From 8e08efa13c26e948a0b74872c280866a5d3a493f Mon Sep 17 00:00:00 2001 From: kurogeek Date: Fri, 10 Oct 2025 15:22:03 +0700 Subject: [PATCH] mob next [ci-skip] [ci skip] [skip ci] lastFile:routers/fax-router/configuration.nix --- flake.lock | 17 ++-- flake.nix | 4 +- routers/fax-router/configuration.nix | 143 +++++---------------------- 3 files changed, 36 insertions(+), 128 deletions(-) diff --git a/flake.lock b/flake.lock index 2294b7e..0a4690b 100644 --- a/flake.lock +++ b/flake.lock @@ -139,14 +139,19 @@ "liminix": { "flake": false, "locked": { - "lastModified": 1758271851, - "narHash": "sha256-pfh+oahaVh1HVbZsz+ZM/+YV8FXnjMQ62dcRDUpzzPA=", - "path": "/home/kurogeek/Desktop/gitea/dan/liminix", - "type": "path" + "lastModified": 1759950611, + "narHash": "sha256-wGMzkMYsXZX7aZC2mj1vubqi3Q728V162P6k/EE9tHE=", + "ref": "refs/heads/main", + "rev": "29fbb5461d034c4c59b88cbe04937b04ecad18e0", + "revCount": 1572, + "type": "git", + "url": "https://gti.telent.net/dan/liminix" }, "original": { - "path": "/home/kurogeek/Desktop/gitea/dan/liminix", - "type": "path" + "ref": "refs/heads/main", + "rev": "29fbb5461d034c4c59b88cbe04937b04ecad18e0", + "type": "git", + "url": "https://gti.telent.net/dan/liminix" } }, "nix-darwin": { diff --git a/flake.nix b/flake.nix index d8c36b9..f6db819 100644 --- a/flake.nix +++ b/flake.nix @@ -22,8 +22,8 @@ inputs.nixpkgs.follows = "nixpkgs"; }; liminix = { - # url = "git+https://gti.telent.net/dan/liminix?ref=refs/heads/main&rev=cb43857ecf45feb0351023946f559e8e3343d12a"; - url = "path:/home/kurogeek/Desktop/gitea/dan/liminix"; + url = "git+https://gti.telent.net/dan/liminix?ref=refs/heads/main&rev=29fbb5461d034c4c59b88cbe04937b04ecad18e0"; + # url = "path:/home/kurogeek/Desktop/gitea/dan/liminix"; flake = false; }; }; diff --git a/routers/fax-router/configuration.nix b/routers/fax-router/configuration.nix index bca95b0..16b4382 100644 --- a/routers/fax-router/configuration.nix +++ b/routers/fax-router/configuration.nix @@ -4,140 +4,43 @@ # devices: mostly you will need to attend to the number of wlan and lan # interfaces { inputs }: -{ - config, - pkgs, - lib, - modulesPath, - ... -}: +{ config, pkgs, ... }: let - secrets = { - domainName = "fake.liminix.org"; - firewallRules = { }; - } - // (import ./rotuer-secrets.nix); + inherit (pkgs.liminix.services) target; svc = config.system.service; - wirelessConfig = { - country_code = "GB"; - inherit (secrets) wpa_passphrase; - wmm_enabled = 1; - }; - in rec { - boot = { - tftp = { - freeSpaceBytes = 3 * 1024 * 1024; - serverip = "10.0.0.1"; - ipaddr = "10.0.0.8"; - }; - }; - imports = [ - "${modulesPath}/profiles/gateway.nix" + "${inputs.liminix}/modules/wlan.nix" + "${inputs.liminix}/modules/network" + "${inputs.liminix}/modules/ntp" + "${inputs.liminix}/modules/vlan" ]; - hostname = "rotuer"; - profile.gateway = { - lan = { - interfaces = with config.hardware.networkInterfaces; [ - # EDIT: these are the interfaces exposed by the gl.inet gl-ar750: - # if your device has more or differently named lan interfaces, - # specify them here - wlan - wlan5 - lan - ]; - inherit (secrets.lan) prefix; - address = { - family = "inet"; - address = "${secrets.lan.prefix}.1"; - prefixLength = 24; - }; - dhcp = { - start = 10; - end = 240; - hosts = - { } // lib.optionalAttrs (builtins.pathExists ./static-leases.nix) (import ./static-leases.nix); - localDomain = "lan"; - }; - }; - wan = { - # wan interface depends on your upstream - could be dhcp, static - # ethernet, a pppoe, ppp over serial, a complicated bonded - # failover ... who knows what else? - interface = svc.pppoe.build { - interface = config.hardware.networkInterfaces.wan; - username = secrets.l2tp.name; - password = secrets.l2tp.password; - bandwidth = 70 * 1000 * 1000; - }; - # once the wan has ipv4 connnectivity, should we run dhcp6 - # client to potentially get an address range ("prefix - # delegation") - dhcp6.enable = true; - }; - firewall = { - enable = true; - rules = secrets.firewallRules; - }; - wireless.networks = { - # EDIT: if you have more or fewer wireless radios, here is where - # you need to say so. hostapd tuning is hardware-specific and - # left as an exercise for the reader :-). + services.dhcpv4 = + let + iface = svc.network.link.build { ifname = "eth1"; }; + in + svc.network.dhcp.client.build { interface = iface; }; - "${secrets.ssid}" = { - interface = config.hardware.networkInterfaces.wlan; - hw_mode = "g"; - channel = "2"; - ieee80211n = 1; - } - // wirelessConfig; - "${secrets.ssid}5" = rec { - interface = config.hardware.networkInterfaces.wlan5; - hw_mode = "a"; - channel = 36; - ht_capab = "[HT40+]"; - vht_oper_chwidth = 1; - vht_oper_centr_freq_seg0_idx = channel + 6; - ieee80211n = 1; - ieee80211ac = 1; - } - // wirelessConfig; - }; + services.defaultroute4 = svc.network.route.build { + via = "$(output ${services.dhcpv4} ip)"; + target = "default"; + dependencies = [ services.dhcpv4 ]; }; - services.ntp = svc.ntp.build { - user = "root"; + services.packet_forwarding = svc.network.forward.build { }; + + services.ntp = config.system.service.ntp.build { pools = { "pool.ntp.org" = [ "iburst" ]; }; - makestep = { - threshold = 1.0; - limit = 3; - }; }; - services.sshd = svc.ssh.build { }; - - users.root = secrets.root; - - defaultProfile.packages = with pkgs; [ - min-collect-garbage - nftables - strace - tcpdump - s6 - ]; - - programs.busybox = { - applets = [ - "fdisk" - "sfdisk" - ]; - options = { - FEATURE_FANCY_TAIL = "y"; - }; + boot.tftp = { + serverip = "192.168.8.148"; + ipaddr = "192.168.8.251"; }; + + defaultProfile.packages = [ pkgs.hello ]; }