Remove clanModules
This commit is contained in:
pinpox
@@ -1,81 +0,0 @@
|
||||
{
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
let
|
||||
dir = config.clan.core.settings.directory;
|
||||
machineDir = "${dir}/vars/per-machine";
|
||||
# TODO: This should use the inventory
|
||||
# However we are probably going to replace this with the network module.
|
||||
machinesFileSet = builtins.readDir machineDir;
|
||||
machines = lib.mapAttrsToList (name: _: name) machinesFileSet;
|
||||
|
||||
networkIdsUnchecked = builtins.map (
|
||||
machine:
|
||||
let
|
||||
fullPath = "${machineDir}/vars/per-machine/${machine}/zerotier/zerotier-network-id/value";
|
||||
in
|
||||
if builtins.pathExists fullPath then builtins.readFile fullPath else null
|
||||
) machines;
|
||||
networkIds = lib.filter (machine: machine != null) networkIdsUnchecked;
|
||||
networkId = if builtins.length networkIds == 0 then null else builtins.elemAt networkIds 0;
|
||||
in
|
||||
#TODO:trace on multiple found network-ids
|
||||
#TODO:trace on no single found networkId
|
||||
{
|
||||
options.clan.zerotier-static-peers = {
|
||||
excludeHosts = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ config.clan.core.settings.machine.name ];
|
||||
defaultText = lib.literalExpression "[ config.clan.core.settings.machine.name ]";
|
||||
description = "Hosts that should be excluded";
|
||||
};
|
||||
networkIps = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
description = "Extra zerotier network Ips that should be accepted";
|
||||
};
|
||||
networkIds = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
description = "Extra zerotier network Ids that should be accepted";
|
||||
};
|
||||
};
|
||||
|
||||
config.systemd.services.zerotier-static-peers-autoaccept =
|
||||
let
|
||||
zerotierIpFor = machine: "${machineDir}/vars/per-machine/${machine}/zerotier/zerotier-ip/value";
|
||||
networkIpsUnchecked = builtins.map (
|
||||
machine: if builtins.pathExists (zerotierIpFor machine) then machine else null
|
||||
) machines;
|
||||
networkIps = lib.filter (machine: machine != null) networkIpsUnchecked;
|
||||
machinesWithIp = lib.filterAttrs (name: _: (lib.elem name networkIps)) machinesFileSet;
|
||||
filteredMachines = lib.filterAttrs (
|
||||
name: _: !(lib.elem name config.clan.zerotier-static-peers.excludeHosts)
|
||||
) machinesWithIp;
|
||||
hosts = lib.mapAttrsToList (host: _: host) (
|
||||
lib.mapAttrs' (
|
||||
machine: _: lib.nameValuePair (builtins.readFile (zerotierIpFor machine)) [ machine ]
|
||||
) filteredMachines
|
||||
);
|
||||
allHostIPs = config.clan.zerotier-static-peers.networkIps ++ hosts;
|
||||
in
|
||||
lib.mkIf (config.clan.core.networking.zerotier.controller.enable) {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "zerotierone.service" ];
|
||||
path = [ config.clan.core.clanPkgs.zerotierone ];
|
||||
serviceConfig.ExecStart = pkgs.writeScript "static-zerotier-peers-autoaccept" ''
|
||||
#!/bin/sh
|
||||
${lib.concatMapStringsSep "\n" (host: ''
|
||||
${config.clan.core.clanPkgs.zerotier-members}/bin/zerotier-members allow --member-ip ${host}
|
||||
'') allHostIPs}
|
||||
${lib.concatMapStringsSep "\n" (host: ''
|
||||
${config.clan.core.clanPkgs.zerotier-members}/bin/zerotier-members allow ${host}
|
||||
'') config.clan.zerotier-static-peers.networkIds}
|
||||
'';
|
||||
};
|
||||
|
||||
config.clan.core.networking.zerotier.networkId = lib.mkDefault networkId;
|
||||
}
|
||||
Reference in New Issue
Block a user