From 03aa0704b43e3cd6d7761dd21e09b3d6d5839df6 Mon Sep 17 00:00:00 2001
From: Matthew Salerno <m@salernosection.com>
Date: Thu, 10 Aug 2023 20:27:14 -0400
Subject: [PATCH] more fixes, some QOL features

---
 configurers/static.nix | 21 ++++++++-------------
 flake.nix              |  3 +--
 lib.nix                | 20 ++++++++++++++++++++
 parsers/v1.nix         | 14 +++++++-------
 wire.nix               |  2 +-
 5 files changed, 37 insertions(+), 23 deletions(-)

diff --git a/configurers/static.nix b/configurers/static.nix
index d0a8d02..8781b5c 100644
--- a/configurers/static.nix
+++ b/configurers/static.nix
@@ -8,6 +8,7 @@ let
   # these aren't really important, I just wanted to reverse the argument order
   forEachAttr' = flip mapAttrs'; 
   forEachAttrToList = flip mapAttrsToList; 
+  mergeIf = attr: key: if builtins.hasAttr key attr then {"${key}" = attr."${key}";} else {};
 in
 {
   networking.wireguard = {
@@ -16,23 +17,17 @@ in
         ips = subnetConnection.ipAddresses;
         listenPort = subnetConnection.listenPort;
         privateKeyFile = thisPeer.privateKeyFile;        
-        peers = forEachAttrToList subnetConnection.peerConnections (peerName: peerConnection: mkMerge [
+        peers = forEachAttrToList subnetConnection.peerConnections (peerName: peerConnection: 
           {
             name = peerName;
             publicKey = peerConnection.peer.publicKey;
             allowedIPs = peerConnection.ipAddresses;
-            endpoint = "${peerConnection.endpoint.ip}:${peerConnection.endpoint.port}";
-          }
-          mkIf (peerConnection.endpoint ? persistentKeepalive) {
-            persistentKeepalive = peerConnection.endpoint.persistentKeepalive;
-          }
-          mkIf (peerConnection.endpoint ? dynamicEndpointRefreshSeconds) {
-            dynamicEndpointRefreshSeconds = peerConnection.endpoint.dynamicEndpointRefreshSeconds;
-          }
-          mkIf (peerConnection.endpoint ? dynamicEndpointRefreshRestartSeconds) {
-            dynamicEndpointRefreshRestartSeconds = peerConnection.endpoint.dynamicEndpointRefreshRestartSeconds;
-          }
-        ]);
+            endpoint = "${peerConnection.endpoint.ip}:${builtins.toString peerConnection.endpoint.port}";
+          } //
+          (mergeIf peerConnection.endpoint "persistentKeepalive") //
+          (mergeIf peerConnection.endpoint "dynamicEndpointRefreshSeconds") //
+          (mergeIf peerConnection.endpoint "dynamicEndpointRefreshRestartSeconds")
+        );
       };}
     );
   };
diff --git a/flake.nix b/flake.nix
index 60b81c7..57433a5 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,6 +1,5 @@
 {
-  description = "Do we have agnenix-rekey?";
-
+  description = "A wireguard network creation tool";
   outputs = { self, ... }:
   {
     wirenix.lib = import ./lib.nix;
diff --git a/lib.nix b/lib.nix
index 7a76ed3..bac3b4f 100644
--- a/lib.nix
+++ b/lib.nix
@@ -67,4 +67,24 @@ rec {
   
   /** generates a full IPv6 address */
   generateIPv6Address = subnetName: peerName: (addColonsToIPv6 ((generateIPv6Prefix subnetName) + (generateIPv6Suffix peerName))) + "/80";
+  
+  /** 
+   * makes the intermediate config non-recursive, so it can be pretty printed and
+   * inspected in the repl. Also helps with testing as it forces evaluation of the config.
+   */
+  breakIntermediateRecursion = intermediateConfig:
+    let recurse = parentName:
+    mapAttrs (name: value:
+      if typeOf value == "set" then 
+        if elem name [ "peer" "subnet" "group" "groups" ] then
+          "${name}s.${parentName}"
+        else if elem parentName ["peers"] then
+          "${parentName}.${name}"
+        else
+          recurse name value
+      else
+      value
+    );
+    in
+    mapAttrs (name: value: recurse "" value) intermediateConfig;
 }
\ No newline at end of file
diff --git a/parsers/v1.nix b/parsers/v1.nix
index daf93e7..a0d2622 100644
--- a/parsers/v1.nix
+++ b/parsers/v1.nix
@@ -16,7 +16,7 @@ let
       publicKey = acl_peer.publicKey;
       privateKeyFile = acl_peer.privateKeyFile;
     } //
-    (if acl_peer ? groups then {groups = map groupFromName acl_peer.groups;} else {groups = [];});
+    (if acl_peer ? groups then {groups = map groupFromName acl_peer.groups;} else {groups = {};});
   
