Merge pull request #275 from DarkKirb/disable-router
remove routing features from nas
This commit is contained in:
commit
ff45731a77
8 changed files with 8 additions and 1130 deletions
|
@ -19,8 +19,6 @@
|
|||
./services/backup.nix
|
||||
nixos-hardware.nixosModules.common-cpu-amd
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
./services/hostapd.nix
|
||||
./services/router.nix
|
||||
./services/syncthing.nix
|
||||
../modules/tc-cake.nix
|
||||
./services/cups.nix
|
||||
|
@ -73,19 +71,6 @@
|
|||
fsType = "vfat";
|
||||
};
|
||||
|
||||
networking.interfaces.br0 = {
|
||||
ipv4 = {
|
||||
addresses = [
|
||||
{
|
||||
address = "192.168.2.1";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
networking.bridges = {
|
||||
br0.interfaces = ["enp9s0" "wlp7s0"];
|
||||
};
|
||||
networking.wireguard.interfaces."wg0".ips = ["fd0d:a262:1fa6:e621:bc9b:6a33:86e4:873b/64"];
|
||||
environment.etc."sysconfig/lm_sensors".text = ''
|
||||
# Generated by sensors-detect on Sun Apr 24 08:31:51 2022
|
||||
|
|
|
@ -1,9 +0,0 @@
|
|||
{nixpkgs, ...}: {
|
||||
imports = [
|
||||
"${nixpkgs}/nixos/modules/installer/netboot/netboot-base.nix"
|
||||
];
|
||||
networking.wireguard.interfaces."wg0".ips = [
|
||||
"fd0d:a262:1fa6:e621:6ec2:1e4e:ce7f:d2af/64"
|
||||
];
|
||||
networking.hostId = "8425e349";
|
||||
}
|
|
@ -1,24 +0,0 @@
|
|||
{config, ...}: {
|
||||
imports = [
|
||||
../../modules/hostapd.nix
|
||||
];
|
||||
services.hostapd = {
|
||||
enable = true;
|
||||
countryCode = "DE";
|
||||
interface = "wlp7s0";
|
||||
ssid = "🦝";
|
||||
wpa = true;
|
||||
wpaPassphraseFile = config.sops.secrets."services/hostapd".path;
|
||||
extraConfig = ''
|
||||
utf8_ssid=1
|
||||
wmm_enabled=1
|
||||
ieee80211n=1
|
||||
wpa_pairwise=GCMP CCMP
|
||||
'';
|
||||
};
|
||||
sops.secrets."services/hostapd" = {
|
||||
restartUnits = [
|
||||
"hostapd.service"
|
||||
];
|
||||
};
|
||||
}
|
|
@ -1,185 +0,0 @@
|
|||
{
|
||||
nixos-config-for-netboot,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
win11Iso = pkgs.stdenv.mkDerivation {
|
||||
name = "Win11_22H2_EnglishInternational_x64v2.iso";
|
||||
|
||||
src = pkgs.emptyDirectory;
|
||||
|
||||
buildPhase = ''
|
||||
echo "Manually add a win11.iso with the correct hash to your store"
|
||||
|
||||
exit 1
|
||||
'';
|
||||
|
||||
outputHash = "0dgv9vjv375d5jx80y67ljz5vvpnb0inmia0cifga1zlsp1sq9zz";
|
||||
outputHashMode = "flat";
|
||||
outputHashAlgo = "sha256";
|
||||
};
|
||||
installBat = pkgs.writeText "install.bat" ''
|
||||
wpeinit
|
||||
ipconfig
|
||||
net use i: \\192.168.2.1\INSTALL /user:none none
|
||||
|
||||
i:
|
||||
setup.exe /AddBootMgrLast
|
||||
'';
|
||||
winpeshlIni = pkgs.writeText "winpeshl.ini" ''
|
||||
[LaunchhApps]
|
||||
"install.bat"
|
||||
'';
|
||||
win11SetupDir = pkgs.stdenv.mkDerivation {
|
||||
name = "win11-boot";
|
||||
src = pkgs.emptyDirectory;
|
||||
nativeBuildInputs = [pkgs.p7zip];
|
||||
buildPhase = "";
|
||||
installPhase = ''
|
||||
mkdir $out
|
||||
cd $out
|
||||
7z x ${win11Iso} efi/microsoft/boot/bcd boot/fonts/segmono_boot.ttf boot/fonts/segoe_slboot.ttf boot/fonts/segoen_slboot.ttf boot/fonts/wgl4_boot.ttf boot/boot.sdi sources/boot.wim
|
||||
ln -sv ${installBat} install.bat
|
||||
ln -sv ${winpeshlIni} winpeshl.ini
|
||||
'';
|
||||
};
|
||||
win11IsoDir = pkgs.stdenv.mkDerivation {
|
||||
name = "win11";
|
||||
|
||||
src = pkgs.emptyDirectory;
|
||||
|
||||
buildPhase = "true";
|
