mob next [ci-skip] [ci skip] [skip ci]

lastFile:routers/fax-router/configuration.nix
2025-10-10 15:22:03 +07:00
parent 0f929bc8f4
commit 8e08efa13c
3 changed files with 36 additions and 128 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -139,14 +139,19 @@
    "liminix": {
      "flake": false,
      "locked": {
-        "lastModified": 1758271851,
-        "narHash": "sha256-pfh+oahaVh1HVbZsz+ZM/+YV8FXnjMQ62dcRDUpzzPA=",
-        "path": "/home/kurogeek/Desktop/gitea/dan/liminix",
-        "type": "path"
+        "lastModified": 1759950611,
+        "narHash": "sha256-wGMzkMYsXZX7aZC2mj1vubqi3Q728V162P6k/EE9tHE=",
+        "ref": "refs/heads/main",
+        "rev": "29fbb5461d034c4c59b88cbe04937b04ecad18e0",
+        "revCount": 1572,
+        "type": "git",
+        "url": "https://gti.telent.net/dan/liminix"
      },
      "original": {
-        "path": "/home/kurogeek/Desktop/gitea/dan/liminix",
-        "type": "path"
+        "ref": "refs/heads/main",
+        "rev": "29fbb5461d034c4c59b88cbe04937b04ecad18e0",
+        "type": "git",
+        "url": "https://gti.telent.net/dan/liminix"
      }
    },
    "nix-darwin": {
--- a/flake.nix
+++ b/flake.nix
@@ -22,8 +22,8 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };
    liminix = {
-      # url = "git+https://gti.telent.net/dan/liminix?ref=refs/heads/main&rev=cb43857ecf45feb0351023946f559e8e3343d12a";
-      url = "path:/home/kurogeek/Desktop/gitea/dan/liminix";
+      url = "git+https://gti.telent.net/dan/liminix?ref=refs/heads/main&rev=29fbb5461d034c4c59b88cbe04937b04ecad18e0";
+      # url = "path:/home/kurogeek/Desktop/gitea/dan/liminix";
      flake = false;
    };
  };
--- a/routers/fax-router/configuration.nix
+++ b/routers/fax-router/configuration.nix
@@ -4,140 +4,43 @@
 # devices: mostly you will need to attend to the number of wlan and lan
 # interfaces
 { inputs }:
-{
-  config,
-  pkgs,
-  lib,
-  modulesPath,
-  ...
-}:
+{ config, pkgs, ... }:
 let
-  secrets = {
-    domainName = "fake.liminix.org";
-    firewallRules = { };
-  }
-  // (import ./rotuer-secrets.nix);
+  inherit (pkgs.liminix.services) target;
  svc = config.system.service;
-  wirelessConfig = {
-    country_code = "GB";
-    inherit (secrets) wpa_passphrase;
-    wmm_enabled = 1;
-  };
-
 in
 rec {
-  boot = {
-    tftp = {
-      freeSpaceBytes = 3 * 1024 * 1024;
-      serverip = "10.0.0.1";
-      ipaddr = "10.0.0.8";
-    };
-  };
-
  imports = [
-    "${modulesPath}/profiles/gateway.nix"
+    "${inputs.liminix}/modules/wlan.nix"
+    "${inputs.liminix}/modules/network"
+    "${inputs.liminix}/modules/ntp"
+    "${inputs.liminix}/modules/vlan"
  ];
-  hostname = "rotuer";

-  profile.gateway = {
-    lan = {
-      interfaces = with config.hardware.networkInterfaces; [
-        # EDIT: these are the interfaces exposed by the gl.inet gl-ar750:
-        # if your device has more or differently named lan interfaces,
-        # specify them here
-        wlan
-        wlan5
-        lan
-      ];
-      inherit (secrets.lan) prefix;
-      address = {
-        family = "inet";
-        address = "${secrets.lan.prefix}.1";
-        prefixLength = 24;
-      };
-      dhcp = {
-        start = 10;
-        end = 240;
-        hosts =
-          { } // lib.optionalAttrs (builtins.pathExists ./static-leases.nix) (import ./static-leases.nix);
-        localDomain = "lan";
-      };
-    };
-    wan = {
-      # wan interface depends on your upstream - could be dhcp, static
-      # ethernet, a pppoe, ppp over serial, a complicated bonded
-      # failover ... who knows what else?
-      interface = svc.pppoe.build {
-        interface = config.hardware.networkInterfaces.wan;
-        username = secrets.l2tp.name;
-        password = secrets.l2tp.password;
-        bandwidth = 70 * 1000 * 1000;
-      };
-      # once the wan has ipv4 connnectivity, should we run dhcp6
-      # client to potentially get an address range ("prefix
-      # delegation")
-      dhcp6.enable = true;
-    };
-    firewall = {
-      enable = true;
-      rules = secrets.firewallRules;
-    };
-    wireless.networks = {
-      # EDIT: if you have more or fewer wireless radios, here is where
-      # you need to say so.  hostapd tuning is hardware-specific and
-      # left as an exercise for the reader :-).
+  services.dhcpv4 =
+    let
+      iface = svc.network.link.build { ifname = "eth1"; };
+    in
+    svc.network.dhcp.client.build { interface = iface; };

-      "${secrets.ssid}" = {
-        interface = config.hardware.networkInterfaces.wlan;
-        hw_mode = "g";
-        channel = "2";
-        ieee80211n = 1;
-      }
-      // wirelessConfig;
-      "${secrets.ssid}5" = rec {
-        interface = config.hardware.networkInterfaces.wlan5;
-        hw_mode = "a";
-        channel = 36;
-        ht_capab = "[HT40+]";
-        vht_oper_chwidth = 1;
-        vht_oper_centr_freq_seg0_idx = channel + 6;
-        ieee80211n = 1;
-        ieee80211ac = 1;
-      }
-      // wirelessConfig;
-    };
+  services.defaultroute4 = svc.network.route.build {
+    via = "$(output ${services.dhcpv4} ip)";
+    target = "default";
+    dependencies = [ services.dhcpv4 ];
  };

-  services.ntp = svc.ntp.build {
-    user = "root";
+  services.packet_forwarding = svc.network.forward.build { };
+
+  services.ntp = config.system.service.ntp.build {
    pools = {
      "pool.ntp.org" = [ "iburst" ];
    };
-    makestep = {
-      threshold = 1.0;
-      limit = 3;
-    };
  };

-  services.sshd = svc.ssh.build { };
-
-  users.root = secrets.root;
-
-  defaultProfile.packages = with pkgs; [
-    min-collect-garbage
-    nftables
-    strace
-    tcpdump
-    s6
-  ];
-
-  programs.busybox = {
-    applets = [
-      "fdisk"
-      "sfdisk"
-    ];
-    options = {
-      FEATURE_FANCY_TAIL = "y";
-    };
+  boot.tftp = {
+    serverip = "192.168.8.148";
+    ipaddr = "192.168.8.251";
  };
+
+  defaultProfile.packages = [ pkgs.hello ];
 }