2022-02-05 21:42:36 +02:00
|
|
|
{ inputs, pkgs, lib, hosts, config, ... }:
|
|
|
|
let
|
|
|
|
inherit (config.networking) hostName;
|
2024-05-03 02:32:35 +03:00
|
|
|
hyprspace = inputs.hyprspace.packages.${pkgs.system}.default;
|
2023-10-27 21:42:34 +03:00
|
|
|
hyprspaceCapableNodes = lib.filterAttrs (_: host: host ? hyprspace) hosts;
|
2023-10-27 02:17:50 +03:00
|
|
|
peersFormatted = builtins.mapAttrs (name: x: {
|
|
|
|
inherit name;
|
2023-10-27 21:42:34 +03:00
|
|
|
inherit (x.hyprspace) id;
|
|
|
|
routes = map (net: { inherit net; }) (x.hyprspace.routes or []);
|
2023-01-23 20:30:32 +02:00
|
|
|
}) hyprspaceCapableNodes;
|
2022-02-05 21:42:36 +02:00
|
|
|
peersFiltered = lib.filterAttrs (name: _: name != hostName) peersFormatted;
|
2023-01-23 20:30:32 +02:00
|
|
|
peerList = builtins.attrValues peersFiltered;
|
2022-02-05 21:42:36 +02:00
|
|
|
myNode = hosts.${hostName};
|
2023-10-27 21:42:34 +03:00
|
|
|
listenPort = myNode.hyprspace.listenPort or 8001;
|
2022-02-05 21:42:36 +02:00
|
|
|
|
2023-10-27 02:17:50 +03:00
|
|
|
interfaceConfig = pkgs.writeText "hyprspace.json" (builtins.toJSON {
|
|
|
|
listenAddresses = let
|
|
|
|
port = toString listenPort;
|
|
|
|
in [
|
|
|
|
"/ip4/0.0.0.0/tcp/${port}"
|
|
|
|
"/ip4/0.0.0.0/udp/${port}/quic-v1"
|
|
|
|
"/ip6/::/tcp/${port}"
|
|
|
|
"/ip6/::/udp/${port}/quic-v1"
|
|
|
|
];
|
|
|
|
privateKey = "@HYPRSPACEPRIVATEKEY@";
|
2022-09-26 02:17:40 +03:00
|
|
|
peers = peerList;
|
2024-05-13 00:18:06 +03:00
|
|
|
inherit (config.services.hyprspace) services;
|
2022-09-26 02:17:40 +03:00
|
|
|
});
|
2022-02-05 21:42:36 +02:00
|
|
|
|
|
|
|
privateKeyFile = config.age.secrets.hyprspace-key.path;
|
2023-10-27 02:17:50 +03:00
|
|
|
runConfig = "/run/hyprspace.json";
|
2022-02-05 21:42:36 +02:00
|
|
|
in {
|
2024-05-13 00:18:06 +03:00
|
|
|
imports = [
|
|
|
|
./options.nix
|
|
|
|
];
|
2022-02-05 21:42:36 +02:00
|
|
|
age.secrets.hyprspace-key = {
|
|
|
|
file = ../../secrets/hyprspace-key- + "${hostName}.age";
|
|
|
|
mode = "0400";
|
|
|
|
};
|
2023-01-21 00:38:43 +02:00
|
|
|
environment.systemPackages = [
|
|
|
|
hyprspace
|
|
|
|
];
|
2022-02-05 21:42:36 +02:00
|
|
|
systemd.services.hyprspace = {
|
|
|
|
enable = true;
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
wants = [ "network-online.target" ];
|
|
|
|
after = [ "network-online.target" ];
|
|
|
|
preStart = ''
|
|
|
|
test -e ${runConfig} && rm ${runConfig}
|
2022-09-26 02:17:40 +03:00
|
|
|
cp ${interfaceConfig} ${runConfig}
|
2022-02-05 21:42:36 +02:00
|
|
|
chmod 0600 ${runConfig}
|
2022-09-26 02:17:40 +03:00
|
|
|
${pkgs.replace-secret}/bin/replace-secret '@HYPRSPACEPRIVATEKEY@' "${privateKeyFile}" ${runConfig}
|
2022-02-05 21:42:36 +02:00
|
|
|
chmod 0400 ${runConfig}
|
|
|
|
'';
|
2022-11-13 03:12:44 +02:00
|
|
|
environment = lib.optionalAttrs config.services.kubo.enable {
|
2022-10-30 15:10:57 +02:00
|
|
|
HYPRSPACE_IPFS_API = config.services.kubo.settings.Addresses.API;
|
2022-11-13 03:12:44 +02:00
|
|
|
};
|
2022-02-05 21:42:36 +02:00
|
|
|
serviceConfig = {
|
2023-01-21 00:38:43 +02:00
|
|
|
Group = "wheel";
|
2022-06-18 00:53:36 +03:00
|
|
|
Restart = "on-failure";
|
|
|
|
RestartSec = "5s";
|
2023-10-27 02:17:50 +03:00
|
|
|
ExecStart = "${hyprspace}/bin/hyprspace up -c ${runConfig}";
|
|
|
|
ExecStopPost = "${pkgs.coreutils}/bin/rm -f /run/hyprspace-rpc.hyprspace.sock";
|
2022-09-26 23:15:19 +03:00
|
|
|
ExecReload = "${pkgs.coreutils}/bin/kill -USR1 $MAINPID";
|
2022-02-05 21:42:36 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
networking.firewall = {
|
|
|
|
allowedTCPPorts = [ listenPort ];
|
|
|
|
allowedUDPPorts = [ listenPort ];
|
|
|
|
trustedInterfaces = [ "hyprspace" ];
|
|
|
|
};
|
|
|
|
networking.networkmanager.dispatcherScripts = [{
|
|
|
|
source = pkgs.writeShellScript "hyprspace-reconnect.sh" ''
|
|
|
|
[[ "$2" != "up" ]] && exit 0
|
|
|
|
PATH=${pkgs.systemd}/bin:$PATH
|
|
|
|
case $1 in
|
|
|
|
wl*|en*)
|
2022-09-26 23:15:19 +03:00
|
|
|
systemctl reload-or-restart --no-block hyprspace.service;;
|
2022-02-05 21:42:36 +02:00
|
|
|
esac
|
|
|
|
exit 0
|
|
|
|
'';
|
|
|
|
type = "basic";
|
|
|
|
}];
|
|
|
|
}
|
|
|
|
|