.de/dic/plain/dic?id=beeca40313f68874e05568f4041423c16202e9da"; url = "https://cgit.krebsco.de/dic/plain/dic?id=beeca40313f68874e05568f4041423c16202e9da";

37
modules/retiolum.nix
View File

@@ -1,8 +1,19 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
with lib; with lib;
let let
netname = "retiolum"; netname = "retiolum";
cfg = config.networking.retiolum; cfg = config.networking.retiolum;
retiolum = pkgs.fetchFromGitHub {
owner = "krebs";
repo = netname;
rev = "8edeafb01411943eb483b5431bccce6702406f12";
sha256 = "1vnmhr5qfxhndlnsk8c87qbbwmlph1inlj924vqymfm1lgsasdq0";
};
in { in {
options = { options = {
networking.retiolum.ipv4 = mkOption { networking.retiolum.ipv4 = mkOption {
@@ -25,48 +36,40 @@ in {
''; '';
}; };
}; };
config = { config = {
services.tinc.networks.${netname} = { services.tinc.networks.${netname} = {
name = cfg.nodename; name = cfg.nodename;
extraConfig = '' extraConfig = ''
LocalDiscovery = yes LocalDiscovery = yes
ConnectTo = gum
ConnectTo = ni
ConnectTo = prism
ConnectTo = eve
AutoConnect = yes AutoConnect = yes
''; '';
}; };
networking.extraHosts = builtins.readFile (pkgs.fetchurl {
name = "retiolum.hosts";
url = "https://lassul.us/retiolum.hosts";
# FIXME
sha256 = "0kr68c2j1kdnlg9wk78dq02xzgxqyqzj2hfc42h7v9irrmrhnjka";
});
environment.systemPackages = [ config.services.tinc.networks.${netname}.package ];
systemd.services."tinc.${netname}" = { systemd.services."tinc.${netname}" = {
path = with pkgs; [ curl gnutar bzip2 ];
preStart = '' preStart = ''
curl https://lassul.us/retiolum-hosts.tar.bz2 | tar -xjvf - -C /etc/tinc/${netname}/ || true cp -R ${retiolum}/hosts /etc/tinc/retiolum/ || true
''; '';
}; };
networking.extraHosts = builtins.readFile (toString "${retiolum}/etc.hosts");
environment.systemPackages = [ config.services.tinc.networks.${netname}.package ];
networking.firewall.allowedTCPPorts = [ 655 ]; networking.firewall.allowedTCPPorts = [ 655 ];
networking.firewall.allowedUDPPorts = [ 655 ]; networking.firewall.allowedUDPPorts = [ 655 ];
#services.netdata.portcheck.checks.tinc.port = 655;
systemd.network.enable = true; systemd.network.enable = true;
systemd.network.networks = { systemd.network.networks = {
"${netname}".extraConfig = '' "${netname}".extraConfig = ''
[Match] [Match]
Name = tinc.${netname} Name = tinc.${netname}
[Network] [Network]
Address=${cfg.ipv4}/12 Address=${cfg.ipv4}/12
Address=${cfg.ipv6}/16 Address=${cfg.ipv6}/16
''; '';
}; };
}; };
} }