about summary refs log tree commit diff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/default.nix39
-rw-r--r--lib/private-wireguard.nix41
2 files changed, 0 insertions, 80 deletions
diff --git a/lib/default.nix b/lib/default.nix
deleted file mode 100644
index 8b46c58..0000000
--- a/lib/default.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{ inputs }:
-
-{
-  mkSystem =
-    { hostname
-    , system
-    }:
-    inputs.nixpkgs.lib.nixosSystem {
-      inherit system;
-      specialArgs = {
-        inherit inputs system hostname;
-      };
-      modules = [
-        ../modules
-        ../hosts/${hostname}
-        ./private-wireguard.nix
-        {
-          networking.hostName = hostname;
-          nixpkgs = {
-            config.allowUnfree = true;
-            overlays = [
-              inputs.emacs-overlay.overlay
-              inputs.nur.overlay
-              (final: prev: {
-                tools = {
-                  gerrit-hook = import ../tools/gerrit-hook final;
-                };
-              })
-            ];
-          };
-          # Add each input as a registry
-          nix.registry = inputs.nixpkgs.lib.mapAttrs'
-            (n: v:
-              inputs.nixpkgs.lib.nameValuePair (n) ({ flake = v; }))
-            inputs;
-        }
-      ];
-    };
-}
diff --git a/lib/private-wireguard.nix b/lib/private-wireguard.nix
deleted file mode 100644
index 706dfd8..0000000
--- a/lib/private-wireguard.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ lib, hostname, config, ... }:
-
-let
-  inherit (lib) mkEnableOption mkOption mkIf types;
-  inherit (builtins) readFile fromTOML fromJSON;
-  secrets = config.age.secrets;
-  cfg = config.networking.private-wireguard;
-  port = 51871;
-  wgcfg = fromTOML (readFile ./../configs/wireguard.toml);
-  allPeers = wgcfg.peers;
-  thisPeer = allPeers."${hostname}" or null;
-  otherPeers = lib.filterAttrs (n: v: n != hostname) allPeers;
-in {
-  options.networking.private-wireguard = {
-    enable = mkEnableOption "Enable private wireguard vpn connection";
-  };
-
-  config = lib.mkIf cfg.enable {
-    networking = {
-      wireguard.interfaces.wg0 = {
-        listenPort = port;
-        privateKeyFile = secrets."wireguard_privatekey".path;
-        ips = [
-          "${wgcfg.subnet4}.${toString thisPeer.ipv4}/${toString wgcfg.mask4}"
-        ];
-
-        peers = lib.mapAttrsToList (name: peer:
-          {
-            allowedIPs = [
-              "${wgcfg.subnet4}.${toString peer.ipv4}/${toString wgcfg.mask4}"
-            ];
-            publicKey = peer.key;
-          } // lib.optionalAttrs (peer ? externalIp) {
-            endpoint = "${peer.externalIp}:${toString port}";
-          } // lib.optionalAttrs (!(thisPeer ? externalIp)) {
-            persistentKeepalive = 10;
-          }) otherPeers;
-      };
-    };
-  };
-}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-26 05:12:01 +0000