2023-01-17 19:36:53 +00:00
|
|
|
# SPDX-FileCopyrightText: 2023 Luke Granger-Brown <depot@lukegb.com>
|
|
|
|
#
|
|
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
|
|
|
{ depot, lib, pkgs, config, modulesPath, ... }:
|
|
|
|
|
|
|
|
let
|
|
|
|
nmFiles = builtins.attrNames (lib.filterAttrs (n: v: v == "regular" && lib.hasSuffix ".nmconnection" n) (builtins.readDir ./networkmanager));
|
|
|
|
nmBits = lib.mkMerge (map (filename: {
|
|
|
|
"NetworkManager/system-connections/${filename}" = {
|
|
|
|
source = ./networkmanager + "/${filename}";
|
|
|
|
mode = "0600";
|
|
|
|
};
|
|
|
|
}) nmFiles);
|
|
|
|
|
|
|
|
boot-builder = pkgs.callPackage ./boot-builder.nix { };
|
|
|
|
populate-boot-builder = pkgs.buildPackages.callPackage ./boot-builder.nix { };
|
|
|
|
in
|
|
|
|
{
|
|
|
|
fileSystems = {
|
2023-10-12 20:12:40 +00:00
|
|
|
"/" = { device = "/dev/disk/by-label/NIXOS"; fsType = "ext4"; };
|
2023-08-08 22:28:42 +00:00
|
|
|
"/boot" = { device = "/dev/disk/by-label/ESP"; fsType = "vfat"; };
|
2023-01-17 19:36:53 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
|
|
|
boot.kernelParams = [ "console=ttyS0,115200n8" ];
|
|
|
|
boot.initrd.kernelModules = [ "phy-mvebu-cp110-utmi" ];
|
|
|
|
|
2023-01-21 19:54:18 +00:00
|
|
|
boot.kernel.sysctl = {
|
|
|
|
"net.ipv4.ip_forward" = "1";
|
|
|
|
"net.ipv6.conf.default.forwarding" = "1";
|
|
|
|
"net.ipv6.conf.all.forwarding" = "1";
|
2023-01-21 22:38:56 +00:00
|
|
|
"net.ipv6.conf.default.accept_ra_from_local" = "1";
|
|
|
|
"net.ipv6.conf.all.accept_ra_from_local" = "1";
|
2023-01-21 19:54:18 +00:00
|
|
|
};
|
|
|
|
|
2023-01-17 19:36:53 +00:00
|
|
|
networking = {
|
|
|
|
hostName = "kerrigan";
|
|
|
|
domain = "as205479.net";
|
|
|
|
hostId = "c424eeb8";
|
|
|
|
useNetworkd = true;
|
|
|
|
nameservers = [
|
|
|
|
"2001:4860:4860::8888"
|
|
|
|
"2001:4860:4860::8844"
|
|
|
|
"8.8.8.8"
|
|
|
|
"8.8.4.4"
|
|
|
|
];
|
|
|
|
interfaces.eth2.useDHCP = true;
|
2023-10-10 23:30:19 +00:00
|
|
|
interfaces.enu1u4i10.useDHCP = true;
|
|
|
|
firewall.interfaces.br0.allowedTCPPorts = [ 80 ];
|
2023-10-13 01:40:30 +00:00
|
|
|
nat = {
|
|
|
|
enable = true;
|
|
|
|
enableIPv6 = true;
|
|
|
|
internalInterfaces = [ "br0" ];
|
|
|
|
externalInterface = "enu1u4i10";
|
|
|
|
dmzHost = "10.42.0.2";
|
|
|
|
};
|
2023-01-17 19:36:53 +00:00
|
|
|
};
|
|
|
|
users.users.lukegb.extraGroups = lib.mkAfter [ "networkmanager" ];
|
|
|
|
my.systemType = "aarch64-linux";
|
|
|
|
|
2023-01-21 22:46:00 +00:00
|
|
|
my.ip.tailscale = "100.110.212.70";
|
|
|
|
my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:626e:d446";
|
|
|
|
|
2023-01-21 22:38:56 +00:00
|
|
|
systemd.network.netdevs.br0 = {
|
|
|
|
netdevConfig = {
|
|
|
|
Name = "br0";
|
|
|
|
Kind = "bridge";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
systemd.network.networks.br0 = {
|
|
|
|
matchConfig.Name = "br0";
|
|
|
|
networkConfig = {
|
2023-10-10 23:30:19 +00:00
|
|
|
Address = [ "10.42.0.1/24" "2a09:a443:ee::1/64" ];
|
2023-01-21 22:38:56 +00:00
|
|
|
DHCPServer = true;
|
2023-10-10 23:30:19 +00:00
|
|
|
IPv6SendRA = true;
|
2023-01-21 22:38:56 +00:00
|
|
|
};
|
2023-10-10 23:30:19 +00:00
|
|
|
ipv6Prefixes = [{
|
|
|
|
ipv6PrefixConfig = {
|
|
|
|
Prefix = "2a09:a443:ee::/64";
|
|
|
|
};
|
|
|
|
}];
|
|
|
|
ipv6RoutePrefixes = [{
|
|
|
|
ipv6RoutePrefixConfig = {
|
|
|
|
Route = "::/0";
|
|
|
|
};
|
|
|
|
}];
|
2023-01-21 22:38:56 +00:00
|
|
|
dhcpServerConfig = {
|
|
|
|
PoolOffset = 100;
|
|
|
|
PoolSize = 100;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
systemd.network.networks.links-to-bridge = {
|
|
|
|
matchConfig.Name = "lan*";
|
|
|
|
networkConfig.Bridge = "br0";
|
|
|
|
};
|
|
|
|
|
2023-10-10 23:30:19 +00:00
|
|
|
environment.systemPackages = with pkgs; [
|
2023-10-12 22:34:21 +00:00
|
|
|
libqmi screen minicom conntrack-tools modemmanager android-tools
|
|
|
|
];
|
|
|
|
services.udev.packages = with pkgs; [
|
|
|
|
modemmanager
|
2023-10-10 23:30:19 +00:00
|
|
|
];
|
2023-01-17 19:36:53 +00:00
|
|
|
|
2023-10-10 23:30:19 +00:00
|
|
|
services.caddy = {
|
2023-01-21 19:54:18 +00:00
|
|
|
enable = true;
|
2023-10-10 23:30:19 +00:00
|
|
|
extraConfig = ''
|
|
|
|
10.42.0.1:80 {
|
|
|
|
reverse_proxy /mbbstatus http://add-on.ee.co.uk {
|
|
|
|
header_up Host add-on.ee.co.uk
|
|
|
|
}
|
|
|
|
}
|
2023-01-21 19:54:18 +00:00
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2023-10-10 23:30:19 +00:00
|
|
|
boot.loader.efi.canTouchEfiVariables = false;
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
2023-01-21 22:38:56 +00:00
|
|
|
|
2023-10-10 23:30:19 +00:00
|
|
|
systemd.services."systemd-networkd-wait-online".wantedBy = lib.mkForce [];
|
2023-09-30 01:13:33 +00:00
|
|
|
|
2023-01-17 19:36:53 +00:00
|
|
|
system.stateVersion = "23.05";
|
|
|
|
}
|