From b58c772ed7bb0ed75244915eec2a56312094d8fa Mon Sep 17 00:00:00 2001
From: Simon Parri <simonparri@ganzeria.com>
Date: Wed, 25 Jun 2025 23:36:33 -0500
Subject: hosts/*: Set up Yggdrasil

---
 hosts/bean/common.nix    |  2 ++
 hosts/thyme/default.nix  |  2 ++
 hosts/tomato/default.nix |  2 ++
 modules/hosts.nix        | 20 +++++++++++++++++++-
 4 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/hosts/bean/common.nix b/hosts/bean/common.nix
index b368083..ff2897e 100644
--- a/hosts/bean/common.nix
+++ b/hosts/bean/common.nix
@@ -83,6 +83,8 @@ in
 
   this.hosts = {
     mine = true;
+    yggdrasil.public = true;
+    yggdrasil.private = true;
   };
 
   system.stateVersion = "24.11";
diff --git a/hosts/thyme/default.nix b/hosts/thyme/default.nix
index 623e81a..1f45392 100644
--- a/hosts/thyme/default.nix
+++ b/hosts/thyme/default.nix
@@ -26,6 +26,8 @@
   this.hosts = {
     lan.home = true;
     mine = true;
+    yggdrasil.public = true;
+    yggdrasil.private = true;
   };
 
   system.stateVersion = "24.11";
diff --git a/hosts/tomato/default.nix b/hosts/tomato/default.nix
index 74d39f4..f30cbb8 100644
--- a/hosts/tomato/default.nix
+++ b/hosts/tomato/default.nix
@@ -29,6 +29,8 @@
   this.hosts = {
     lan.home = true;
     mine = true;
+    yggdrasil.public = true;
+    yggdrasil.private = true;
   };
 
   system.stateVersion = "24.11";
diff --git a/modules/hosts.nix b/modules/hosts.nix
index 0c66c70..79ac3e6 100644
--- a/modules/hosts.nix
+++ b/modules/hosts.nix
@@ -7,6 +7,16 @@ in
     this.hosts.lan.home = lib.mkEnableOption "Home LAN /etc/hosts";
     this.hosts.mine = lib.mkEnableOption "my /etc/hosts";
     this.hosts.alef.zoar.cx = lib.mkEnableOption "alef.zoar.cx /etc/hosts";
+    this.hosts.yggdrasil.public = lib.mkOption {
+      description = "Use Yggdrasil addresses for public hosts when possible.";
+      type = lib.types.bool;
+      default = false;
+    };
+    this.hosts.yggdrasil.private = lib.mkOption {
+      description = "Use Yggdrasil addresses for non-public hosts when possible.";
+      type = lib.types.bool;
+      default = false;
+    };
   };
 
   config = {
@@ -16,10 +26,18 @@ in
         "192.168.1.5" = ["rosemary.alef.zoar.cx" "rosemary"];
       } //
       lib.optionalAttrs cfg.mine {
-        "45.61.184.234" = ["alfheim"];
+        "${(if cfg.yggdrasil.public
+            then "201:c37f:8bd1:de2c:531e:a3c8:6c38:aa3e"
+            else "45.61.184.234")}" = ["alfheim"];
       } //
       lib.optionalAttrs cfg.alef.zoar.cx {
         "173.16.167.196" = ["sage.alef.zoar.cx" "sage"];
       };
+
+    services.yggdrasil = lib.mkMerge [
+      { persistentKeys = true; }
+      (lib.mkIf cfg.yggdrasil.public or cfg.yggdrasil.private
+        { enable = lib.mkDefault true; })
+    ];
   };
 }
-- 
cgit v1.2.3