||||
installPhase = ''
|
||||
mkdir $out
|
||||
ln -sv ${win11Iso} $out/win11.iso
|
||||
ln -sv ${win11SetupDir} $out/setup
|
||||
'';
|
||||
};
|
||||
bootIpxeX86Script = pkgs.writeTextDir "boot.ipxe" ''
|
||||
#!ipxe
|
||||
:start
|
||||
menu iPXE boot menu
|
||||
item --gap -- ------------------------- Operating systems ------------------------------
|
||||
item --key n linux (N)ixOS (netboot)
|
||||
item --key w windows (W)indows 11 (installer)
|
||||
item --gap -- ----------------------------- Utilities ----------------------------------
|
||||
item --key e ext (E)xit
|
||||
item --key s shell EFI (S)hell
|
||||
choose version && goto ${"$"}{version} || goto start
|
||||
|
||||
:linux
|
||||
chain http://192.168.2.1/x86_64/netboot.ipxe
|
||||
|
||||
:windows
|
||||
imgfree
|
||||
kernel http://192.168.2.1/x86_64/share/wimboot/wimboot.x86_64.efi gui
|
||||
initrd http://192.168.2.1/x86_64/setup/install.bat install.bat
|
||||
initrd http://192.168.2.1/x86_64/setup/winpeshl.ini winpeshl.ini
|
||||
initrd http://192.168.2.1/x86_64/setup/efi/microsoft/boot/bcd BCD
|
||||
initrd http://192.168.2.1/x86_64/setup/boot/fonts/segmono_boot.ttf segmono_boot.ttf
|
||||
initrd http://192.168.2.1/x86_64/setup/boot/fonts/segoe_slboot.ttf segoe_slboot.ttf
|
||||
initrd http://192.168.2.1/x86_64/setup/boot/fonts/segoen_slboot.ttf segoen_slboot.ttf
|
||||
initrd http://192.168.2.1/x86_64/setup/boot/fonts/wgl4_boot.ttf wgl4_boot.ttf
|
||||
initrd http://192.168.2.1/x86_64/setup/boot/boot.sdi boot.sdi
|
||||
initrd http://192.168.2.1/x86_64/setup/sources/boot.wim boot.wim
|
||||
boot
|
||||
|
||||
:shell
|
||||
chain http://192.168.2.1/x86_64/shell.efi
|
||||
|
||||
:ext
|
||||
exit
|
||||
'';
|
||||
netboot-x86_64 = pkgs.symlinkJoin {
|
||||
name = "netboot-x86_64";
|
||||
paths = [
|
||||
pkgs.ipxe
|
||||
nixos-config-for-netboot.nixosConfigurations.netboot.config.system.build.kernel
|
||||
nixos-config-for-netboot.nixosConfigurations.netboot.config.system.build.netbootRamdisk
|
||||
nixos-config-for-netboot.nixosConfigurations.netboot.config.system.build.netbootIpxeScript
|
||||
pkgs.edk2-uefi-shell
|
||||
bootIpxeX86Script
|
||||
win11IsoDir
|
||||
pkgs.wimboot
|
||||
];
|
||||
};
|
||||
bootIpxeScript = pkgs.writeText "boot.ipxe" ''
|
||||
#!ipxe
|
||||
set arch ${"$"}{buildarch}
|
||||
iseq ${"$"}{arch} i386 && cpuid --ext 29 && set arch x86_64 ||
|
||||
|
||||
chain http://192.168.2.1/${"$"}{arch}/boot.ipxe
|
||||
'';
|
||||
netboot = pkgs.stdenvNoCC.mkDerivation {
|
||||
name = "netboot";
|
||||
src = pkgs.emptyDirectory;
|
||||
buildPhase = "true";
|
||||
installPhase = ''
|
||||
mkdir $out
|
||||
cp ${bootIpxeScript} $out/boot.ipxe
|
||||
ln -svf ${netboot-x86_64} $out/x86_64
|
||||
'';
|
||||
};
|
||||
in {
|
||||
networking.dhcpcd.allowInterfaces = ["enp2s0f0u4"]; # yes a usb network card don’t judge
|
||||
services.kea.dhcp4.settings = {
|
||||
interfaces-config = {
|
||||
interfaces = [
|
||||
"br0"
|
||||
];
|
||||
};
|
||||
lease-database = {
|
||||
name = "/var/lib/kea/dhcp4.leases";
|
||||
persist = true;
|
||||
type = "memfile";
|
||||
};
|
||||
rebind-timer = 2000;
|
||||
renew-timer = 1000;
|
||||
subnet4 = [
|
||||
{
|
||||
pools = [
|
||||
{
|
||||
pool = "192.168.2.100 - 192.168.2.240";
|
||||
}
|
||||
];
|
||||
subnet = "192.168.2.0/24";
|
||||
option-data = [
|
||||
{
|
||||
name = "routers";
|
||||
data = "192.168.2.1";
|
||||
}
|
||||
{
|
||||
name = "domain-name-servers";
