mirror of
https://forge.katzen.cafe/katzen-cafe/katzen-cafe.git
synced 2024-11-29 08:38:45 +01:00
39 lines
1.1 KiB
Nix
39 lines
1.1 KiB
Nix
|
{ lib, config, ... }:
|
||
|
with lib;
|
||
|
let
|
||
|
cfg = config.modules.hetzner.wan;
|
||
|
in
|
||
|
{
|
||
|
options.modules.hetzner.wan = {
|
||
|
enable = mkEnableOption "Enable Hetzner Cloud WAN interface configuration";
|
||
|
|
||
|
macAddress = mkOption {
|
||
|
type = types.str;
|
||
|
description = "MAC Address of the WAN interface";
|
||
|
};
|
||
|
|
||
|
ipAddresses = mkOption {
|
||
|
type = types.listOf types.str;
|
||
|
description = "List of IP Addresses on the WAN interface";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
config = mkIf cfg.enable {
|
||
|
systemd.network.networks."20-wan" = {
|
||
|
matchConfig = {
|
||
|
MACAddress = cfg.macAddress;
|
||
|
};
|
||
|
address = cfg.ipAddresses;
|
||
|
routes = [
|
||
|
{ routeConfig.Gateway = "fe80::1"; }
|
||
|
{ routeConfig = { Destination = "172.31.1.1"; }; }
|
||
|
{ routeConfig = { Gateway = "172.31.1.1"; GatewayOnLink = true; }; }
|
||
|
{ routeConfig = { Destination = "172.16.0.0/12"; Type = "unreachable"; }; }
|
||
|
{ routeConfig = { Destination = "192.168.0.0/16"; Type = "unreachable"; }; }
|
||
|
{ routeConfig = { Destination = "10.0.0.0/8"; Type = "unreachable"; }; }
|
||
|
{ routeConfig = { Destination = "fc00::/7"; Type = "unreachable"; }; }
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
}
|