networking

Attribute: clan.core.networking

buildHost

Attribute: clan.core.networking.buildHost

The build SSH node where nixos-rebuild will be executed.

If set to null, the targetHost will be used.

format: user@host:port?SSH_OPTION=SSH_VALUE&SSH_OPTION_2=VALUE_2 examples:

Type: null or string

Default:

null

Declared in: nixosModules/clanCore/networking.nix

forwardAgent

Attribute: clan.core.networking.forwardAgent

Enable SSH agent forwarding for deployments from this machine.

When enabled, your local SSH keys will be forwarded to build/target hosts, allowing them to access private repositories during deployment.

Security Warning: Agent forwarding has security implications. Only enable if you trust the remote hosts, as they could potentially use your forwarded credentials while the connection is active.

For accessing private flake inputs, consider these alternatives:

  • Deploy keys installed directly on the build/target host
  • HTTPS URLs with access tokens on the build/target host
  • Setting this option per-machine in the inventory when needed

This option can be overridden per-machine using {option}inventory.machines.<name>.deploy.forwardAgent.

Type: boolean

Default:

false

Declared in: nixosModules/clanCore/networking.nix

targetHost

Attribute: clan.core.networking.targetHost

The target SSH node for deployment.

If {option}networking.domain and by extension {option}networking.fqdn is set, then this will use the node's fully quantified domain name, otherwise it will default to null.

If set to null, only local deployment will be supported.

format: user@host:port?SSH_OPTION=SSH_VALUE[&SSH_OPTION_2=VALUE_2] examples:

Type: null or string

Default:

if config.networking.domain is not null then "root@${config.networking.fqdnOrHostName}" else null

Declared in: nixosModules/clanCore/networking.nix

zerotier

Attribute: clan.core.networking.zerotier

controller

Attribute: clan.core.networking.zerotier.controller

public

Attribute: clan.core.networking.zerotier.controller.public

everyone can join a public network without having the administrator to accept

Type: boolean

Default:

false

Declared in: nixosModules/clanCore/zerotier

moon

Attribute: clan.core.networking.zerotier.moon

orbitMoons

Attribute: clan.core.networking.zerotier.moon.orbitMoons

Join these moons. This machine will be able to reach all machines in these moons.

Type: list of string

Default:

[ ]

Declared in: nixosModules/clanCore/zerotier

stableEndpoints

Attribute: clan.core.networking.zerotier.moon.stableEndpoints

Make this machine a moon. Other machines can join this moon by adding this moon in their config. It will be reachable under the given stable endpoints.

Type: list of string

Default:

[ ]
Example 
''
  [ 1.2.3.4" "10.0.0.3/9993" "2001:abcd:abcd::3/9993" ]
''

Declared in: nixosModules/clanCore/zerotier

name

Attribute: clan.core.networking.zerotier.name

zerotier network name

Type: string

Default:

"config.clan.core.name"

Declared in: nixosModules/clanCore/zerotier

settings

Attribute: clan.core.networking.zerotier.settings

override the network config in /var/lib/zerotier/bla/$network.json

Type: open submodule of (JSON value)

Default:

{ }

Declared in: nixosModules/clanCore/zerotier

subnet

Attribute: clan.core.networking.zerotier.subnet

Readonly

zerotier subnet

Type: null or string

Default:

"Dynamically derived from 'zerotier-network-id' "

Declared in: nixosModules/clanCore/zerotier