Attempt to implement and test setting static ips from instance metadata

nix/checks/hetzner-sets-ipv6/default.nix

@@ -1,19 +1,48 @@
 { inputs, pkgs, ... }:
+let
+  sharedModule = {
+    # Since it's common for CI not to have $DISPLAY available, explicitly disable graphics support
+    virtualisation.graphics = false;
+  };
+in
 pkgs.nixosTest {
-  name = "hetzner-will-boot";
-  nodes.machine =
-    { ... }:
-    {
-      imports = [ inputs.self.nixosModules.default ];
-      khscodes.hetzner = {
-        enable = true;
-        ipv6-addr = "dead:beef:cafe::1";
+  name = "hetzner-sets-ipv6";
+  nodes = {
+    machine =
+      { ... }:
+      {
+        imports = [
+          inputs.self.nixosModules.default
+          sharedModule
+        ];
+        khscodes.hetzner = {
+          enable = true;
+          metadataApiUri = "http://metadata/metadata.yml";
+        };
+        system.stateVersion = "25.05";
       };
-      system.stateVersion = "25.05";
-    };
+    metadata =
+      { ... }:
+      {
+        imports = [ sharedModule ];
+        services.nginx = {
+          enable = true;
+          virtualHosts = {
+            "metafata" = {
+              root = ./root;
+            };
+          };
+        };
+        networking.firewall.allowedTCPPorts = [ 80 ];
+        system.stateVersion = "25.05";
+      };
+  };
   testScript = ''
-    machine.start(allow_reboot = True)
-    machine.wait_for_unit("multi-user.target")
+    metadata.start()
+    metadata.wait_for_unit("nginx.service")
+    metadata.wait_for_open_port(80)
+    machine.start()
+    machine.wait_for_unit("hetzner-static-ip.service")
     ipv6 = machine.succeed("ip addr")
     assert "dead:beef:cafe::1" in ipv6
   '';

nix/checks/hetzner-sets-ipv6/root/metadata.yml

@@ -0,0 +1,12 @@
+---
+network-config:
+  config:
+    - name: eth0
+      subnets:
+        - ipv4: true
+          type: dhcp
+        - address: dead:beef:cafe::1/64
+          gateway: fe80::1
+          ipv6: true
+          type: static
+      type: physical

nix/modules/nixos/hetzner/default.nix

@@ -1,6 +1,7 @@
 {
   config,
   lib,
+  pkgs,
   system,
   ...
 }:
@@ -10,16 +11,16 @@ in
 {
   options.khscodes.hetzner = {
     enable = lib.mkEnableOption "Enables the machine as a hetzner machine";
-    ipv6-addr = lib.mkOption {
-      type = lib.types.nullOr lib.types.str;
-      description = "IPv6 address of the server, for now detecting this from the server itself is not supported";
-      default = null;
-    };
     diskName = lib.mkOption {
       type = lib.types.str;
       default = "nixos";
       description = "Name of the root disk device";
     };
+    metadataApiUri = lib.mkOption {
+      type = lib.types.nullOr lib.types.str;
+      default = null;
+      description = "Sets the metadata API url that the server will contact to gather metadata information from. Should probably only be used for testing";
+    };
   };
 
   config = lib.mkIf cfg.enable {
@@ -48,10 +49,29 @@ in
         networkConfig = {
           DHCP = "ipv4";
         };
-        routes = [ { Gateway = "fe80::1"; } ];
         linkConfig.RequiredForOnline = "routable";
-        address = lib.mkIf (cfg.ipv6-addr != null) [ cfg.ipv6-addr ];
       };
     };
+
+    systemd.services.hetzner-static-ip = {
+      enable = true;
+      wants = [ "network-online.target" ];
+      after = [ "network-online.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+        ExecStart = ''
+          ${lib.getExe pkgs.khscodes.hetzner-static-ip} configure
+        '';
+      };
+      environment =
+        {
+          PATH = lib.mkForce "";
+        }
+        // lib.attrsets.optionalAttrs (cfg.metadataApiUri != null) {
+          INSTANCE_API_URI = cfg.metadataApiUri;
+        };
+    };
   };
 }

nix/packages/hetzner-static-ip/default.nix

@@ -3,4 +3,4 @@
   pkgs,
   inputs,
 }:
-(lib.khscodes.mkRust pkgs "${inputs.self}/rust").buildRustPackage "hetzner-ipv6"
+(lib.khscodes.mkRust pkgs "${inputs.self}/rust").buildRustPackage "hetzner-static-ip"