52 lines
1.3 KiB
Nix
52 lines
1.3 KiB
Nix
{ ... }:
|
|
{
|
|
_class = "clan.service";
|
|
manifest.name = "yggdrasil";
|
|
manifest.description = "An in scalable routing as an encrypted IPv6 overlay network";
|
|
manifest.categories = [ "System" ];
|
|
|
|
roles.default = {
|
|
perInstance.nixosModule =
|
|
{
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
user = "yggdrasil";
|
|
in
|
|
{
|
|
clan.core.vars.generators.yggdrasil = {
|
|
files.yggdrasil-secret = {
|
|
secret = true;
|
|
owner = user;
|
|
group = user;
|
|
};
|
|
files.yggdrasil-ip.secret = false;
|
|
runtimeInputs = with pkgs; [
|
|
yggdrasil
|
|
jq
|
|
];
|
|
script = ''
|
|
yggdrasil -genconf -json | jq {PrivateKey} > $out/yggdrasil-secret
|
|
'';
|
|
};
|
|
|
|
services.yggdrasil = {
|
|
enable = lib.mkDefault true;
|
|
configFile = config.clan.core.vars.generators.yggdrasil.files.yggdrasil-secret.path;
|
|
settings = {
|
|
Peers = [
|
|
# US Peers
|
|
"tls://ygg.jjolly.dev:3443"
|
|
"tls://[2602:fc24:18:7a42::1]:993"
|
|
"tcp://leo.node.3dt.net:9002"
|
|
"tcp://ygg-kcmo.incognet.io:8883"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|