modules: add port-magic

modules/default.nix

@@ -12,6 +12,7 @@ let
     nix-config = import ./nix-config;
     nix-config-server = import ./nix-config/server.nix;
     nix-register-flakes = import ./nix-register-flakes;
+    port-magic = import ./port-magic;
     shell-config = import ./shell-config;
     ssh = import ./ssh;
     sss = import ./sss;
@@ -25,7 +26,10 @@ in rec {
       enterprise
     ];
 
-    networking = [ ssh ];
+    networking = [
+      port-magic
+      ssh
+    ];
 
     server = [
       deploy-rs-receiver

modules/port-magic/default.nix

@@ -0,0 +1,59 @@
+{ config, lib, ... }:
+
+with builtins;    
+with lib;    
+
+let
+  cfg = config.reservedPorts;
+
+  portNames = config.reservePortsFor;
+
+  portHash = flip pipe [
+    (hashString "sha512")
+    stringToCharacters
+    (filter (n: match "[0-9]" n == []))
+    (map toInt)
+    (foldl add 0)
+    (mul 1009) # prime number
+    (flip mod cfg.amount)
+    (add cfg.start)
+  ];
+
+  ports = genAttrs portNames portHash;
+
+  portsEnd = cfg.start + cfg.amount;
+in {
+  options = {
+    reservedPorts = {
+      amount = mkOption {
+        type = types.int;
+        default = 10000;
+        description = "Amount of ports to reserve at most.";
+      };
+      start = mkOption {
+        type = types.int;
+        default = 30000;
+        description = "Starting point for reserved ports.";
+      };
+    };
+    reservePortsFor = mkOption {
+      type = types.listOf types.str;
+      default = [];
+      description = "List of application names for which to automatically reserve ports.";
+    };
+    ports = mkOption {
+      type = types.attrsOf (types.ints.between cfg.start portsEnd);
+      default = {};
+      description = "Named network ports.";
+    };
+    portsStr = mkOption {
+      readOnly = true;
+      type = types.attrsOf types.str;
+      description = "Named network ports, as strings.";
+    };
+  };
+  config = lib.mkIf (config.reservePortsFor != []) {
+    inherit ports;
+    portsStr = mapAttrs (_: toString) ports;
+  };
+}