shinobu/router: Change nft variable source

2023-09-25 12:48:30 +02:00 · 2023-09-25 12:48:30 +02:00 · ab035b2c44
parent 2a425638e6
commit ab035b2c44
2 changed files with 8 additions and 9 deletions
--- a/machines/shinobu/services/router/nft.nix
+++ b/machines/shinobu/services/router/nft.nix
@ -2,23 +2,24 @@
 let
  cfg = import ./common.nix;

-  flattenAttrValues = attrs: lib.flatten (map (v: if lib.isAttrs v then flattenAttrValues v else v) (lib.attrValues attrs));
-
  mkKeyValue = lib.generators.mkKeyValueDefault
    rec {
-      # specifies the generated string for a subset of nix values
      mkValueString = v:
        if lib.isString v then ''"${v}"''
        else if lib.isList v then ''{ ${lib.concatMapStringsSep ", " mkValueString v} }''
        else lib.generators.mkValueStringDefault { } v;
    } " = ";

+  passthru = {
+    WG_UPSTREAM_ENDPOINT = cfg.wg-upstream.endpoint.address;
+    VPN_BYPASS_MARK = cfg.vpnBypassFwMark;
+  };
+
  defines = lib.concatStringsSep
    "\n"
-    (flattenAttrValues
-      (lib.mapAttrsRecursive
-        (path: value: "define " + (mkKeyValue ''CFG_${lib.concatStringsSep "_" path}'' value))
-        cfg));
+    (lib.mapAttrsToList
+      (key: value: "define " + (mkKeyValue key value))
+      passthru);
 in
 {
  networking.nftables = {
--- a/machines/shinobu/services/router/rules.nft
+++ b/machines/shinobu/services/router/rules.nft
@ -5,9 +5,7 @@ define MASQUERADE_IFACES = { $NAT_WAN_IFACES, $PHYSICAL_WAN }
 define VUEKO_V4 = 168.119.176.53
 define VUEKO_V6 = 2a01:4f8:c012:2f4::1
 define VUEKO_PORT = 51820
-define WG_UPSTREAM_ENDPOINT = $CFG_wg-upstream_endpoint_address
 define PLASTIC_ROUTER_V4 = 192.168.0.1
-define VPN_BYPASS_MARK = $CFG_vpnBypassFwMark

 table inet filter {
 	chain forward {