newedge/infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
059319237f8867fc86a910b2ec983d1ca022a012
infra/routers/default.nix
T
kurogeek 059319237f mob next [ci-skip] [ci skip] [skip ci] 
lastFile:routers/default.nix
2026-05-22 16:16:50 +07:00

119 lines
4.8 KiB
Nix
Raw Blame History

{ inputs, lib, ... }:
{
flake.legacyPackages = {
whitehouse-router = import "${inputs.liminix}/default.nix" {
device = (import "${inputs.liminix}/devices/gl-ar750");
liminix-config = import ./white-house/configuration.nix { inherit inputs; };
};
whitehouse-router-2 = import "${inputs.liminix}/default.nix" {
device = (import "${inputs.liminix}/devices/gl-ar750");
liminix-config = import ./white-house-2/configuration.nix { inherit inputs; };
};
flint-repeater =
let
pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
profiles = inputs.openwrt-imagebuilder.lib.profiles { inherit pkgs; };
config = profiles.identifyProfile "glinet_gl-mt6000" // {
# add package to include in the image, ie. packages that you don't
# want to install manually later
packages = [
"tcpdump"
"relayd"
"luci-proto-relay"
];
disabledServices = [ ];
# include files in the images.
# to set UCI configuration, create a uci-defauts scripts as per
# official OpenWRT ImageBuilder recommendation.
files =
let
router-config = {
ssh-keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB/raxJR8gASmquP63weHelbi+da2WBJR1DgzHPNz/f"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuhpzDHBPvn8nv8RH1MRomDOaXyP4GziQm7r3MZ1Syk"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmgyEGuY/r7SDlJgrzYmQqpcWS5W+fCzRi3OS59ne4W openpgp:0xFF687387"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEcZ/p1Ofa9liwIzPWzNtONhJ7+FUWd2lCz33r81t8+w kurogeek@kurogeek"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIOJDRQfb1+7VK5tOe8W40iryfBWYRO6Uf1r2viDjmsJtAAAABHNzaDo="
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDgsWq+G/tcr6eUQYT7+sJeBtRmOMabgFiIgIV44XNc6AAAABHNzaDo="
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJMi3TAuwDtIeO4MsORlBZ31HzaV5bji1fFBPcC9/tWuAAAABHNzaDo="
];
upstream-wifi = {
ssid = "Glom";
password = "";
};
wifi = {
ssid = "GL-AR750";
password = "qwer1234";
};
};
dropbear-path = "/etc/dropbear";
in
pkgs.runCommand "image-files" { } ''
mkdir -p $out/${dropbear-path}
cat > $out/${dropbear-path}/authorized_keys <<EOF
${lib.concatStringsSep "\n" router-config.ssh-keys}
EOF
mkdir -p $out/etc/uci-defaults
cat > $out/etc/uci-defaults/99-custom <<EOF
uci -q batch << EOI
set system.@system[0].hostname='flint'
commit
EOI
uci set dropbear.@dropbear[0].RootLogin='1'
uci set dropbear.@dropbear[0].PasswordAuth='off'
uci set dropbear.@dropbear[0].RootPasswordAuth='off'
uci commit dropbear
service dropbear restart
# Add a new wifi-iface for the upstream network (station mode)
uci set wireless.wwan=wifi-iface
uci set wireless.wwan.device='radio0' # radio1 for 5GHz
uci set wireless.wwan.mode='sta'
uci set wireless.wwan.network='wwan'
uci set wireless.wwan.ssid='${router-config.upstream-wifi.ssid}'
uci set wireless.wwan.encryption='psk2'
uci set wireless.wwan.key='${router-config.upstream-wifi.password}'
uci commit wireless
uci set network.wwan=interface
uci set network.wwan.proto='dhcp'
uci commit network
uci set network.relay=interface
uci set network.relay.proto='relay'
uci set network.relay.network='lan wwan'
uci commit network
# Edit the existing AP or add a new one:
uci set wireless.default_radio0.ssid='${router-config.wifi.ssid}'
uci set wireless.default_radio0.encryption='psk2'
uci set wireless.default_radio0.key='${router-config.wifi.password}'
uci set wireless.default_radio0.disabled='0'
uci commit wireless
uci set dhcp.lan.ignore='1'
uci commit dhcp
uci set firewall.@zone[1].network='wan wan6 wwan'
uci commit firewall
/etc/init.d/relayd enable
/etc/init.d/relayd start
/etc/init.d/network restart
/etc/init.d/firewall restart
wifi
EOF
'';
};
in
inputs.openwrt-imagebuilder.lib.build config;
};
}
Reference in New Issue View Git Blame Copy Permalink