|
||||
data = "1.1.1.1";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
valid-lifetime = 4000;
|
||||
};
|
||||
services.kea.dhcp4.enable = true;
|
||||
services.atftpd = {
|
||||
enable = true;
|
||||
root = pkgs.ipxe;
|
||||
};
|
||||
services.caddy.virtualHosts."http://192.168.2.1".extraConfig = ''
|
||||
import baseConfig
|
||||
root * ${netboot}
|
||||
file_server
|
||||
'';
|
||||
networking.firewall.interfaces."br0".allowedUDPPorts = [69 4011];
|
||||
# No i don’t have ipv6 :(
|
||||
networking.firewall.extraCommands = ''
|
||||
iptables -A FORWARD -i br0 -j ACCEPT
|
||||
iptables -t nat -A POSTROUTING -o enp2s0f0u4 -s 192.168.2.0/24 -j MASQUERADE
|
||||
'';
|
||||
networking.interfaces.enp2s0f0u4.macAddress = "00:d8:61:d0:de:1e"; # fucking ISP
|
||||
boot.kernel.sysctl = {
|
||||
"net.ipv4.conf.all.forwarding" = true;
|
||||
"net.ipv6.conf.all.forwarding" = true;
|
||||
};
|
||||
fileSystems."/mnt/win" = {
|
||||
device = "${win11Iso}";
|
||||
options = ["loop" "ro"];
|
||||
};
|
||||
}
|
640
flake.lock
640
flake.lock
|
@ -36,48 +36,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"chir-rs_2": {
|
||||
"inputs": {
|
||||
"flake-parts": [
|
||||
"nixos-config-for-netboot",
|
||||
"flake-parts"
|
||||
],
|
||||
"haskell-flake": [
|
||||
"nixos-config-for-netboot",
|
||||
"haskell-flake"
|
||||
],
|
||||
"microformats2-parser": "microformats2-parser_2",
|
||||
"nix-packages": [
|
||||
"nixos-config-for-netboot",
|
||||
"nix-packages"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
],
|
||||
"systems": [
|
||||
"nixos-config-for-netboot",
|
||||
"systems"
|
||||
],
|
||||
"treefmt-nix": [
|
||||
"nixos-config-for-netboot",
|
||||
"treefmt-nix"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699254151,
|
||||
"narHash": "sha256-PeC6rOfXVIgMQ/0eZM9j9tLbS4Xu8/PzPKTpQ4L60Ds=",
|
||||
"owner": "DarkKirb",
|
||||
"repo": "chir.rs",
|
||||
"rev": "c849b0234b38e0105fd0504d4ec379b84e5fbec0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "DarkKirb",
|
||||
"repo": "chir.rs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"colorpickle": {
|
||||
"inputs": {
|
||||
"naersk": [
|
||||
|
@ -150,31 +108,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"dns_2": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"nixos-config-for-netboot",
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1644390195,
|
||||
"narHash": "sha256-eU6y5oYs8HUS7Mmo6h8qsl+gLa4zLlhIl0Ryk4e4r2M=",
|
||||
"owner": "DarkKirb",
|
||||
"repo": "dns.nix",
|
||||
"rev": "4d3d32b0fd221895bf3da0e348056260c3a77636",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "DarkKirb",
|
||||
"repo": "dns.nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"element-web": {
|
||||
"inputs": {
|
||||
"devshell": [
|
||||
|
@ -235,43 +168,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"firefox_2": {
|
||||
"inputs": {
|
||||
"cachix": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
],
|
||||
"flake-compat": [
|
||||
"nixos-config-for-netboot",
|
||||
"flake-compat"
|
||||
],
|
||||
"lib-aggregate": [
|
||||
"nixos-config-for-netboot",
|
||||
"lib-aggregate"
|
||||
],
|
||||
"mozilla": [
|
||||
"nixos-config-for-netboot",
|
||||
"mozilla"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1700009812,
|
||||
"narHash": "sha256-gexWhDZs4fo/qrcIYdt96ubkPTM+/HSMvj48BodiirY=",
|
||||
"owner": "nix-community",
|
||||
"repo": "flake-firefox-nightly",
|
||||
