mob next [ci-skip] [ci skip] [skip ci]

lastFile:flake.nix

flake.nix

@@ -44,6 +44,7 @@
           ./machines
           ./routers
           ./inventories
+          ./overlays
           ./modules/clan/flake-module.nix
           ./modules/nixos/flake-module.nix
         ];

lib/default.nix

@@ -0,0 +1,11 @@
+final: prev:
+let
+  callLibs = file: import file { lib = prev; };
+in
+{
+  lib = prev.lib.extend (
+    finalLib: prevLib: {
+      getInterface = callLibs ./zerotier-interface.nix { };
+    }
+  );
+}

lib/zerotier-interface.nix

@@ -0,0 +1,29 @@
+nwid:
+{ pkgs, ... }:
+let
+  ztInterfaceScript = pkgs.writeShellScript "zt-interface" ''
+    #!/usr/bin/env bash
+
+    network="$1"
+    index=${"2:-0"}
+
+    network="0x$network"
+
+    # zerotier hash function 
+    network=$(( (($network ^ ($network >> (3*8))) + $index ) % (1<<(5*8)) ))
+
+    # encode the result in base32
+    while [ $network -gt 0 ]; do
+      index=$(( $network % (1<<5) + 24 ))
+      [ $index -lt 50 ] && index=$(( $index + 73 ))
+      result="$(printf "\\%03o" $index)$result"
+      network=$(( $network >> 5 ))
+    done
+
+    echo "zt$(printf %b "$result")"
+  '';
+  result = pkgs.runCommand "zt-interface-output" { } ''
+    ${ztInterfaceScript} > $out
+  '';
+in
+builtins.readFile result

modules/clan/phonebox/default.nix

@@ -180,8 +180,11 @@
             ];
             networking.firewall.allowedTCPPorts = [
               53
-              80
             ];
+            networking.firewall.interfaces =
+              let
+              in
+              { };
 
             services.asterisk = {
               enable = lib.mkDefault true;

overlays/default.nix

@@ -0,0 +1,6 @@
+{ ... }:
+{
+  flake.overlays = {
+    libsOverlay = import ../lib/default.nix;
+  };
+}