# SPDX-FileCopyrightText: 2023 Luke Granger-Brown <depot@lukegb.com> # # SPDX-License-Identifier: Apache-2.0 { depot, lib, pkgs, config, modulesPath, ... }: let nmFiles = builtins.attrNames (lib.filterAttrs (n: v: v == "regular" && lib.hasSuffix ".nmconnection" n) (builtins.readDir ./networkmanager)); nmBits = lib.mkMerge (map (filename: { "NetworkManager/system-connections/${filename}" = { source = ./networkmanager + "/${filename}"; mode = "0600"; }; }) nmFiles); uboot-envtools = pkgs.ubootTools.override { extraMakeFlags = [ "HOST_TOOLS_ALL=y" "CROSS_BUILD_TOOLS=1" "NO_SDL=1" "envtools" ]; outputs = [ "out" "man" ]; postInstall = '' ln -s $out/bin/fw_printenv $out/bin/fw_setenv installManPage doc/*.1 ''; filesToInstall = [ "tools/env/fw_printenv" ]; }; in { fileSystems = { "/" = { device = "/dev/disk/by-label/NIXOS"; fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-label/ESP"; fsType = "vfat"; }; }; boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelParams = [ "console=ttyS0,115200n8" ]; boot.initrd.kernelModules = [ "phy-mvebu-cp110-utmi" ]; boot.kernel.sysctl = { "net.ipv4.ip_forward" = "1"; "net.ipv6.conf.default.forwarding" = "1"; "net.ipv6.conf.all.forwarding" = "1"; "net.ipv6.conf.default.accept_ra_from_local" = "1"; "net.ipv6.conf.all.accept_ra_from_local" = "1"; }; networking = { hostName = "kerrigan"; domain = "as205479.net"; hostId = "c424eeb8"; useNetworkd = true; nameservers = [ "2001:4860:4860::8888" "2001:4860:4860::8844" "8.8.8.8" "8.8.4.4" ]; interfaces.eth2.useDHCP = true; interfaces.enu1u4i10.useDHCP = true; firewall.interfaces.br0.allowedTCPPorts = [ 80 ]; nat = { enable = true; enableIPv6 = true; internalInterfaces = [ "br0" ]; externalInterface = "enu1u4i10"; dmzHost = "10.42.0.2"; }; }; users.users.lukegb.extraGroups = lib.mkAfter [ "networkmanager" ]; my.systemType = "aarch64-linux"; my.ip.tailscale = "100.110.212.70"; my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:626e:d446"; systemd.network.netdevs.br0 = { netdevConfig = { Name = "br0"; Kind = "bridge"; }; }; systemd.network.networks.br0 = { matchConfig.Name = "br0"; networkConfig = { Address = [ "10.42.0.1/24" "2a09:a443:ee::1/64" ]; DHCPServer = true; IPv6SendRA = true; }; ipv6Prefixes = [{ ipv6PrefixConfig = { Prefix = "2a09:a443:ee::/64"; }; }]; ipv6RoutePrefixes = [{ ipv6RoutePrefixConfig = { Route = "::/0"; }; }]; dhcpServerConfig = { PoolOffset = 100; PoolSize = 100; }; }; systemd.network.networks.links-to-bridge = { matchConfig.Name = "lan*"; networkConfig.Bridge = "br0"; }; environment.systemPackages = with pkgs; [ libqmi screen minicom conntrack-tools modemmanager android-tools uboot-envtools ]; services.udev.packages = with pkgs; [ modemmanager ]; services.caddy = { enable = true; extraConfig = '' 10.42.0.1:80 { reverse_proxy /mbbstatus http://add-on.ee.co.uk { header_up Host add-on.ee.co.uk } } ''; }; boot.loader.efi.canTouchEfiVariables = false; boot.loader.systemd-boot.enable = true; systemd.services."systemd-networkd-wait-online".wantedBy = lib.mkForce []; system.stateVersion = "23.05"; hardware.deviceTree = { enable = true; name = "marvell/armada-7040-mochabin.dtb"; filter = "armada-7040-mochabin.dtb"; overlays = [{ name = "spi"; filter = "armada-7040-mochabin.dtb"; dtsText = '' /dts-v1/; /plugin/; / { compatible = "globalscale,mochabin marvell,armada7040 marvell,armada-ap806-quad marvell,armada-ap806"; }; &cp0_spi1 { flash@0 { status = "disabled"; }; flash-real@0 { #address-cells = <1>; #size-cells = <1>; compatible = "jedec,spi-nor"; reg = <0>; spi-max-frequency = <20000000>; partitions { compatible = "fixed-partitions"; #address-cells = <1>; #size-cells = <1>; partition@0 { label = "firmware"; reg = <0x0 0x3e0000>; read-only; }; partition@3e0000 { label = "u-boot-env"; reg = <0x3e0000 0x20000>; }; }; }; }; ''; }]; }; }