From e2aea648cf2e6c8b11d53d6149f9e9d161da6d3e Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 24 Mar 2023 14:32:39 +0100 Subject: greatly simplify ipv4 and ipv6 configuration --- nix/remote-unlock.nix | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) (limited to 'nix/remote-unlock.nix') diff --git a/nix/remote-unlock.nix b/nix/remote-unlock.nix index 2975a94..fdc5285 100644 --- a/nix/remote-unlock.nix +++ b/nix/remote-unlock.nix @@ -1,8 +1,27 @@ { config, pkgs, ... }: + +let + cfg = config.deuxfleurs.remoteUnlock; +in with builtins; with pkgs.lib; { + options.deuxfleurs.remoteUnlock = { + networkInterface = mkOption { + description = "Network interface to configure with static IP"; + type = types.str; + }; + staticIP = mkOption { + description = "IP address (with prefix length) of this node on the local network interface"; + type = types.str; + }; + defaultGateway = mkOption { + description = "IP address of default gateway"; + type = types.str; + }; + }; + config = { boot.initrd.availableKernelModules = [ "pps_core" "ptp" "e1000e" ]; boot.initrd.network.enable = true; @@ -13,12 +32,12 @@ hostKeys = [ "/var/lib/deuxfleurs/remote-unlock/ssh_host_ed25519_key" ]; }; boot.initrd.network.postCommands = '' - ip addr add ${config.deuxfleurs.lan_ip}/${toString config.deuxfleurs.lan_ip_prefix_length} dev ${config.deuxfleurs.network_interface} - ip link set dev ${config.deuxfleurs.network_interface} up - ip route add default via ${config.deuxfleurs.lan_default_gateway} dev ${config.deuxfleurs.network_interface} + ip addr add ${cfg.staticIP} dev ${cfg.networkInterface} + ip link set dev ${cfg.networkInterface} up + ip route add default via ${cfg.defaultGateway} dev ${cfg.networkInterface} ip a ip route - ping -c 4 ${config.deuxfleurs.lan_default_gateway} + ping -c 4 ${cfg.defaultGateway} echo 'echo run cryptsetup-askpass to unlock drives' >> /root/.profile ''; }; -- cgit v1.2.3