HackENS/liminix-fork
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

implement route as module-based-service

Browse source
This commit is contained in:
Daniel Barlow 2023-08-31 23:24:23 +01:00
parent 44c1fb7632
commit 3609d8d5ee
3 changed files with 48 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
examples/rotuer.nix
View file

@ -9,10 +9,6 @@
{ config, pkgs, lib, ... } : { config, pkgs, lib, ... } :
let let
secrets = import ./rotuer-secrets.nix; secrets = import ./rotuer-secrets.nix;
inherit (pkgs.liminix.networking)
address
interface
route;
inherit (pkgs.liminix.services) oneshot longrun bundle target; inherit (pkgs.liminix.services) oneshot longrun bundle target;
inherit (pkgs) inherit (pkgs)
dropbear dropbear
@ -144,19 +140,16 @@ in rec {
}; };
services.defaultroute4 = route { services.defaultroute4 = svc.network.route.build {
name = "defaultroute4";
via = "$(output ${services.wan} address)"; via = "$(output ${services.wan} address)";
target = "default"; target = "default";
dependencies = [ services.wan ]; dependencies = [ services.wan ];
}; };
services.defaultroute6 = route { services.defaultroute6 = svc.network.route.build {
name = "defaultroute6";
via = "$(output ${services.wan} ipv6-peer-address)"; via = "$(output ${services.wan} ipv6-peer-address)";
target = "default"; target = "default";
dev = "$(output ${services.wan} ifname)"; interface = services.wan;
dependencies = [ services.wan ];
}; };
services.firewall = svc.firewall.build { services.firewall = svc.firewall.build {

25
modules/network/default.nix
View file

@ -21,6 +21,9 @@ in {
description = "network interface address"; description = "network interface address";
type = liminix.lib.types.serviceDefn; type = liminix.lib.types.serviceDefn;
}; };
route = mkOption {
type = liminix.lib.types.serviceDefn;
};
dhcp = { dhcp = {
client = mkOption { client = mkOption {
# this needs to move to its own service as it has # this needs to move to its own service as it has
@ -82,6 +85,28 @@ in {
type = types.ints.between 0 128; type = types.ints.between 0 128;
}; };
}; };
route = liminix.callService ./route.nix {
interface = mkOption {
type = types.nullOr liminix.lib.types.interface;
default = null;
description = "Interface to route through. May be omitted if it can be inferred from \"via\"";
};
target = mkOption {
type = types.str;
description = "host or network to add route to";
};
via = mkOption {
type = types.str;
description = "address of next hop";
};
metric = mkOption {
type = types.int;
description = "route metric";
default = 100;
};
};
dhcp.client = liminix.callService ./dhcpc.nix { dhcp.client = liminix.callService ./dhcpc.nix {
interface = mkOption { interface = mkOption {
type = liminix.lib.types.service; type = liminix.lib.types.service;

20
modules/network/route.nix Normal file
View file

@ -0,0 +1,20 @@
{
liminix
, ifwait
, serviceFns
, lib
}:
{ target, via, interface ? null, metric }:
let
inherit (liminix.services) oneshot;
with_dev = if interface != null then "dev $(input ${interface} ifname)" else "";
in oneshot {
name = "route-${target}-${builtins.substring 0 12 (builtins.hashString "sha256" "${via}-${if interface!=null then interface.name else ""}")}";
up = ''
ip route add ${target} via ${via} metric ${toString metric} ${with_dev}
'';
down = ''
ip route del ${target} via ${via} ${with_dev}
'';
dependencies = [] ++ lib.optional (interface != null) interface;
}