Ingolf Wagner
26aaec9101
All checks were successful
Build all NixOS Configurations / nix build (push) Successful in 12m39s
46 lines
1 KiB
Nix
46 lines
1 KiB
Nix
{ lib, config, clanLib, ... }:
|
|
with lib;
|
|
with types;
|
|
let
|
|
machines = clanLib.allMachineNames;
|
|
publicKey = clanLib.readFact "ssh.id_ed25519.pub";
|
|
tld = config.clan.static-hosts.topLevelDomain;
|
|
knownHosts = lib.genAttrs machines
|
|
(machine:
|
|
{
|
|
hostNames = [
|
|
"${machine}"
|
|
"${machine}.${tld}"
|
|
"${machine}.private"
|
|
];
|
|
publicKey = publicKey machine;
|
|
}
|
|
);
|
|
bootMachines = clanLib.readFactFromAllMachines "ssh.boot.id_ed25519.pub";
|
|
knownBootHosts = lib.mapAttrs'
|
|
(machine: publicKey: nameValuePair
|
|
"boot_${machine}"
|
|
{
|
|
inherit publicKey;
|
|
hostNames = [
|
|
"[${machine}]:2222"
|
|
"[${machine}.public]:2222"
|
|
];
|
|
}
|
|
)
|
|
bootMachines;
|
|
in
|
|
{
|
|
|
|
options.components.network.zerotier = {
|
|
enable = mkOption {
|
|
type = bool;
|
|
default = false; # todo : properly set this
|
|
};
|
|
};
|
|
|
|
config = mkIf config.components.network.zerotier.enable {
|
|
services.openssh.knownHosts = knownHosts // knownBootHosts;
|
|
};
|
|
}
|