mob next [ci-skip] [ci skip] [skip ci]

lastFile:modules/clan/asterisk/default.nix
clanService yggdrasil add vars yggdrasil/yggdrasil-subnet
2025-10-21 17:38:54 +07:00 · 2025-10-21 15:55:18 +07:00
6 changed files with 124 additions and 23 deletions
--- a/inventories/default.nix
+++ b/inventories/default.nix
@@ -5,7 +5,7 @@
      tags = {
        glom = [ "vega" ];
        b4l = [ "rigel" ];
-        fax-bridge = [ "neptune" ];
+        fax-bridge = [ ];
      };

      instances = {
--- a/machines/neptune/configuration.nix
+++ b/machines/neptune/configuration.nix
@@ -1,22 +0,0 @@
-{ inputs, config, ... }:
-{
-  imports = [
-    (inputs.import-tree ./services)
-  ];
-  nixpkgs.hostPlatform = {
-    system = "x86_64-linux";
-  };
-  boot.loader.grub.devices = [ "/dev/disk/by-id/FIXME" ];
-  fileSystems = {
-    "/".device = "/dev/FIXME";
-  };
-  networking.fqdn = "b4l.co.th";
-  system.stateVersion = "25.11";
-  clan.core.sops.defaultGroups = [ "admins" ];
-
-  security.acme.defaults.email = "admin@b4l.co.th";
-  security.acme.acceptTerms = true;
-  services.nginx.virtualHosts."${config.networking.fqdn}" = {
-    enableACME = true;
-  };
-}
--- a/modules/clan/asterisk/default.nix
+++ b/modules/clan/asterisk/default.nix
@@ -0,0 +1,64 @@
+{ ... }:
+{
+  _class = "clan.service";
+  manifest.name = "asterisk";
+  manifest.description = "Asterisk PBX server";
+  manifest.categories = [ "System" ];
+
+  roles.default = {
+    perInstance.nixosModule =
+      {
+        lib,
+        config,
+        ...
+      }:
+      {
+        services.asterisk = {
+          enable = lib.mkDefault true;
+          confFiles = {
+            "extensions.conf" = ''
+              [tests]
+              ; Dial 100 for "hello, world"
+              exten => 100,1,Answer()
+              same  =>     n,Wait(1)
+              same  =>     n,Playback(hello-world)
+              same  =>     n,Hangup()
+
+              [softphones]
+              include => tests
+
+              [unauthorized]
+            '';
+            "sip.conf" = ''
+              [general]
+              allowguest=no              ; Require authentication
+              context=unauthorized       ; Send unauthorized users to /dev/null
+              srvlookup=no               ; Don't do DNS lookup
+              udpbindaddr=0.0.0.0        ; Listen on all interfaces
+              nat=force_rport,comedia    ; Assume device is behind NAT
+
+              [softphone](!)
+              type=friend                ; Match on username first, IP second
+              context=softphones         ; Send to softphones context in
+                                         ; extensions.conf file
+              host=dynamic               ; Device will register with asterisk
+              disallow=all               ; Manually specify codecs to allow
+              allow=g722
+              allow=ulaw
+              allow=alaw
+
+              [myphone](softphone)
+              secret=GhoshevFew          ; Change this password!
+            '';
+            "logger.conf" = ''
+              [general]
+
+              [logfiles]
+              ; Add debug output to log
+              syslog.local0 => notice,warning,error,debug
+            '';
+          };
+        };
+      };
+  };
+}
--- a/modules/clan/asterisk/flake-module.nix
+++ b/modules/clan/asterisk/flake-module.nix
@@ -0,0 +1,18 @@
+{ lib, ... }:
+let
+  module = lib.modules.importApply ./default.nix { };
+in
+{
+  clan.modules = {
+    asterisk = module;
+  };
+  perSystem =
+    { ... }:
+    {
+      clan.nixosTests.asterisk = {
+        imports = [ ./tests/vm/default.nix ];
+
+        clan.modules."@clan/asterisk" = module;
+      };
+    };
+}
--- a/modules/clan/asterisk/tests/vm/default.nix
+++ b/modules/clan/asterisk/tests/vm/default.nix
@@ -0,0 +1,39 @@
+{
+  pkgs,
+  ...
+}:
+{
+  name = "service-asterisk";
+
+  clan = {
+    directory = ./.;
+    inventory = {
+      machines.server = { };
+
+      instances = {
+        asterisk-test = {
+          module.name = "@clan/asterisk";
+          module.input = "self";
+          roles.default.machines."server".settings = { };
+        };
+      };
+    };
+  };
+
+  nodes = {
+    server = {
+      services.asterisk = {
+      };
+    };
+  };
+
+  testScript = ''
+    start_all()
+
+    server.wait_for_unit("asterisk")
+
+    # Check that garage is running
+    server.succeed("systemctl status asterisk")
+
+  '';
+}
--- a/modules/clan/yggdrasil/default.nix
+++ b/modules/clan/yggdrasil/default.nix
@@ -22,6 +22,7 @@
            yggdrasil-ip = {
              secret = false;
            };
+            yggdrasil-subnet.secret = false;
          };
          runtimeInputs = with pkgs; [
            yggdrasil
@@ -30,6 +31,7 @@
          script = ''
            yggdrasil -genconf -json | jq {PrivateKey} > $out/yggdrasil-secret
            cat $out/yggdrasil-secret | yggdrasil -useconf -address | tr -d "\n" > $out/yggdrasil-ip
+            yggdrasil -useconffile $out/yggdrasil-secret -subnet | tr -d "\n" > $out/yggdrasil-subnet
          '';
        };
Author	SHA1	Message	Date
kurogeek	4704dd43fa	mob next [ci-skip] [ci skip] [skip ci] lastFile:modules/clan/asterisk/default.nix	2025-10-21 17:38:54 +07:00
kurogeek	b5f3adacd8	clanService yggdrasil add vars yggdrasil/yggdrasil-subnet	2025-10-21 15:55:18 +07:00