From 2eb43c7b2150342c2d6fb17fe0d2f0c12a2cdaee Mon Sep 17 00:00:00 2001
From: sinanmohd <sinan@sinanmohd.com>
Date: Mon, 1 Jan 2024 19:07:06 +0530
Subject: kay/network/he: init routing table

---
 hosts/kay/modules/hurricane.nix | 55 ++++++++++++++++++++++++++++++++++++-----
 1 file changed, 49 insertions(+), 6 deletions(-)

(limited to 'hosts/kay')

diff --git a/hosts/kay/modules/hurricane.nix b/hosts/kay/modules/hurricane.nix
index 25e0721..d0a0531 100644
--- a/hosts/kay/modules/hurricane.nix
+++ b/hosts/kay/modules/hurricane.nix
@@ -4,16 +4,25 @@ let
   iface = "hurricane";
   remote = "216.218.221.42";
   address = "2001:470:35:72a::2";
+  gateway = "2001:470:35:72a::1";
   prefixLength = 64;
+  prefix = "2001:470:35:72a::/${toString prefixLength}";
 in
 {
-  networking.sits.${iface} = {
-    inherit remote;
-    ttl = 225;
+  networking = {
+    sits.${iface} = {
+      inherit remote;
+      ttl = 225;
+    };
+    interfaces.${iface}.ipv6.addresses = [{
+      inherit prefixLength address;
+    }];
+
+    iproute2 = {
+      enable = true;
+      rttablesExtraConfig = "200 hurricane";
+    };
   };
-  networking.interfaces.${iface}.ipv6.addresses = [{
-    inherit prefixLength address;
-  }];
 
   sops.secrets = {
     "hurricane/username" = {};
@@ -21,6 +30,40 @@ in
     "hurricane/tunnel_id" = {};
   };
 
+  systemd.services."network-route-${iface}" = {
+    description = "Routing configuration of ${iface}";
+    wantedBy = [
+      "network-setup.service"
+      "network.target"
+    ];
+    before = [ "network-setup.service" ];
+    bindsTo = [ "network-addresses-hurricane.service" ];
+    after = [ "network-pre.target" "network-addresses-hurricane.service" ];
+    # restart rather than stop+start this unit to prevent the
+    # network from dying during switch-to-configuration.
+    stopIfChanged = false;
+
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+    };
+
+    path = [ pkgs.iproute2 ];
+    script = ''
+      echo -n "adding route ${prefix}... "
+
+      ip -6 rule add from ${prefix} table hurricane || exit 1
+      ip -6 route add default via ${gateway} dev hurricane table hurricane || exit 1
+    '';
+    preStop = ''
+      echo -n "deleting route $prefix... "
+
+      ip -6 route del default via ${gateway} dev hurricane table hurricane || exit 1
+      ip -6 rule del from ${prefix} table hurricane || exit 1
+    '';
+  };
+
+
   services.pppd.script."02-${iface}" = {
     runtimeInputs = with pkgs; [ curl coreutils iproute2 ];
     text = ''
-- 
cgit v1.2.3