From bd52d85d2dc56b0933d958aa3ef4faa3113e356c Mon Sep 17 00:00:00 2001
From: Matthew Salerno <m@salernosection.com>
Date: Thu, 14 Sep 2023 16:08:00 -0400
Subject: [PATCH] Generalized ip assignment to take cidr or IP

---
 configurers/networkd.nix | 3 +--
 configurers/static.nix   | 2 +-
 lib.nix                  | 8 ++++++--
 tests/mesh.nix           | 5 ++++-
 tests/ring.nix           | 6 +++++-
 5 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/configurers/networkd.nix b/configurers/networkd.nix
index 3ba6fc2..8284585 100644
--- a/configurers/networkd.nix
+++ b/configurers/networkd.nix
@@ -30,7 +30,6 @@ with getKeyProviderFuncs keyProviders inputs intermediateConfig localPeerName;
       };
       wireguardConfig = {
         ListenPort = subnetConnection.listenPort;
-        # *PLEASE* do not use getPrivKeyfor anything but testing
         PrivateKeyFile = getPrivKeyFile;
       };
       wireguardPeers = forEachAttrToList subnetConnection.peerConnections (remotePeerName: peerConnection: {
@@ -48,7 +47,7 @@ with getKeyProviderFuncs keyProviders inputs intermediateConfig localPeerName;
     });
     networks = forEachAttr' thisPeer.subnetConnections (subnetName: subnetConnection: nameValuePair "50-${shortName subnetName}" { 
       matchConfig.Name = "${shortName subnetName}";
-      address = subnetConnection.ipAddresses;
+      address = map (address: (asCidr' "64" "24" address)) subnetConnection.ipAddresses;
     });
   };
 } // getProviderConfig
\ No newline at end of file
diff --git a/configurers/static.nix b/configurers/static.nix
index cae5269..8a303fb 100644
--- a/configurers/static.nix
+++ b/configurers/static.nix
@@ -24,7 +24,7 @@ with getKeyProviderFuncs keyProviders inputs intermediateConfig localPeerName;
   networking.wireguard = {
     interfaces = forEachAttr' thisPeer.subnetConnections (subnetName: subnetConnection: nameValuePair "${head (strings.splitString "." subnetName)}"
       {
-        ips = subnetConnection.ipAddresses;
+        ips = map (address: (asCidr' "64" "24" address)) subnetConnection.ipAddresses;
         listenPort = subnetConnection.listenPort;
         privateKeyFile = getPrivKeyFile;  
         peers = forEachAttrToList subnetConnection.peerConnections (remotePeerName: peerConnection: 
diff --git a/lib.nix b/lib.nix
index 68c2b53..6b2e2d0 100644
--- a/lib.nix
+++ b/lib.nix
@@ -85,7 +85,10 @@ rec {
   generateIPv6Subnet = subnetName: (addColonsToIPv6 (generateIPv6Prefix subnetName)) + "::/64";
   
   /** generates a full IPv6 address */
-  generateIPv6Address = subnetName: peerName: (addColonsToIPv6 ((generateIPv6Prefix subnetName) + (generateIPv6Suffix peerName))) + "/64";
+  generateIPv6Address = subnetName: peerName: (addColonsToIPv6 ((generateIPv6Prefix subnetName) + (generateIPv6Suffix peerName)));
+  
+  /** generates a full IPv6 address with cidr */
+  generateIPv6Cidr = subnetName: peerName: (addColonsToIPv6 ((generateIPv6Prefix subnetName) + (generateIPv6Suffix peerName))) + "/64";
   
   /** 
    * makes the intermediate config non-recursive, so it can be pretty printed and
@@ -130,5 +133,6 @@ rec {
     asIp = cidr: head (filter (item: item != []) (split "/" cidr));
     isIpv6 = ip: match ".*:.*" ip != null;
     isCidr = cidr: match ".*/.*" cidr != null;
-    asCidr = ip: if (isCidr ip) then ip else if isIpv6 ip then ip+"/128" else ip+"/32";
+    asCidr' = ifv6: ifv4: ip: if (isCidr ip) then ip else if isIpv6 ip then ip+"/"+ifv6 else ip+"/"+ifv6;
+    asCidr = asCidr' "128" "32";
 }
\ No newline at end of file
diff --git a/tests/mesh.nix b/tests/mesh.nix
index 41fccb5..bf5e5ef 100644
--- a/tests/mesh.nix
+++ b/tests/mesh.nix
@@ -90,10 +90,13 @@
       if local_name == "node1" or local_name == "node2":
         for remote_node in set(nodes.keys()) - set([local_name]):
           local_node.wait_for_unit(f"wireguard-mesh-peer-{remote_node}")
+    node1.wait_for_unit("wireguard-mesh.target")
+    node2.wait_for_unit("wireguard-mesh.target")
     node3.wait_for_unit("systemd-networkd-wait-online")
     node4.wait_for_unit("systemd-networkd-wait-online")
     for local_name, local_node in nodes.items():
-      local_node.succeed("wg show >&2")
+      local_node.succeed("wg showconf mesh >&2")
+    for local_name, local_node in nodes.items():
       for remote_name in set(nodes.keys()) - set([local_name]):
         local_node.succeed(f"ping -c 1 {remote_name} >&2")
         local_node.succeed(f"ping -c 1 {remote_name}.mesh >&2")
diff --git a/tests/ring.nix b/tests/ring.nix
index afaf4a2..6765342 100644
--- a/tests/ring.nix
+++ b/tests/ring.nix
@@ -83,8 +83,12 @@
     for local_name, local_node in nodes.items():
       for remote_name in connections[local_name]:
         local_node.wait_for_unit(f"wireguard-ring-peer-{remote_name}")
+    node1.wait_for_unit("wireguard-ring.target")
+    node2.wait_for_unit("wireguard-ring.target")
+    node3.wait_for_unit("wireguard-ring.target")
+    node4.wait_for_unit("wireguard-ring.target")
     for local_name, local_node in nodes.items():
-      local_node.succeed("wg show >&2")
+      local_node.succeed("wg showconf ring >&2")
       for remote_name in set(nodes.keys()) - set([local_name]):
         local_node.succeed(f"ping -c 1 {remote_name} >&2")
         if remote_name in connections[local_name]: