From 0c4f3acb281be6290c55a6e96bc29fab5b5c7a11 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Mon, 11 Sep 2023 18:24:28 +0200
Subject: stockholm -> hrm

---
 configs/retiolum.nix | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 configs/retiolum.nix

(limited to 'configs/retiolum.nix')

diff --git a/configs/retiolum.nix b/configs/retiolum.nix
new file mode 100644
index 0000000..632cc97
--- /dev/null
+++ b/configs/retiolum.nix
@@ -0,0 +1,26 @@
+{ config, lib, mylib, pkgs, ... }: {
+  krebs.tinc.retiolum = {
+    enable = true;
+    connectTo = builtins.filter (mylib.ne config.krebs.build.host.name) [
+      "ni"
+      "prism"
+      "eve"
+    ];
+    extraConfig = ''
+      LocalDiscovery = yes
+    '';
+    tincPackage = pkgs.tinc_pre;
+    tincUp = lib.mkIf config.systemd.network.enable "";
+  };
+  systemd.network.networks.retiolum = {
+    matchConfig.Name = "retiolum";
+    address = let
+      inherit (config.krebs.build.host.nets.retiolum) ip4 ip6;
+    in [
+      "${ip4.addr}/${toString ip4.prefixLength}"
+      "${ip6.addr}/${toString ip6.prefixLength}"
+    ];
+  };
+  tv.iptables.input-internet-accept-tcp = [ "tinc" ];
+  tv.iptables.input-internet-accept-udp = [ "tinc" ];
+}
-- 
cgit v1.2.3