"rev": "e6b823170a4f89a08c20b418bf4b7798a94d3cab",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "flake-firefox-nightly",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -288,22 +184,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-compat_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
|
@ -324,27 +204,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-parts_2": {
|
||||
"inputs": {
|
||||
"nixpkgs-lib": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1698882062,
|
||||
"narHash": "sha256-HkhafUayIqxXyHH1X8d9RDl1M2CkFgZLjKD3MzabiEo=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "8c9fa2545007b49a5db5f650ae91f227672c3877",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": [
|
||||
|
@ -365,27 +224,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": [
|
||||
"nixos-config-for-netboot",
|
||||
"systems"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1694529238,
|
||||
"narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gomod2nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -411,33 +249,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"gomod2nix_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nix-packages",
|
||||
"nixpkgs"
|
||||
],
|
||||
"utils": [
|
||||
"nixos-config-for-netboot",
|
||||
"nix-packages",
|
||||
"flake-utils"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1692555015,
|
||||
"narHash": "sha256-QS7fNVS9ToprIt93R/S+BVerAttNkYI3/SVQI3jciLs=",
|
||||
"owner": "DarkKirb",
|
||||
"repo": "gomod2nix",
|
||||
"rev": "de2e02108ef1e6ab52a71676f7735a3fc1bea741",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "DarkKirb",
|
||||
"repo": "gomod2nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"haskell-flake": {
|
||||
"locked": {
|
||||
"lastModified": 1700254486,
|
||||
|
@ -453,21 +264,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"haskell-flake_2": {
|
||||
"locked": {
|
||||
"lastModified": 1699388095,
|
||||
"narHash": "sha256-uutZJWtd6rKwoLYLFGsjrA2zu06uRdGC//FANb4azgU=",
|
||||
"owner": "srid",
|
||||
"repo": "haskell-flake",
|
||||
"rev": "7029034b00bd7c9225d74915a6a53e5b44b4a1d3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "srid",
|
||||
"repo": "haskell-flake",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -488,27 +284,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"home-manager_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699783872,
|
||||
"narHash": "sha256-4zTwLT2LL45Nmo6iwKB3ls3hWodVP9DiSWxki/oewWE=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "280721186ab75a76537713ec310306f0eba3e407",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"hydra": {
|
||||
"inputs": {
|
||||
"nix": "nix",
|
||||
|
@ -533,31 +308,6 @@
|
|||
"url": "https://git.chir.rs/darkkirb/hydra"
|
||||
}
|
||||
},
|
||||
"hydra_2": {
|
||||
"inputs": {
|
||||
"nix": "nix_2",
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nix-packages",
|
||||
"hydra",
|
||||
"nix",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1697704332,
|
||||
"narHash": "sha256-XDDllf7VLpSuQcBxv4v2BGoeKhbqDqISAu8r48eqc3Y=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "30ba162924d53d4daafb09414b86241e7ecaa9ab",
|
||||
"revCount": 4073,
|
||||
"type": "git",
|
||||
"url": "https://git.chir.rs/darkkirb/hydra"
|
||||
},
|
||||
"original": {
|
||||
"type": "git",
|
||||
"url": "https://git.chir.rs/darkkirb/hydra"
|
||||
}
|
||||
},
|
||||
"lib-aggregate": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
