From 60234ec9c1e3db01b1d189fe1f473b7948d254f5 Mon Sep 17 00:00:00 2001
From: TheWanderingCrow <contact@wanderingcrow.net>
Date: Thu, 24 Jul 2025 09:51:55 -0400
Subject: [PATCH] build out mesh some

---
 hosts/common/core/default.nix |  1 +
 hosts/common/core/nebula.nix  | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 hosts/common/core/nebula.nix

diff --git a/hosts/common/core/default.nix b/hosts/common/core/default.nix
index fa16f7f..4a770f5 100644
--- a/hosts/common/core/default.nix
+++ b/hosts/common/core/default.nix
@@ -27,6 +27,7 @@ in {
       "hosts/common/core/editor.nix"
       "hosts/common/core/fonts.nix"
       "hosts/common/core/sudo.nix"
+      "hosts/common/core/nebula.nix"
       "hosts/common/users/primary"
       "hosts/common/users/primary/${platform}.nix"
       "modules/common"
diff --git a/hosts/common/core/nebula.nix b/hosts/common/core/nebula.nix
new file mode 100644
index 0000000..dcd2954
--- /dev/null
+++ b/hosts/common/core/nebula.nix
@@ -0,0 +1,19 @@
+{
+  config,
+  lib,
+  inputs,
+  hostSpec,
+  ...
+}: let
+  s = inputs.nix-secrets.network.mesh;
+in
+  if builtins.hasAttr "${hostSpec.hostName}" s.hosts
+  then lib.warn "Hey you don't have a nebula host config for this host, we'll still build but you should fix this ASAP since you won't be inside the mesh. If you don't know how to do this please talk to your computer administrator (me haha)"
+  else {
+    services.nebula.networks.wce = {
+      inherit (s) ca;
+      inherit (s.hostSpec.hostName) cert key;
+      enable = true;
+      isLighthouse = lib.mkDefault false;
+    };
+  }