fix containers and mullvad

2024-08-15 12:19:55 +10:00 · 2024-08-15 12:19:55 +10:00 · c8ee397794
commit c8ee397794
parent f623faa0ef
20 changed files with 370 additions and 115 deletions
--- a/system/modules/mullvad.nix
+++ b/system/modules/mullvad.nix
@ -0,0 +1,81 @@
+{
+  lib,
+  pkgs,
+  ...
+}: let
+  # gives some output like:
+  # Address = [
+  #   "10.10.10.10/32"
+  #   ":::1746/128"
+  # ];
+  # AllowedIPs = [
+  #   "0.0.0.0/0"
+  #   "::0/0"
+  # ];
+  # DNS = [
+  #   "10.64.0.1"
+  # ];
+  # Endpoint = [
+  #   "1.2.3.4:51820"
+  # ];
+  # PrivateKey = [
+  #   "xxx"
+  # ];
+  # PublicKey = [
+  #   "xxx"
+  # ];
+  inherit (lib) mapAttrs' mapAttrs mapAttrsToList listToAttrs splitString filter filterAttrs length head last;
+  inherit (builtins) readFile readDir;
+  # parseMullvad = file: {
+  #   name = head (splitString "." file);
+  #   value = listToAttrs (map (entry: {
+  #       name = head entry;
+  #       value = splitString "," (last entry);
+  #     })
+  #     (filter (entry: (length entry) == 2)
+  #       (map (line: splitString " = " line)
+  #         (splitString "\n" (readFile ../../mullvad/${file})))));
+  # };
+  # definitions =
+  #   map parseMullvad (getFiles ../../mullvad);
+  getFiles = path:
+    mapAttrsToList (n: v: n)
+    (filterAttrs (n: v: v == "regular")
+      (readDir path));
+in {
+  environment.systemPackages = [pkgs.wireguard-tools.out];
+  networking.wg-quick.interfaces = listToAttrs (map (f: rec {
+      name = head (splitString "." f);
+      value = {
+        autostart =
+          if (name == "au-syd-wg-101")
+          then true
+          else false;
+        configFile = builtins.toString ../../mullvad/${f};
+      };
+    })
+    (getFiles
+      ../../mullvad));
+  # listToAttrs (map ({
+  #     name,
+  #     value,
+  #   }: {
+  #     inherit name;
+  #     value = {
+  #       address = value.Address;
+  #       peers = [
+  #         {
+  #           allowedIPs = value.AllowedIPs;
+  #           endpoint = head value.Endpoint;
+  #           publicKey = head value.PublicKey;
+  #         }
+  #       ];
+  #       privateKey = head value.PrivateKey;
+  #       autostart =
+  #         if (name == "au-syd-wg-101")
+  #         then true
+  #         else false;
+  #     };
+  #   })
+  #   definitions);
+}
--- a/system/modules/network.nix
+++ b/system/modules/network.nix
@ -1,4 +1,7 @@
 {...}: {
+  imports = [
+    ./mullvad.nix
+  ];
  networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
  systemd.services.NetworkManager-wait-online.enable = true; # for some reason nm doesn't enable without this
  services.resolved = {