{ ... }: { _class = "clan.service"; manifest.name = "phonebox"; manifest.description = ""; manifest.categories = [ "System" ]; roles.default = { perInstance.nixosModule = { lib, ... }: { networking.interfaces = { ${ata-interface} = { useDHCP = false; ipv4.addresses = [ { address = "192.168.254.1"; prefixLength = 24; } ]; }; }; services.dnsmasq = { enable = true; settings = { bind-interfaces = true; # enable-ra = true; domain-needed = true; domain = "localhost"; dhcp-range = [ "192.168.254.100,192.168.254.100,255.255.255.0,24h" ]; dhcp-option = [ "3,192.168.254.1" "option6:information-refresh-time,3600" ]; interface = [ ata-interface ]; }; }; services.nginx = { enable = true; virtualHosts = { "_" = { locations."/" = { proxyPass = "http://192.168.254.100"; }; }; }; }; networking.firewall.allowedUDPPortRanges = [ { from = 10000; to = 20000; } ]; networking.firewall.allowedUDPPorts = [ 53 67 5060 ]; networking.firewall.allowedTCPPorts = [ 53 80 443 ]; services.asterisk = { enable = lib.mkDefault true; confFiles = { "logger.conf" = '' [general] dateformat = %F %T.%3q ; ISO 8601 date format with milliseconds use_callids = yes appendhostname = no queue_log = yes queue_log_to_file = no queue_log_name = queue_log queue_log_realtime_use_gmt = no rotatestrategy = rotate exec_after_rotate=gzip -9 $\{filename\}.2 [logfiles] console => notice,warning,error security => security messages => notice,warning,error full => notice,warning,error,verbose,dtmf,fax syslog.local0 => notice,warning,error ''; # Dial plan config "extensions.conf" = '' [from-internal] exten => 100,1,Answer() same => n,Wait(1) same => n,Playback(hello-world) same => n,Hangup() exten => 6001,1,Dial(PJSIP/6001,20) exten => 6002,1,Dial(PJSIP/6002,20) exten => 8001,1,Dial(PJSIP/8001@kurogeek,20) ''; "pjsip.conf" = '' [transport-udp] type=transport protocol=udp bind=0.0.0.0 [transport-udp6] type=transport protocol=udp bind=:: [kurogeek] type=endpoint context=from-kurogeek disallow=all allow=ulaw allow=alaw allow=g722 allow=gsm aors=kurogeek direct_media=no [kurogeek] type=aor contact=sip:[fd79:fada:fbe9:8c5d:d899:932b:d36d:b8cc] [kurogeek] type=identify endpoint=kurogeek match=[fd79:fada:fbe9:8c5d:d899:932b:d36d:b8cc] [6001] type=endpoint context=from-internal disallow=all allow=ulaw allow=alaw allow=g722 allow=gsm auth=6001 aors=6001 direct_media=no [6001] type=auth auth_type=userpass password=unsecurepassword username=6001 [6001] type=aor max_contacts=1 [6002] type=endpoint context=from-internal disallow=all allow=ulaw allow=alaw allow=g722 allow=gsm auth=6002 aors=6002 direct_media=no [6002] type=auth auth_type=userpass password=unsecurepassword username=6002 [6002] type=aor max_contacts=1 ''; }; }; }; }; }