   /** parseGroup :: acl_group -> ic_group */
   parseGroup = acl_group: {
@@ -32,18 +32,18 @@ let
   getSubnetConnectionAndName = acl_peer: acl_subnet: {
     name = acl_subnet.name; # name gets removed shortly after, name is not in the actual subnetConnection object
     subnet = parseSubnet acl_subnet;
-    ipAddresses = getIpAddresses acl_peer acl_subnet;
+    ipAddresses = getIpAddresses acl_subnet acl_peer;
     listenPort = acl_peer.subnets."${acl_subnet.name}".listenPort;
     peerConnections = getPeerConnections acl_peer acl_subnet;
   } // (if acl_peer.subnets."${acl_subnet.name}" ? extraArgs then {extraArgs = acl_peer.subnets."${acl_subnet.name}".extraArgs;} else {});
   
   /** getIpAddresses :: acl_peer -> acl_subnet -> [str] */
-  getIpAddresses = acl_peer: acl_subnet: 
+  getIpAddresses = acl_subnet: acl_peer: 
     if (acl_peer.subnets."${acl_subnet.name}" ? ipAddresses) then (
       if (elem "auto" acl_peer.subnets."${acl_subnet.name}".ipAddresses) then (
-        (remove "auto" acl_peer.subnets."${acl_subnet.name}".ipAddresses) ++ (singleton (generateIPv6Address acl_peer.name acl_subnet.name))
+        (remove "auto" acl_peer.subnets."${acl_subnet.name}".ipAddresses) ++ (singleton (generateIPv6Address acl_subnet.name acl_peer.name))
       ) else acl_peer.subnets."${acl_subnet.name}".ipAddresses
-    ) else (singleton (generateIPv6Address acl_peer.name acl_subnet.name));
+    ) else (singleton (generateIPv6Address acl_subnet.name acl_peer.name));
   
   /** getPeerConnections :: acl_peer -> acl_subnet -> str -> peerConnection */
   getPeerConnections = acl_peerFrom: acl_subnet:
@@ -69,7 +69,7 @@ let
     {
       name = acl_peerTo.name;
       peer = parsePeer acl_peerTo;
-      ipAddresses = getIpAddresses acl_peerTo acl_subnet;
+      ipAddresses = getIpAddresses acl_subnet acl_peerTo;
       endpoint = getEndpoint acl_subnet acl_peerFrom acl_peerTo;
     } // (if extraArgs == {} then {} else {inherit extraArgs;})
     ) allOtherPeers);
@@ -133,4 +133,4 @@ in
   peers = mapListOfSetsToSetByKey "name" parsePeer v1_acl.peers;
   subnets = mapListOfSetsToSetByKey "name" parseSubnet v1_acl.subnets;
   groups = mapListOfSetsToSetByKey "name" parseGroup v1_acl.groups;
-}
\ No newline at end of file
+} // (if v1_acl ? extraArgs then {extraArgs = v1_acl.extraArgs;} else {})
\ No newline at end of file
diff --git a/wire.nix b/wire.nix
index a5c347a..a4785ca 100644
--- a/wire.nix
+++ b/wire.nix
@@ -66,5 +66,5 @@ with import ./lib.nix;
     configurer = configurers."${config.modules.wirenix.configurer}" inputs;
   in
   lib.mkIf (config.modules.wirenix.enable) 
-    configurer (parser acl);
+    configurer (parser acl) config.modules.wirenix.peerName;
 }
\ No newline at end of file