configuration/router/default.nix

@@ -10,17 +10,11 @@
     "net.ipv6.conf.all.forwarding" = true;
   };
 
-  networking.firewall.allowedTCPPorts = [
+  # Open Firewall for BGP
-    # Open Firewall for BGP
+  networking.firewall.allowedTCPPorts = [ 179 ];
-    179
+  # Open Fireall for OSPF
-  ];
-
   networking.firewall.extraCommands = ''
-    # Open fireall for OSPF
+  ip6tables -A INPUT -p ospfigp -j ACCEPT
-    ip6tables -A INPUT -p ospfigp -j ACCEPT
+  iptables -A INPUT -p ospfigp -j ACCEPT
-    iptables -A INPUT -p ospfigp -j ACCEPT
-    # Open firewall for GRE
-    ip6tables -A INPUT -p gre -j ACCEPT
-    iptables -A INPUT -p gre -j ACCEPT
   '';
 }

hosts/carbon/configuration.nix

@@ -84,17 +84,6 @@
     ];
   };
 
-  clerie.gre-tunnel = {
-    enable = true;
-    ipv4 = {
-      gre-gatekeeper = {
-        remote = "10.152.101.1";
-        local = (lib.head config.networking.interfaces.lo.ipv4.addresses).address;
-        address = "169.254.201.2/24";
-      };
-    };
-  };
-
   services.bird2.enable = true;
   services.bird2.config = ''
   router id ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };

hosts/gatekeeper/configuration.nix

@@ -136,17 +136,6 @@
     ];
   };
 
-  clerie.gre-tunnel = {
-    enable = true;
-    ipv4 = {
-      gre-carbon = {
-        remote = "10.152.104.1";
-        local = (lib.head config.networking.interfaces.lo.ipv4.addresses).address;
-        address = "169.254.201.1/24";
-      };
-    };
-  };
-
   services.bird2.enable = true;
   services.bird2.config = ''
   router id ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };

modules/default.nix

@@ -5,7 +5,6 @@
     ./policyrouting
     ./anycast_healthchecker
     ./gitea
-    ./gre-tunnel
     ./nginx-port-forward
   ];
 }

modules/gre-tunnel/default.nix

@@ -1,11 +1,11 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, ... }:
 
 with lib;
 
 let
   cfg = config.clerie.gre-tunnel;
 
-  generateInterfaceUnit = isIPv6: (name: tunnel:
+  generateInterfaceUnit = isIPv6: name: tunnel:
     nameValuePair "gre-tunnel-${name}" {
         description = "GRE Tunnel - ${name}";
         requires = [ "network-online.target" ];
@@ -32,36 +32,30 @@ let
           ip tunnel del ${name}
           ${tunnel.postShutdown}
         '';
-      });
+      };
 
   checkOpts = { config, ... }@moduleAttrs: {
     options = {
       remote = mkOption {
         type = types.str;
-        description = "Address of reciever.";
       };
       local = mkOption {
         type = types.str;
-        description = "Address our packets originate from.";
       };
       address = mkOption {
         type = types.str;
-        description = "Our address in this tunnel.";
       };
       preSetup = mkOption {
         type = types.str;
         default = "";
-        description = "Commands called at the start of the interface setup.";
       };
       postSetup = mkOption {
         type = types.str;
         default = "";
-        description = "Commands called at the end of the interface setup.";
       };
       postShutdown = mkOption {
         type = types.str;
         default = "";
-        description = "Commands called after shutting down the interface.";
       };
     };
   };
@@ -83,7 +77,7 @@ in {
 
   config = mkIf cfg.enable {
     systemd.services =
-    (mapAttrs' (generateInterfaceUnit false) cfg.ipv4)
+    (mapAttrsToList (generateInterfaceUnit false) cfg.ipv4)
-    // (mapAttrs' (generateInterfaceUnit true) cfg.ipv6);
+    ++ (mapAttrsToList (generateInterfaceUnit true) cfg.ipv6);
   };
 }