|
@ -581,31 +331,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"lib-aggregate_2": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"nixos-config-for-netboot",
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs-lib": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699790908,
|
||||
"narHash": "sha256-8CO4KQhiEyO7rce4KVOq8arpk9802fVwxtN/oLeRFag=",
|
||||
"owner": "nix-community",
|
||||
"repo": "lib-aggregate",
|
||||
"rev": "6c60a229fa422698325b2788e93dfeeba3f11391",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "lib-aggregate",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"lowdown-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -622,22 +347,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"lowdown-src_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1633514407,
|
||||
"narHash": "sha256-Dw32tiMjdK9t3ETl5fzGrutQTzh2rufgZV4A/BbxuD4=",
|
||||
"owner": "kristapsdz",
|
||||
"repo": "lowdown",
|
||||
"rev": "d2c2b44ff6c27b936ec27358a2653caaef8f73b8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "kristapsdz",
|
||||
"repo": "lowdown",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"matrix-js-sdk": {
|
||||
"inputs": {
|
||||
"devshell": [
|
||||
|
@ -725,33 +434,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"mautrix-cleanup_2": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"nixos-config-for-netboot",
|
||||
"nix-packages",
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nix-packages",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1678395415,
|
||||
"narHash": "sha256-l7upZ8y8SobYtv+RYD7DodRU74DGvDRjvaKfj8VmAow=",
|
||||
"owner": "DarkKirb",
|
||||
"repo": "mautrix-cleanup",
|
||||
"rev": "5f5f51ce8b7560d18ddae1824bc253a9e896ab0b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "DarkKirb",
|
||||
"repo": "mautrix-cleanup",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"microformats2-parser": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
|
@ -768,22 +450,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"microformats2-parser_2": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1695821315,
|
||||
"narHash": "sha256-Et4yYDiIcIeMsEkZI9Y0Unh51fnuMQzScE4dxgXCGzo=",
|
||||
"owner": "darkkirb",
|
||||
"repo": "microformats2-parser",
|
||||
"rev": "4e6b3aac8f5af3306261ef2782f7df990e96f429",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "darkkirb",
|
||||
"repo": "microformats2-parser",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"mozilla": {
|
||||
"locked": {
|
||||
"lastModified": 1695805681,
|
||||
|
@ -799,21 +465,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"mozilla_2": {
|
||||
"locked": {
|
||||
"lastModified": 1695805681,
|
||||
"narHash": "sha256-1ElPLD8eFfnuIk0G52HGGpRtQZ4QPCjChRlEOfkZ5ro=",
|
||||
"owner": "mozilla",
|
||||
"repo": "nixpkgs-mozilla",
|
||||
"rev": "6eabade97bc28d707a8b9d82ad13ef143836736e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "mozilla",
|
||||
"repo": "nixpkgs-mozilla",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"naersk": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -879,31 +530,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-gaming_2": {
|
||||
"inputs": {
|
||||
"flake-parts": [
|
||||
"nixos-config-for-netboot",
|
||||
"flake-parts"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1700010845,
|
||||
"narHash": "sha256-Zpd6vdDBsL8phO9QlIPX/h01v2LCOPlsrJQreOSenoQ=",
|
||||
"owner": "fufexan",
