# SPDX-FileCopyrightText: 2023 Luke Granger-Brown # # SPDX-License-Identifier: Apache-2.0 { depot, lib, pkgs, config, modulesPath, ... }: let nmFiles = builtins.attrNames (lib.filterAttrs (n: v: v == "regular" && lib.hasSuffix ".nmconnection" n) (builtins.readDir ./networkmanager)); nmBits = lib.mkMerge (map (filename: { "NetworkManager/system-connections/${filename}" = { source = ./networkmanager + "/${filename}"; mode = "0600"; }; }) nmFiles); boot-builder = pkgs.callPackage ./boot-builder.nix { }; populate-boot-builder = pkgs.buildPackages.callPackage ./boot-builder.nix { }; in { fileSystems = { "/" = { device = "/dev/disk/by-label/NIXOS"; fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-label/ESP"; fsType = "vfat"; }; }; boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelParams = [ "console=ttyS0,115200n8" ]; boot.initrd.kernelModules = [ "phy-mvebu-cp110-utmi" ]; boot.kernel.sysctl = { "net.ipv4.ip_forward" = "1"; "net.ipv6.conf.default.forwarding" = "1"; "net.ipv6.conf.all.forwarding" = "1"; "net.ipv6.conf.default.accept_ra_from_local" = "1"; "net.ipv6.conf.all.accept_ra_from_local" = "1"; }; networking = { hostName = "kerrigan"; domain = "as205479.net"; hostId = "c424eeb8"; useNetworkd = true; nameservers = [ "2001:4860:4860::8888" "2001:4860:4860::8844" "8.8.8.8" "8.8.4.4" ]; interfaces.eth2.useDHCP = true; interfaces.enu1u4i10.useDHCP = true; firewall.interfaces.br0.allowedTCPPorts = [ 80 ]; nat = { enable = true; enableIPv6 = true; internalInterfaces = [ "br0" ]; externalInterface = "enu1u4i10"; dmzHost = "10.42.0.2"; }; }; users.users.lukegb.extraGroups = lib.mkAfter [ "networkmanager" ]; my.systemType = "aarch64-linux"; my.ip.tailscale = "100.110.212.70"; my.ip.tailscale6 = "fd7a:115c:a1e0:ab12:4843:cd96:626e:d446"; systemd.network.netdevs.br0 = { netdevConfig = { Name = "br0"; Kind = "bridge"; }; }; systemd.network.networks.br0 = { matchConfig.Name = "br0"; networkConfig = { Address = [ "10.42.0.1/24" "2a09:a443:ee::1/64" ]; DHCPServer = true; IPv6SendRA = true; }; ipv6Prefixes = [{ ipv6PrefixConfig = { Prefix = "2a09:a443:ee::/64"; }; }]; ipv6RoutePrefixes = [{ ipv6RoutePrefixConfig = { Route = "::/0"; }; }]; dhcpServerConfig = { PoolOffset = 100; PoolSize = 100; }; }; systemd.network.networks.links-to-bridge = { matchConfig.Name = "lan*"; networkConfig.Bridge = "br0"; }; environment.systemPackages = with pkgs; [ libqmi screen minicom conntrack-tools modemmanager android-tools ]; services.udev.packages = with pkgs; [ modemmanager ]; services.caddy = { enable = true; extraConfig = '' 10.42.0.1:80 { reverse_proxy /mbbstatus http://add-on.ee.co.uk { header_up Host add-on.ee.co.uk } } ''; }; boot.loader.efi.canTouchEfiVariables = false; boot.loader.systemd-boot.enable = true; systemd.services."systemd-networkd-wait-online".wantedBy = lib.mkForce []; system.stateVersion = "23.05"; }