mob next [ci-skip] [ci skip] [skip ci]

lastFile:flake.nix
2026-05-07 17:42:32 +07:00 · 2026-05-07 17:29:46 +07:00 · 2026-05-07 13:14:48 +07:00 · 2026-05-07 10:52:05 +07:00
5 changed files with 183 additions and 5 deletions
@@ -581,6 +581,30 @@
        "type": "github"
      }
    },
+    "openwrt-imagebuilder": {
+      "inputs": {
+        "flake-parts": [
+          "flake-parts"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "systems": "systems_4"
+      },
+      "locked": {
+        "lastModified": 1777544882,
+        "narHash": "sha256-QqrZLvCSg4w2jmLGXs/4KJVXZeogxIeuX0Hw4o5qWwU=",
+        "owner": "astro",
+        "repo": "nix-openwrt-imagebuilder",
+        "rev": "149d0e41bc9ed257290c87a8fdb18c4071e37e07",
+        "type": "github"
+      },
+      "original": {
+        "owner": "astro",
+        "repo": "nix-openwrt-imagebuilder",
+        "type": "github"
+      }
+    },
    "paisano": {
      "inputs": {
        "call-flake": "call-flake",
@@ -661,6 +685,7 @@
        "import-tree": "import-tree",
        "liminix": "liminix",
        "nixpkgs": "nixpkgs_2",
+        "openwrt-imagebuilder": "openwrt-imagebuilder",
        "plasma-manager": "plasma-manager",
        "treefmt-nix": "treefmt-nix"
      }
@@ -779,16 +804,16 @@
    },
    "systems_2": {
      "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "lastModified": 1680978846,
+        "narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "repo": "x86_64-linux",
+        "rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
-        "repo": "default",
+        "repo": "x86_64-linux",
        "type": "github"
      }
    },
@@ -807,6 +832,21 @@
        "type": "github"
      }
    },
+    "systems_4": {
+      "locked": {
+        "lastModified": 1680978846,
+        "narHash": "sha256-Gtqg8b/v49BFDpDetjclCYXm8mAnTrUzR0JnE2nv5aw=",
+        "owner": "nix-systems",
+        "repo": "x86_64-linux",
+        "rev": "2ecfcac5e15790ba6ce360ceccddb15ad16d08a8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "x86_64-linux",
+        "type": "github"
+      }
+    },
    "treefmt-nix": {
      "inputs": {
        "nixpkgs": [
@@ -26,6 +26,11 @@
    };
    import-tree.url = "github:vic/import-tree";
    nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
+    openwrt-imagebuilder = {
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.flake-parts.follows = "flake-parts";
+      url = "github:astro/nix-openwrt-imagebuilder";
+    };
    treefmt-nix = {
      url = "github:numtide/treefmt-nix";
      inputs.nixpkgs.follows = "nixpkgs";
@@ -79,6 +84,37 @@
            packages.think-be = pkgs.think-backend-gtcm;
            packages.file-uploader = pkgs.gtcm-file-uploader;
          };
+
+        flake.packages.x86_64-linux.myrouter =
+          let
+            pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
+            profiles = inputs.openwrt-imagebuilder.lib.profiles { inherit pkgs; };
+            config = profiles.identifyProfile "glinet_gl-mt6000" // {
+              # add package to include in the image, ie. packages that you don't
+              # want to install manually later
+              packages = [
+                "tcpdump"
+                "relayd"
+                "luci-proto-relay"
+              ];
+
+              disabledServices = [ ];
+
+              # include files in the images.
+              # to set UCI configuration, create a uci-defauts scripts as per
+              # official OpenWRT ImageBuilder recommendation.
