Add static-hosts service

clanServices/static-hosts/default.nix

@@ -0,0 +1,35 @@
+{ packages }:
+{ exports', ... }:
+{
+  _class = "clan.service";
+  manifest.name = "clan-core/static-hosts";
+  manifest.description = "This is a test";
+
+  roles.default = { };
+
+  perMachine =
+    { machine, roles, ... }:
+    {
+      nixosModule =
+        { lib, ... }:
+        let
+
+          networks = lib.filter (n: n.networking != null) (builtins.attrValues exports'.instances);
+
+          sortedNetworks = lib.lists.sort (p: q: p.priority < q.priority) networks;
+
+          hostInNetwork = host: network: network ? ${host};
+
+          bestHost =
+            host:
+            (lib.findFirst (network: hostInNetwork host network) null sortedNetworks)
+            .networking.peers.${host}.host.plain or null;
+
+        in
+        {
+          networking.extraHosts = map (host: "${bestHost host} ${host}.clan") (
+            lib.attrNames roles.default.machines
+          );
+        };
+    };
+}

clanServices/static-hosts/evening.nix

@@ -0,0 +1,12 @@
+{
+  roles.evening.perInstance =
+    { settings, ... }:
+    {
+      nixosModule =
+        { ... }:
+        {
+          imports = [ ];
+          environment.etc.hello.text = "${settings.greeting} World!";
+        };
+    };
+}

clanServices/static-hosts/flake-module.nix

@@ -0,0 +1,22 @@
+{
+  self,
+  lib,
+  ...
+}:
+let
+  module = lib.modules.importApply ./default.nix {
+    inherit (self) packages;
+  };
+in
+{
+  clan.modules.static-hosts = module;
+
+  perSystem =
+    { ... }:
+    {
+      clan.nixosTests.static-hosts = {
+        imports = [ ./tests/vm/default.nix ];
+        clan.modules.static-hosts = module;
+      };
+    };
+}

clanServices/static-hosts/tests/eval-tests.nix

@@ -0,0 +1,42 @@
+{
+  module,
+  clanLib,
+  ...
+}:
+let
+  testFlake = clanLib.clan {
+    self = { };
+    # Point to the folder of the module
+    # TODO: make this optional
+    directory = ./..;
+
+    # Create some test machines
+    machines.jon = {
+      nixpkgs.hostPlatform = "x86_64-linux";
+    };
+    machines.sara = {
+      nixpkgs.hostPlatform = "x86_64-linux";
+    };
+
+    # Register the module for the test
+    modules.hello-world = module;
+
+    # Use the module in the test
+    inventory.instances = {
+      "hello" = {
+        module.name = "hello-world";
+        module.input = "self";
+
+        roles.evening.machines.jon = { };
+      };
+    };
+  };
+in
+{
+  test_simple = {
+    config = testFlake.config;
+
+    expr = { };
+    expected = { };
+  };
+}

clanServices/static-hosts/tests/vm/default.nix

@@ -0,0 +1,39 @@
+{
+  name = "service-hello-service";
+
+  clan = {
+    directory = ./.;
+    inventory = {
+      machines.peer1 = { };
+      machines.peer2 = { };
+
+      instances."test" = {
+        module.name = "hello-service";
+        module.input = "self";
+
+        # Assign the roles to the two machines
+        roles.morning.machines.peer1 = { };
+
+        roles.evening.machines.peer2 = {
+          # Set roles settings for the peers, where we want to differ from
+          # the role defaults
+          settings = {
+            greeting = "Good night";
+          };
+        };
+      };
+    };
+  };
+
+  testScript =
+    { ... }:
+    ''
+      start_all()
+
+      value = peer1.succeed("greet-world")
+      assert value.strip() == "Good morning World! I'm peer1", value
+
+      value = peer2.succeed("greet-world")
+      assert value.strip() == "Good night World! I'm peer2", value
+    '';
+}

clanServices/static-hosts/tests/vm/sops/users/admin/key.json

@@ -0,0 +1,4 @@
+{
+  "publickey": "age1qm0p4vf9jvcnn43s6l4prk8zn6cx0ep9gzvevxecv729xz540v8qa742eg",
+  "type": "age"
+}

clanServices/static-hosts/tests/vm/vars/per-machine/peer1/hello/hello/value

@@ -0,0 +1 @@
+Hello world from peer1

clanServices/wireguard/default.nix

@@ -1,3 +1,4 @@
+{ self }:
 /*
   There are two roles: peers and controllers:
     - Every controller has an endpoint set
@@ -67,6 +68,7 @@ let
       ...
     }:
     {
+
       networking.extraHosts =
         let
           domain = if settings.domain == null then instanceName else settings.domain;
@@ -169,6 +171,22 @@ in
         ...
       }:
       {
+        exports.networking.peers.${machine.name}.host.plain =
+          let
+            prefix =
+              if
+                builtins.pathExists (
+                  self + "/vars/per-machine/${machine.name}/wireguard-network-${instanceName}/prefix/value"
+                )
+              then
+                builtins.readFile (
+                  self + "/vars/per-machine/${machine.name}/wireguard-network-${instanceName}/prefix/value"
+                )
+              else
+                throw "path does not exist";
+          in
+          prefix + "::1";
+
         # Set default domain to instanceName
 
         # Peers connect to all controllers
@@ -404,6 +422,7 @@ in
   perMachine =
     { instances, machine, ... }:
     {
+
       nixosModule =
         { pkgs, lib, ... }:
         let
@@ -424,6 +443,7 @@ in
           );
         in
         {
+
           # Add assertions for role conflicts
           assertions = lib.forEach machineRoleConflicts (conflict: {
             assertion = false;

clanServices/wireguard/flake-module.nix

@@ -1,6 +1,6 @@
-{ lib, ... }:
+{ lib, self, ... }:
 let
-  module = lib.modules.importApply ./default.nix { };
+  module = lib.modules.importApply ./default.nix { inherit self;};
 in
 {
   clan.modules.wireguard = module;