From 864c1856b89b1a66c2d6566bfc36dbb69810e14f Mon Sep 17 00:00:00 2001 From: Ember 'n0emis' Keske Date: Sat, 12 Mar 2022 12:10:32 +0100 Subject: [PATCH] configure radvd --- default.nix | 11 +++++++++-- modules/default.nix | 33 ++++++++++++++++++++++++++++----- 2 files changed, 37 insertions(+), 7 deletions(-) diff --git a/default.nix b/default.nix index 9dbc68e..42cf991 100644 --- a/default.nix +++ b/default.nix @@ -45,13 +45,19 @@ in ipv6Prefixes = mkOption { type = types.listOf types.str; }; - addresses = mkOption { + ipv4Addresses = mkOption { type = types.listOf types.str; description = '' - Addresses to be configured on the bridge interface. + IPv4 Addresses to be configured on the bridge interface. WARNING: the primary-ipv4-address to be send as a gateway address via DHCP has to be the first one. ''; }; + ipv6Addresses = mkOption { + type = types.listOf types.str; + description = '' + IPv6 Addresses to be configured on the bridge interface. + ''; + }; routingTable = mkOption { type = types.int; }; @@ -60,6 +66,7 @@ in default = true; description = '' Create a Null-Route in the routing-table to allow traffic leaks on the gateways default route when uplink is down. + The first address will be sen't as the DNS-Server via RAs. ''; }; mtu = mkOption { diff --git a/modules/default.nix b/modules/default.nix index 567fa90..f2106e2 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -8,6 +8,7 @@ let mkDomain = name: domCfg: let + cidrToAddress = cidr: head (splitString "/" cidr); mkIfName = type: if type == "bridge" then "br-${name}" else if type == "batman" then "bat-${name}" else @@ -47,7 +48,7 @@ let RequiredForOnline = "no"; MTUBytes = "${toString domCfg.mtu}"; }; - address = domCfg.addresses; + address = domCfg.ipv4Addresses ++ domCfg.ipv6Addresses; routes = map (prefix: { routeConfig = { Destination = prefix; @@ -129,11 +130,11 @@ let option-data = [ { name = "routers"; - data = head domCfg.addresses; + data = cidrToAddress (head domCfg.ipv4Addresses); } { name = "domain-name-servers"; - data = head domCfg.addresses; + data = cidrToAddress (head domCfg.ipv4Addresses); } { name = "domain-name"; @@ -141,15 +142,32 @@ let } ]; } // domCfg.dhcpExtraConfig) ]); + + #### RADVD #### + radvdConfig = let + radvdPrefixes = if domCfg.radvdPrefixes == [] then domCfg.ipv6Prefixes else domCfg.radvdPrefixes; + mkPrefix = prefix: '' + prefix ${prefix} { }; + ''; + in if (!domCfg.enableRadvd) then [] else [ '' + interface ${mkIfName "bridge"} { + IgnoreIfMissing on; + AdvSendAdvert on; + AdvLinkMTU ${toString domCfg.mtu}; + RDNSS ${cidrToAddress (head domCfg.ipv6Addresses)} { }; + DNSSL ${domCfg.searchDomain} { }; + + ${concatStringsSep "\n" (map mkPrefix radvdPrefixes)} + }; + '' ]; }; domConfigs = map (key: getAttr key (mapAttrs mkDomain activeDomains)) (attrNames activeDomains); - mergedConfigs = mapAttrs (name: value: mkMerge value) (attrsets.zipAttrs (map (x: removeAttrs x [ "foo" ]) domConfigs)); + mergedConfigs = mapAttrs (name: value: mkMerge value) (attrsets.zipAttrs (map (x: removeAttrs x [ ]) domConfigs)); in { config = mkIf cfg.enable { - environment.etc."ffnix.json".source = pkgs.writeText "ffnix.json" (generators.toJSON {} activeDomains); systemd.network.netdevs = mergedConfigs.netdevs; systemd.network.networks = mergedConfigs.networks; systemd.network.links = mergedConfigs.links; @@ -167,5 +185,10 @@ in subnet4 = mergedConfigs.keaSubnet4; }; }; + + services.radvd = mkIf (concatLists mergedConfigs.radvdConfig.contents != []) { + enable = true; + config = concatStringsSep "\n" (concatLists mergedConfigs.radvdConfig.contents); + }; }; }