{ config, lib, ... }: with lib; with types; let cfg = config.my; mkAddress = addr: let splitted = lib.splitString "/" addr; elemAt = builtins.elemAt splitted; in { address = (elemAt 0); prefixLength = lib.toInt (elemAt 1); }; in { options.my = { email = mkOption { description = "Admin email"; type = str; default = ""; example = "clipper@ens.fr"; }; emailWithDot = mkOption { description = "Admin email with dots"; type = str; default = lib.replaceStrings ["@"] ["."] cfg.email; example = "clipper.ens.fr"; }; acmeStaging = mkOption { description = "Enable staging servers"; type = bool; default = false; }; subZone = mkOption { description = "Sub zone for hosting the services"; type = str; default = ""; example = "ens.pizza"; }; ipv4 = mkOption { description = "Public IPv4 addresses without prefix"; type = listOf str; example = [ "192.186.1.153" ]; default = map (v: (mkAddress v).address) cfg.ipv4Full; }; ipv4Internal = mkOption { description = "Private IPv4 addresses without prefix"; type = listOf str; example = [ "192.186.1.153" ]; default = map (v: (mkAddress v).address) cfg.ipv4InternalFull; }; ipv4InternalFull = mkOption { description = "Private IPv4 addresses with prefix"; type = listOf str; default = []; example = [ "192.168.1.153/24" ]; }; ipv4Full = mkOption { description = "Public IPv4 addresses with prefix"; type = listOf str; default = []; example = [ "192.186.1.153/24" ]; }; ipv6.standard = mkOption { description = "Public IPv6 addresses for standard services without prefix"; type = listOf str; example = [ "2001:470:1f13:21d:f515:b348:cd48:e064" ]; default = map (v: (mkAddress v).address) cfg.ipv6.standardFull; }; ipv6.standardFull = mkOption { description = "Public IPv6 addresses for standard services with prefix"; type = listOf str; example = [ "2001:470:1f13:21d:f515:b348:cd48:e064/64" ]; }; ipv6.acme = mkOption { description = "Public IPv6 address for ACME services (acme-dns) without prefix"; type = str; default = (mkAddress cfg.ipv6.acmeFull).address; example = "2001:470:1f13:21d:f515:b348:cd48:e064/64"; }; ipv6.acmeFull = mkOption { description = "Public IPv6 address for ACME services (acme-dns) with prefix"; type = str; example = "2001:470:1f13:21d:f515:b348:cd48:e064/64"; }; privateRanges = mkOption { description = "Internal management ranges for access control"; type = listOf str; example = [ "10.1.0.0/22" ]; }; }; config = { # Default IPv4 exit route networking.defaultGateway = { address = ""; interface = "ens18"; }; networking.interfaces.ens20 = { ipv4.addresses = map mkAddress cfg.ipv4InternalFull; }; networking.interfaces.ens19 = { ipv6.addresses = map mkAddress (cfg.ipv6.standardFull ++ [ cfg.ipv6.acmeFull ]); }; networking.interfaces.ens18 = { ipv4.addresses = map mkAddress cfg.ipv4Full; }; }; }