+              files = pkgs.runCommand "image-files" { } ''
+                mkdir -p $out/etc/uci-defaults
+                cat > $out/etc/uci-defaults/99-custom <<EOF
+                uci -q batch << EOI
+                set system.@system[0].hostname='flint'
+                commit
+                EOI
+                EOF
+              '';
+            };
+          in
+          inputs.openwrt-imagebuilder.lib.build config;
      }
    );
 }
@@ -5,5 +5,9 @@
      device = (import "${inputs.liminix}/devices/gl-ar750");
      liminix-config = import ./white-house/configuration.nix { inherit inputs; };
    };
+    whitehouse-router-2 = import "${inputs.liminix}/default.nix" {
+      device = (import "${inputs.liminix}/devices/gl-ar750");
+      liminix-config = import ./white-house-2/configuration.nix { inherit inputs; };
+    };
  };
 }
@@ -0,0 +1,82 @@
+{ inputs }:
+{
+  config,
+  pkgs,
+  modulesPath,
+  lib,
+  ...
+}:
+let
+  secrets = {
+    firewallRules = { };
+  }
+  // (import ./secrets.nix);
+  wirelessConfig = {
+    country_code = "TH";
+    inherit (secrets) wpa_passphrase;
+    wmm_enabled = 1;
+  };
+  svc = config.system.service;
+in
+{
+  imports = [
+    "${inputs.liminix}/modules/wlan.nix"
+    "${inputs.liminix}/modules/ssh"
+    "${modulesPath}/profiles/wap.nix"
+  ];
+
+  hostname = "whitehouse2";
+  boot = {
+    tftp = {
+      freeSpaceBytes = 3 * 1024 * 1024;
+      serverip = "${secrets.lan.prefix}.149";
+      ipaddr = "${secrets.lan.prefix}.252";
+    };
+  };
+
+  services.sshd = svc.ssh.build {
+    authorizedKeys.root = secrets.root.openssh.authorizedKeys.keys;
+  };
+
+  users.root = secrets.root;
+
+  profile.wap = {
+    interfaces = with config.hardware.networkInterfaces; [
+      wan
+      lan
+      wlan
+      wlan5
+    ];
+
+    wireless.networks = {
+      "${secrets.ssid}" = {
+        interface = config.hardware.networkInterfaces.wlan;
+        hw_mode = "g";
+        channel = "6";
+        ieee80211n = 1;
+      }
+      // wirelessConfig;
+      "${secrets.ssid}-5" = rec {
+        interface = config.hardware.networkInterfaces.wlan5;
+        hw_mode = "a";
+        channel = 36;
+        ht_capab = "[HT40+]";
+        vht_oper_chwidth = 1;
+        vht_oper_centr_freq_seg0_idx = channel + 6;
+        ieee80211n = 1;
+        ieee80211ac = 1;
+      }
+      // wirelessConfig;
+    };
+  };
+
+  system.service.network.forward.enableIPv4 = false;
+  system.service.network.forward.enableIPv6 = false;
+
+  defaultProfile.packages = with pkgs; [
+    busybox
+    iw
+    nftables
+  ];
+
+}
@@ -0,0 +1,16 @@
+{
+  wpa_passphrase = "";
+  ssid = "GL-AR750";
+  root = {
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcZ/p1Ofa9liwIzPWzNtONhJ7+FUWd2lCz33r81t8+w kurogeek@kurogeek"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB/raxJR8gASmquP63weHelbi+da2WBJR1DgzHPNz/f"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuhpzDHBPvn8nv8RH1MRomDOaXyP4GziQm7r3MZ1Syk"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmgyEGuY/r7SDlJgrzYmQqpcWS5W+fCzRi3OS59ne4W openpgp:0xFF687387"
+    ];
+  };
+
+  lan = {
+    prefix = "192.168.1";
+  };
+}
Author	SHA1	Message	Date
kurogeek	04dfba178a	mob next [ci-skip] [ci skip] [skip ci] lastFile:flake.nix	2026-05-07 17:42:32 +07:00
kurogeek	33047aad22	mob next [ci-skip] [ci skip] [skip ci] lastFile:flake.nix	2026-05-07 17:29:46 +07:00
kurogeek	da41b8b568	mob next [ci-skip] [ci skip] [skip ci] lastFile:flake.lock	2026-05-07 13:14:48 +07:00
kurogeek	c030b045a2	routers/whitehouse-2: init whitehouse-2 as an AP	2026-05-07 10:52:05 +07:00