diff options
Diffstat (limited to 'nix/deuxfleurs.nix')
| -rw-r--r-- | nix/deuxfleurs.nix | 41 |
1 files changed, 38 insertions, 3 deletions
diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index 54af8ff..fc39071 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -29,11 +29,20 @@ in }; in { - # Parameters that may vary between nodes - site_name = mkOption { - description = "Site (availability zone) on which this node is deployed"; + # Parameters for individual nodes + network_interface = mkOption { + description = "Network interface name to configure"; type = types.str; }; + lan_ip = mkOption { + description = "IP address of this node on the local network interface"; + type = types.str; + }; + lan_ip_prefix_length = mkOption { + description = "Prefix length associated with lan_ip"; + type = types.int; + }; + vpn_ip = mkOption { description = "IP address of this node on the Wireguard VPN"; type = types.str; @@ -48,6 +57,17 @@ in default = false; }; + + # Parameters that generally vary between sites + lan_default_gateway = mkOption { + description = "IP address of the default route on the locak network interface"; + type = types.str; + }; + site_name = mkOption { + description = "Site (availability zone) on which this node is deployed"; + type = types.str; + }; + # Parameters common to all nodes cluster_name = mkOption { description = "Name of this Deuxfleurs deployment"; @@ -75,6 +95,21 @@ in openssh.authorizedKeys.keys = publicKeys; }) cfg.admin_accounts; + # Configure network interfaces + networking.interfaces = attrsets.setAttrByPath [ config.deuxfleurs.network_interface ] { + useDHCP = false; + ipv4.addresses = [ + { + address = config.deuxfleurs.lan_ip; + prefixLength = config.deuxfleurs.lan_ip_prefix_length; + } + ]; + }; + networking.defaultGateway = { + address = config.deuxfleurs.lan_default_gateway; + interface = config.deuxfleurs.network_interface; + }; + # Configure Wireguard VPN between all nodes networking.wireguard.interfaces.wg0 = { ips = [ "${cfg.vpn_ip}/16" ]; |