Generalized ip assignment to take cidr or IP

1 year ago · fd2b9ce77c
parent 57f8e0e974
commit fd2b9ce77c
3 changed files with 8 additions and 5 deletions
--- a/configurers/networkd.nix
+++ b/configurers/networkd.nix
@ -20,7 +20,7 @@ in
 with getKeyProviderFuncs keyProviders inputs intermediateConfig localPeerName;
 {
  networking.extraHosts = concatStringsSep "\n" (concatLists ( concatLists (forEachAttrToList thisPeer.subnetConnections (subnetName: subnetConnection: 
-    forEachAttrToList subnetConnection.peerConnections (remotePeerName: peerConnection: forEach peerConnection.ipAddresses (ip: "${cidr2ip ip} ${remotePeerName}.${subnetName}"))
+    forEachAttrToList subnetConnection.peerConnections (remotePeerName: peerConnection: forEach peerConnection.ipAddresses (ip: "${asIp ip} ${remotePeerName}.${subnetName}"))
  )))); 
  systemd.network = { 
    netdevs = forEachAttr' thisPeer.subnetConnections (subnetName: subnetConnection: nameValuePair "50-${shortName subnetName}" { 
@ -37,7 +37,7 @@ with getKeyProviderFuncs keyProviders inputs intermediateConfig localPeerName;
        wireguardPeerConfig = {
          Endpoint = "${peerConnection.endpoint.ip}:${builtins.toString peerConnection.endpoint.port}";
          PublicKey = getPeerPubKey remotePeerName;
-          AllowedIPs = map (ip: cidr2ip ip + (if match ".*:.*" ip != null then "/128" else "/32")) peerConnection.ipAddresses;
+          AllowedIPs = map (ip: asCidr ip) peerConnection.ipAddresses;
          PresharedKeyFile = getSubnetPSKFile subnetName;
        };
      }
--- a/configurers/static.nix
+++ b/configurers/static.nix
@ -19,7 +19,7 @@ in
 with getKeyProviderFuncs keyProviders inputs intermediateConfig localPeerName;
 {
  networking.extraHosts = concatStringsSep "\n" (concatLists ( concatLists (forEachAttrToList thisPeer.subnetConnections (subnetName: subnetConnection: 
-    forEachAttrToList subnetConnection.peerConnections (remotePeerName: peerConnection: forEach peerConnection.ipAddresses (ip: "${cidr2ip ip} ${remotePeerName}.${subnetName}"))
+    forEachAttrToList subnetConnection.peerConnections (remotePeerName: peerConnection: forEach peerConnection.ipAddresses (ip: "${asIp ip} ${remotePeerName}.${subnetName}"))
  )))); 
  networking.wireguard = {
    interfaces = forEachAttr' thisPeer.subnetConnections (subnetName: subnetConnection: nameValuePair "${head (strings.splitString "." subnetName)}"
@ -32,7 +32,7 @@ with getKeyProviderFuncs keyProviders inputs intermediateConfig localPeerName;
            name = remotePeerName;
            publicKey = getPeerPubKey remotePeerName;
            presharedKeyFile = getSubnetPSKFile subnetName;
-            allowedIPs = map ( ip: cidr2ip ip + (if match ".*:.*" ip != null then "/128" else "/32")) peerConnection.ipAddresses;
+            allowedIPs = map ( ip: asCidr ip) peerConnection.ipAddresses;
            endpoint = "${peerConnection.endpoint.ip}:${builtins.toString peerConnection.endpoint.port}";
          }
          // (mergeIf peerConnection.endpoint "persistentKeepalive")
--- a/lib.nix
+++ b/lib.nix
@ -127,5 +127,8 @@ rec {
    };
      
    mergeIf = attr: key: if builtins.hasAttr key attr then {"${key}" = attr."${key}";} else {};
-    cidr2ip = cidr: head (filter (item: item != []) (split "/" cidr));
+    asIp = cidr: head (filter (item: item != []) (split "/" cidr));
+    isIpv6 = ip: match ".*:.*" ip != null;
+    isCidr = cidr: match ".*/.*" cidr != null;
+    asCidr = ip: if (isCidr ip) then ip else if isIpv6 ip then ip+"/128" else ip+"/32";
 }