VSinerva/nixos-conf
1
0
Fork 0
Code Activity Actions

Centralize IPv6 GUA prefix configuration

Browse source
This commit is contained in:
Vili Sinervä 2025-02-21 12:36:07 +02:00
parent f95617dfa4
commit 89516c5477
No known key found for this signature in database
GPG key ID: DF8FEAF54EFAC996
4 changed files with 181 additions and 172 deletions
Download patch file Download diff file Expand all files Collapse all files

12
base.nix
View file

@ -1,5 +1,14 @@
{ pkgs, ... }: { pkgs, lib, ... }:
{ {
options.custom.gua_pref = lib.mkOption {
type = with lib.types; nullOr (strMatching "^[0-9a-zA-Z:]+$");
default = null;
description = "IPv6 GUA Prefix to use in other confs";
};
config = {
custom.gua_pref = "2001:14ba:a090:39";
######################################## Packages ############################################### ######################################## Packages ###############################################
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
tmux tmux
@ -180,4 +189,5 @@
efi.canTouchEfiVariables = pkgs.lib.mkDefault true; efi.canTouchEfiVariables = pkgs.lib.mkDefault true;
timeout = pkgs.lib.mkDefault 0; timeout = pkgs.lib.mkDefault 0;
}; };
};
} }

8
machine-confs/helium.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, config, ... }:
{ {
networking = { networking = {
hostName = "helium"; hostName = "helium";
@ -6,9 +6,9 @@
wg-quick.interfaces = { wg-quick.interfaces = {
wg0 = { wg0 = {
autostart = true; autostart = true;
address = [ "2001:14ba:a090:39ff::2/64" ]; address = [ "${config.custom.gua_pref}ff::2/64" ];
dns = [ dns = [
"2001:14ba:a090:39ff::1" "${config.custom.gua_pref}ff::1"
"vsinerva.fi" "vsinerva.fi"
]; ];
privateKeyFile = "/root/wireguard-keys/privatekey-home"; privateKeyFile = "/root/wireguard-keys/privatekey-home";
@ -50,7 +50,7 @@
}; };
services.clatd = { services.clatd = {
enable = true; enable = true;
settings.clat-v6-addr = "2001:14ba:a090:39ff::c2"; settings.clat-v6-addr = "${config.custom.gua_pref}ff::c2";
}; };
systemd.services.clatd.wants = [ "wg-quick-wg0.service" ]; systemd.services.clatd.wants = [ "wg-quick-wg0.service" ];

8
machine-confs/lithium.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, config, ... }:
{ {
networking = { networking = {
hostName = "lithium"; hostName = "lithium";
@ -6,9 +6,9 @@
wg-quick.interfaces = { wg-quick.interfaces = {
wg0 = { wg0 = {
autostart = true; autostart = true;
address = [ "2001:14ba:a090:39ff::3/64" ]; address = [ "${config.custom.gua_pref}ff::3/64" ];
dns = [ dns = [
"2001:14ba:a090:39ff::1" "${config.custom.gua_pref}ff::1"
"vsinerva.fi" "vsinerva.fi"
]; ];
privateKeyFile = "/root/wireguard-keys/privatekey-home"; privateKeyFile = "/root/wireguard-keys/privatekey-home";
@ -32,7 +32,7 @@
}; };
services.clatd = { services.clatd = {
enable = true; enable = true;
settings.clat-v6-addr = "2001:14ba:a090:39ff::c3"; settings.clat-v6-addr = "${config.custom.gua_pref}ff::c3";
}; };
systemd.services.clatd.wants = [ "wg-quick-wg0.service" ]; systemd.services.clatd.wants = [ "wg-quick-wg0.service" ];

7
services/siit-dc.nix
View file

@ -1,6 +1,5 @@
{ ... }: { config, ... }:
let let
gua_pref = "2001:14ba:a090:39";
v4_pref = "192.168.251"; v4_pref = "192.168.251";
in in
{ {
@ -8,12 +7,12 @@ in
jool = { jool = {
enable = true; enable = true;
siit.default = { siit.default = {
global.pool6 = "${gua_pref}46::/96"; global.pool6 = "${config.custom.gua_pref}46::/96";
# Explicit address mappings # Explicit address mappings
eamt = [ eamt = [
{ {
"ipv6 prefix" = "${gua_pref}d1:be24:11ff:fe42:dd76/128"; "ipv6 prefix" = "${config.custom.gua_pref}d1:be24:11ff:fe42:dd76/128";
"ipv4 prefix" = "${v4_pref}.1/32"; "ipv4 prefix" = "${v4_pref}.1/32";
} }
]; ];