shinobu/router: Allow adding static hosts

This is required to have them available in nftables rules without too much headache.
2024-09-22 11:26:36 +02:00 · 2024-09-22 11:26:36 +02:00 · b55cc2deaf
parent f38e8d5217
commit b55cc2deaf
3 changed files with 46 additions and 3 deletions
--- a/machines/shinobu/services/router/common.nix
+++ b/machines/shinobu/services/router/common.nix
@ -26,12 +26,35 @@ let
        cidr = v6;
        net = fst v6Split;
        suffix = snd v6Split;
+        withoutLocalComponent = lib.substring 0 ((lib.stringLength net) - 1) net;
        gateway = "${net}1";
        gatewayCidr = "${gateway}/${suffix}";
      };
    };
+
+  macToIpv6InterfaceIdentifier = mac:
+    let
+      macList = lib.splitString ":" mac;
+      macListIpv6 = lib.flatten [
+        (lib.toHexString (lib.bitXor (builtins.fromTOML "x = 0x${lib.elemAt macList 0}").x 2))
+        (lib.sublist 1 2 macList)
+        [ "ff" "fe" ]
+        (lib.sublist 3 3 macList)
+      ];
+      interfaceIdentifierNoColons = lib.strings.toLower (lib.concatStrings macListIpv6);
+      interfaceIdentifier = lib.concatStrings [
+        (lib.substring 0 4 interfaceIdentifierNoColons)
+        ":"
+        (lib.substring 4 4 interfaceIdentifierNoColons)
+        ":"
+        (lib.substring 8 4 interfaceIdentifierNoColons)
+        ":"
+        (lib.substring 12 4 interfaceIdentifierNoColons)
+      ];
    in
-{
+    interfaceIdentifier;
+in
+rec {
  vlan = {
    lan = {
      id = 10;
@ -123,4 +146,15 @@ in
      }
    ];
  };
+  staticHosts = lib.mapAttrs
+    (_: options: options // {
+      address6 = "${vlan.${options.vlan}.subnet.v6.withoutLocalComponent}${macToIpv6InterfaceIdentifier options.hwaddr}";
+    })
+    {
+      fuuko = {
+        hwaddr = "18:c0:4d:d2:93:f0";
+        address4 = "10.80.1.98";
+        vlan = "lan";
+      };
+    };
 }
--- a/machines/shinobu/services/router/dnsmasq.nix
+++ b/machines/shinobu/services/router/dnsmasq.nix
@ -56,6 +56,10 @@ in
        ])
        cfg.vlan);

+      dhcp-host = lib.mapAttrsToList
+        (name: { hwaddr, address4, vlan, ... }: "${hwaddr},tag:br-${vlan},${address4},${name}")
+        cfg.staticHosts;
+
      nftset = [
        "/${lib.concatStringsSep "/" bypassHe}/6#ip6#he-bypass#addresses"
      ];
--- a/machines/shinobu/services/router/nft.nix
+++ b/machines/shinobu/services/router/nft.nix
@ -1,4 +1,4 @@
-# SPDX-FileCopyrightText: 2023 Simon Bruder <simon@sbruder.de>
+# SPDX-FileCopyrightText: 2023-2024 Simon Bruder <simon@sbruder.de>
 #
 # SPDX-License-Identifier: AGPL-3.0-or-later

@ -17,7 +17,12 @@ let
  passthru = {
    VLANS = lib.attrNames cfg.vlan;
    VLAN_BRIDGES = map (name: "br-${name}") (lib.attrNames cfg.vlan);
-  };
+  } // (lib.listToAttrs (lib.flatten (lib.mapAttrsToList
+    (name: staticHostConfig:
+      (map
+        (option: option // { name = "STATIC_HOST_${name}_${option.name}"; })
+        (lib.attrsToList staticHostConfig)))
+    cfg.staticHosts)));

  defines = lib.concatStringsSep
    "\n"