diff --git a/hosts/common/configs/system/default.nix b/hosts/common/configs/system/default.nix index bf77321..b9b1ff1 100644 --- a/hosts/common/configs/system/default.nix +++ b/hosts/common/configs/system/default.nix @@ -3,5 +3,6 @@ imports = [ ./cpu/options.nix ./impermanence/options.nix + ./networking/options.nix ]; } diff --git a/hosts/common/configs/system/networking/options.nix b/hosts/common/configs/system/networking/options.nix new file mode 100644 index 0000000..fedb767 --- /dev/null +++ b/hosts/common/configs/system/networking/options.nix @@ -0,0 +1,17 @@ +{ lib, ... }: +{ + options.networking = + with lib; + with types; + { + publicIPv4 = mkOption { + type = nullOr string; + description = "The public IPv4 address of this device."; + }; + + publicIPv6 = mkOption { + type = nullOr string; + description = "The public IPv6 address of this device."; + }; + }; +} diff --git a/hosts/jupiter-vps/configs/wireguard/default.nix b/hosts/jupiter-vps/configs/wireguard/default.nix index 9ef8ec7..e75da6f 100644 --- a/hosts/jupiter-vps/configs/wireguard/default.nix +++ b/hosts/jupiter-vps/configs/wireguard/default.nix @@ -2,7 +2,6 @@ let jupiterConfig = inputs.self.nixosConfigurations.jupiter.config; wireguardPort = 51821; - jupiterPublicIPv4 = "51.89.210.124"; in { boot.kernel.sysctl = { @@ -29,7 +28,7 @@ in name = "jupiter"; allowedIPs = [ "10.0.0.2/32" - "${jupiterPublicIPv4}/32" + "${jupiterConfig.networking.publicIPv4}/32" ]; publicKey = builtins.readFile "${inputs.secrets}/hosts/jupiter/wireguard_key.pub"; } diff --git a/hosts/jupiter-vps/default.nix b/hosts/jupiter-vps/default.nix index 825d468..722d364 100644 --- a/hosts/jupiter-vps/default.nix +++ b/hosts/jupiter-vps/default.nix @@ -33,7 +33,10 @@ ./configs/wireguard ]; - networking.hostName = "jupiter-vps"; + networking = { + hostName = "jupiter-vps"; + publicIPv4 = "51.75.170.190"; + }; environment.impermanence.enable = lib.mkForce false; diff --git a/hosts/jupiter/configs/wireguard/default.nix b/hosts/jupiter/configs/wireguard/default.nix index d113d93..7c72b85 100644 --- a/hosts/jupiter/configs/wireguard/default.nix +++ b/hosts/jupiter/configs/wireguard/default.nix @@ -7,8 +7,6 @@ let jupiterVpsConfig = inputs.self.nixosConfigurations.jupiter-vps.config; wireguardPort = jupiterVpsConfig.networking.wireguard.interfaces.wg0.listenPort; - jupiterVpsPublicIPv4 = "51.75.170.190"; - jupiterPublicIPv4 = "51.89.210.124"; in { sops.secrets."wireguard/client/vps" = { }; @@ -29,21 +27,21 @@ in { ips = [ "10.0.0.2/24" - "${jupiterPublicIPv4}/32" + "${config.networking.publicIPv4}/32" ]; privateKeyFile = config.sops.secrets."wireguard/client/vps".path; inherit table; - postSetup = [ "${ip} rule add from ${jupiterPublicIPv4} table ${table}" ]; - postShutdown = [ "${ip} rule del from ${jupiterPublicIPv4} table ${table}" ]; + postSetup = [ "${ip} rule add from ${config.networking.publicIPv4} table ${table}" ]; + postShutdown = [ "${ip} rule del from ${config.networking.publicIPv4} table ${table}" ]; peers = [ { name = "jupiter-vps"; allowedIPs = [ "0.0.0.0/0" ]; publicKey = builtins.readFile "${inputs.secrets}/hosts/jupiter-vps/wireguard_key.pub"; - endpoint = "${jupiterVpsPublicIPv4}:${builtins.toString wireguardPort}"; + endpoint = "${jupiterVpsConfig.networking.publicIPv4}:${builtins.toString wireguardPort}"; persistentKeepalive = 25; } ]; diff --git a/hosts/jupiter/default.nix b/hosts/jupiter/default.nix index d051a37..30e9a3a 100644 --- a/hosts/jupiter/default.nix +++ b/hosts/jupiter/default.nix @@ -52,7 +52,10 @@ ./users/tv ]; - networking.hostName = "jupiter"; + networking = { + hostName = "jupiter"; + publicIPv4 = "51.89.210.124"; + }; boot.initrd = { luks.devices = {