feat(vault01): global options for vlans decl

2025-01-27 20:28:48 +01:00 · 2025-01-27 20:28:48 +01:00 · c97db7609d
commit c97db7609d
parent 7dab4ef1cb
1 changed files with 194 additions and 172 deletions
--- a/machines/nixos/vault01/networking.nix
+++ b/machines/nixos/vault01/networking.nix
@ -12,7 +12,8 @@
 }:

 let
-  inherit (lib) mapAttrs' nameValuePair;
+  inherit (lib) mapAttrs' mkOption nameValuePair;
+  inherit (lib.types) listOf attrs;

  uplink = {
    ip = "10.120.33.250";
@ -93,6 +94,7 @@ let
    netIP = "10.0.${toString prefix24nb}.${toString prefix27nb}";
    servIP = "10.0.${toString prefix24nb}.${toString (prefix27nb + 1)}";
    interfaceName = "vlan-user-${toString vlan}";
+    prefixLen = 27;
  }) 850;

  vlans = {
@ -160,8 +162,15 @@ let
    };
  } // builtins.listToAttrs (map mkUserVlan userVlans);
 in
-
 {
+  options.networking.vlans-info = mkOption {
+    type = listOf attrs;
+    description = ''
+      Information about vlans for log analysis.
+    '';
+    readOnly = true;
+  };
+  config = {
    systemd = {
      network = {
        config.routeTables."user" = 1000;
@ -321,6 +330,18 @@ in
    };

    networking = {
+      vlans-info = [
+        {
+          vlan = 2001;
+          netIP = "10.0.254.0";
+          prefixLen = 24;
+        }
+        {
+          vlan = 3001;
+          netIP = "10.0.253.0";
+          prefixLen = 24;
+        }
+      ] ++ userVlans;
      nftables = {
        enable = true;
        tables.nat = {
@ -350,4 +371,5 @@ in
    users.users."systemd-network".extraGroups = [ "keys" ];

    boot.kernel.sysctl."net.ipv4.ip_forward" = true;
+  };
 }