From 7a19e146492f4088d4dae8e474db4b8487cfa215 Mon Sep 17 00:00:00 2001
From: Luke Granger-Brown <hg@lukegb.com>
Date: Sun, 1 Nov 2020 18:25:01 +0000
Subject: [PATCH] ops/nixos: define a new my.ip.tailscale option which gets put
 into /etc/hosts everywhere

---
 ops/nixos/clouvider-fra01/default.nix |  1 +
 ops/nixos/default.nix                 | 10 +++++++---
 ops/nixos/ixvm-fra01/default.nix      |  1 +
 ops/nixos/kusakabe/default.nix        |  1 +
 ops/nixos/lib/common.nix              |  7 +++++++
 ops/nixos/marukuru/default.nix        |  1 +
 ops/nixos/porcorosso/default.nix      |  1 +
 ops/nixos/swann/default.nix           |  1 +
 ops/nixos/totoro/default.nix          |  1 +
 9 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/ops/nixos/clouvider-fra01/default.nix b/ops/nixos/clouvider-fra01/default.nix
index e49df849ec..aa6598b4ea 100644
--- a/ops/nixos/clouvider-fra01/default.nix
+++ b/ops/nixos/clouvider-fra01/default.nix
@@ -100,6 +100,7 @@ in {
     };
     firewall.allowPing = true;
   };
+  my.ip.tailscale = "100.75.142.119";
 
   # List packages installed in system profile. To search, run:
   # $ nix search wget
diff --git a/ops/nixos/default.nix b/ops/nixos/default.nix
index 05e1312a94..5376237abc 100644
--- a/ops/nixos/default.nix
+++ b/ops/nixos/default.nix
@@ -14,10 +14,14 @@ let
     (depot.third_party.nixeval {
       system = builtins.currentSystem;
       modules = [ (baseModule systemName) (args: { imports = [ lib/common.nix config ]; }) ];
-    }).config.system.build.toplevel;
+    });
   systems = [ "porcorosso" "ixvm-fra01" "marukuru" "clouvider-fra01" "totoro" "kusakabe" "swann" ];
   rebuilder = system: (import ./lib/rebuilder.nix (args // { system = system; }));
   systemCfgs = lib.genAttrs systems
     (name: import (./. + "/${name}"));
-  systemDrvs = mapAttrs systemFor systemCfgs;
-in systemDrvs
+  evaledSystems = mapAttrs systemFor systemCfgs;
+  systemDrvs = mapAttrs (_: sys: sys.config.system.build.toplevel) evaledSystems;
+  systemTailscaleIPs = lib.mapAttrs' (n: v: lib.nameValuePair v [n]) (lib.filterAttrs (n: v: v != null) (mapAttrs (_: sys: sys.config.my.ip.tailscale) evaledSystems));
+in systemDrvs // {
+  tailscaleIPs = systemTailscaleIPs;
+}
diff --git a/ops/nixos/ixvm-fra01/default.nix b/ops/nixos/ixvm-fra01/default.nix
index 7c29ebabb5..ae01381719 100644
--- a/ops/nixos/ixvm-fra01/default.nix
+++ b/ops/nixos/ixvm-fra01/default.nix
@@ -86,6 +86,7 @@ in {
     ATTR{address}=="00:50:56:a3:95:72", NAME="ens-locix"
     ATTR{address}=="00:50:56:a3:6e:0f", NAME="ens-nlix"
   '';
+  my.ip.tailscale = "100.110.171.36";
 
   environment.systemPackages = with pkgs; [];
 
diff --git a/ops/nixos/kusakabe/default.nix b/ops/nixos/kusakabe/default.nix
index e62ede407c..edb9269455 100644
--- a/ops/nixos/kusakabe/default.nix
+++ b/ops/nixos/kusakabe/default.nix
@@ -111,6 +111,7 @@ in {
       ];
     };
   };
+  my.ip.tailscale = "100.101.38.52";
   boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
   boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
   boot.kernel.sysctl."net.ipv6.conf.br-ext.proxy_ndp" = 1;
diff --git a/ops/nixos/lib/common.nix b/ops/nixos/lib/common.nix
index f8adf120b7..94065fc71c 100644
--- a/ops/nixos/lib/common.nix
+++ b/ops/nixos/lib/common.nix
@@ -18,9 +18,16 @@ in
     default = null;
   };
 
+  options.my.ip.tailscale = lib.mkOption {
+    type = lib.types.nullOr lib.types.string;
+    default = null;
+  };
+
   config = {
     hardware.enableRedistributableFirmware = true;
 
+    networking.hosts = depot.ops.nixos.tailscaleIPs;
+
     nix = {
       nixPath = [ "depot=/home/lukegb/depot/" "nixpkgs=/home/lukegb/depot/third_party/nixpkgs/" ];
       trustedUsers = [ "root" "@wheel" ];
diff --git a/ops/nixos/marukuru/default.nix b/ops/nixos/marukuru/default.nix
index d0c3e460b4..e4e0340f08 100644
--- a/ops/nixos/marukuru/default.nix
+++ b/ops/nixos/marukuru/default.nix
@@ -52,6 +52,7 @@ in {
       };
     };
   };
+  my.ip.tailscale = "100.98.193.46";
   services.udev.extraRules = ''
     ATTR{address}=="52:54:00:84:e2:2a", NAME="eth0"
   '';
diff --git a/ops/nixos/porcorosso/default.nix b/ops/nixos/porcorosso/default.nix
index cee3bb62df..b022ef2fa5 100644
--- a/ops/nixos/porcorosso/default.nix
+++ b/ops/nixos/porcorosso/default.nix
@@ -94,6 +94,7 @@ in {
   networking.useDHCP = false;
   networking.interfaces.eno1.useDHCP = false;
   networking.networkmanager.enable = true;
+  my.ip.tailscale = "100.125.26.108";
 
   # Set your time zone.
   time.timeZone = "Europe/London";
diff --git a/ops/nixos/swann/default.nix b/ops/nixos/swann/default.nix
index ef5194cde5..a1036806c0 100644
--- a/ops/nixos/swann/default.nix
+++ b/ops/nixos/swann/default.nix
@@ -48,6 +48,7 @@ in {
       };
     };
   };
+  my.ip.tailscale = "100.102.224.95";
   services.udev.extraRules = ''
     ATTR{address}=="e4:3a:6e:16:07:62", NAME="ens-virginmedia"
     ATTR{address}=="e4:3a:6e:16:07:67", NAME="ens-general"
diff --git a/ops/nixos/totoro/default.nix b/ops/nixos/totoro/default.nix
index fe129accde..913fd4f6ad 100644
--- a/ops/nixos/totoro/default.nix
+++ b/ops/nixos/totoro/default.nix
@@ -70,6 +70,7 @@ in {
     };
     bridges.br-int.interfaces = [];
   };
+  my.ip.tailscale = "100.122.86.11";
 
   # Virtualisation
   virtualisation.libvirtd = {