yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

drop meshnamed from repository

Browse Source 
It's not super useful and we can always add it back later if we need it.
This commit is contained in:
Jörg Thalheim
2024-03-06 09:43:50 +01:00
parent f542c3135c
commit c23a878dfd
11 changed files with 19 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
nixosModules/clanCore/zerotier/default.nix
View File

@@ -87,14 +87,10 @@ in
# having to re-import nixpkgs.
services.zerotierone.package = lib.mkDefault (pkgs.zerotierone.overrideAttrs (_old: { meta = { }; }));
})
(lib.mkIf ((facts.zerotier-meshname.value or null) != null) {
environment.etc."zerotier/hostname".text = "${facts.zerotier-meshname.value}.vpn";
})
(lib.mkIf ((facts.zerotier-ip.value or null) != null) {
environment.etc."zerotier/ip".text = facts.zerotier-ip.value;
})
(lib.mkIf (cfg.networkId != null) {
clan.networking.meshnamed.networks.vpn.subnet = cfg.subnet;
systemd.network.networks."09-zerotier" = {
matchConfig.Name = "zt*";
@@ -174,14 +170,12 @@ in
# we generate the zerotier code manually for the controller, since it's part of the bootstrap command
clanCore.secrets.zerotier = {
facts.zerotier-ip = { };
facts.zerotier-meshname = { };
facts.zerotier-network-id = { };
secrets.zerotier-identity-secret = { };
generator.path = [ config.services.zerotierone.package pkgs.fakeroot pkgs.python3 ];
generator.script = ''
python3 ${./generate.py} --mode network \
--ip "$facts/zerotier-ip" \
--meshname "$facts/zerotier-meshname" \
--identity-secret "$secrets/zerotier-identity-secret" \
--network-id "$facts/zerotier-network-id"
'';
@@ -193,13 +187,11 @@ in
(lib.mkIf (!cfg.controller.enable && cfg.networkId != null) {
clanCore.secrets.zerotier = {
facts.zerotier-ip = { };
facts.zerotier-meshname = { };
secrets.zerotier-identity-secret = { };
generator.path = [ config.services.zerotierone.package pkgs.python3 ];
generator.script = ''
python3 ${./generate.py} --mode identity \
--ip "$facts/zerotier-ip" \
--meshname "$facts/zerotier-meshname" \
--identity-secret "$secrets/zerotier-identity-secret" \
--network-id ${cfg.networkId}
'';

8
nixosModules/clanCore/zerotier/generate.py
View File

@@ -1,5 +1,4 @@
import argparse
import base64
import contextlib
import ipaddress
import json
@@ -198,17 +197,12 @@ def compute_zerotier_ip(network_id: str, identity: Identity) -> ipaddress.IPv6Ad
return ipaddress.IPv6Address(bytes(addr_parts))
def compute_zerotier_meshname(ip: ipaddress.IPv6Address) -> str:
return base64.b32encode(ip.packed)[0:26].decode("ascii").lower()
def main() -> None:
parser = argparse.ArgumentParser()
parser.add_argument(
"--mode", choices=["network", "identity"], required=True, type=str
)
parser.add_argument("--ip", type=Path, required=True)
parser.add_argument("--meshname", type=Path, required=True)
parser.add_argument("--identity-secret", type=Path, required=True)
parser.add_argument("--network-id", type=str, required=False)
args = parser.parse_args()
@@ -227,11 +221,9 @@ def main() -> None:
case _:
raise ValueError(f"unknown mode {args.mode}")
ip = compute_zerotier_ip(network_id, identity)
meshname = compute_zerotier_meshname(ip)
args.identity_secret.write_text(identity.private)
args.ip.write_text(ip.compressed)
args.meshname.write_text(meshname)
if __name__ == "__main__":