1 files changed, 63 insertions, 0 deletions

diff --git a/sys/net/vsock.nix b/sys/net/vsock.nix
new file mode 100644
index 0000000..c6b0ad6
--- /dev/null
+++ b/sys/net/vsock.nix
@@ -0,0 +1,63 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.local.net.vsock;
+in {
+  options.local.net.vsock = {
+    connect = mkOption {
+      default = {};
+      type = with lib.types;
+        attrsOf (submodule ({name, ...}: {
+          options = {
+            enable = mkEnableOption "vsock connect '${name}'";
+
+            cid = mkOption {
+              type = ints.u32;
+              default = 2;
+            };
+
+            localPort = mkOption {
+              type = port;
+            };
+
+            vsockPort = mkOption {
+              type = port;
+            };
+          };
+        }));
+    };
+  };
+
+  config = {
+    systemd = let
+      connects =
+        mapAttrs
+        (_: connect: {
+          service.serviceConfig = {
+            Type = "simple";
+            ExecStart = "${getExe pkgs.socat} - VSOCK:${toString connect.cid}:${toString connect.vsockPort}";
+            StandardInput = "socket";
+          };
+
+          socket = {
+            wantedBy = ["sockets.target"];
+
+            socketConfig = {
+              Accept = true;
+              ListenStream = "[::1]:${toString connect.localPort}";
+            };
+
+            unitConfig.ConditionVirtualization = "kvm";
+          };
+        })
+        cfg.connect;
+    in {
+      sockets = mapAttrs' (name: connect: nameValuePair "vsock-${name}" connect.socket) connects;
+      services = mapAttrs' (name: connect: nameValuePair "vsock-${name}@" connect.service) connects;
+    };
+  };
+}