|
||||
"repo": "nix-gaming",
|
||||
"rev": "92d6637940bf86746a4f5efa7b86e1d94090b351",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "fufexan",
|
||||
"repo": "nix-gaming",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-neovim": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -924,27 +550,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-neovim_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1650651888,
|
||||
"narHash": "sha256-2lC6oeQMTke7/bx8VxLNJr54A/WGkdAv2H0iebTmACY=",
|
||||
"owner": "syberant",
|
||||
"repo": "nix-neovim",
|
||||
"rev": "6f03a1c206ff2c5bea209c73f861ebd8088de53b",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "syberant",
|
||||
"repo": "nix-neovim",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-packages": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
|
@ -975,116 +580,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix-packages_2": {
|
||||
"inputs": {
|
||||
"flake-compat": [
|
||||
"nixos-config-for-netboot",
|
||||
"flake-compat"
|
||||
],
|
||||
"flake-utils": [
|
||||
"nixos-config-for-netboot",
|
||||
"flake-utils"
|
||||
],
|
||||
"gomod2nix": "gomod2nix_2",
|
||||
"hydra": "hydra_2",
|
||||
"mautrix-cleanup": "mautrix-cleanup_2",
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1700028514,
|
||||
"narHash": "sha256-Xb5qQwjFI02yO1rHEFAB4Xfs9Uzo1paCGNw1WGRziJw=",
|
||||
"owner": "DarkKirb",
|
||||
"repo": "nix-packages",
|
||||
"rev": "9f786a30cf3907c18d1f6709cb0487b651ec7ba1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "DarkKirb",
|
||||
"ref": "main",
|
||||
"repo": "nix-packages",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nix_2": {
|
||||
"inputs": {
|
||||
"lowdown-src": "lowdown-src_2",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nixpkgs-regression": "nixpkgs-regression_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1677045134,
|
||||
"narHash": "sha256-jUc2ccTR8f6MGY2pUKgujm+lxSPNGm/ZAP+toX+nMNc=",
|
||||
"owner": "nixos",
|
||||
"repo": "nix",
|
||||
"rev": "4acc684ef7b3117c6d6ac12837398a0008a53d85",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "2.13.3",
|
||||
"repo": "nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-config-for-netboot": {
|
||||
"inputs": {
|
||||
"chir-rs": "chir-rs_2",
|
||||
"dns": "dns_2",
|
||||
"firefox": "firefox_2",
|
||||
"flake-compat": "flake-compat_2",
|
||||
"flake-parts": "flake-parts_2",
|
||||
"flake-utils": "flake-utils_2",
|
||||
"haskell-flake": "haskell-flake_2",
|
||||
"home-manager": "home-manager_2",
|
||||
"lib-aggregate": "lib-aggregate_2",
|
||||
"mozilla": "mozilla_2",
|
||||
"nix-gaming": "nix-gaming_2",
|
||||
"nix-neovim": "nix-neovim_2",
|
||||
"nix-packages": "nix-packages_2",
|
||||
"nixos-config-for-netboot": [
|
||||
"nixos-config-for-netboot"
|
||||
],
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs_3",
|
||||
"nur": "nur",
|
||||
"sops-nix": "sops-nix",
|
||||
"systems": "systems",
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1700028923,
|
||||
"narHash": "sha256-87w37LOdowNLdgczPIDtzvv298FT/T75P4Ct+ibne0g=",
|
||||
"owner": "DarkKirb",
|
||||
"repo": "nixos-config",
|
||||
"rev": "70a88984c0362fc5dad723173f38e11490f8d34e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "DarkKirb",
|
||||
"repo": "nixos-config",
|
||||
"rev": "70a88984c0362fc5dad723173f38e11490f8d34e",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1699997707,
|
||||
"narHash": "sha256-ugb+1TGoOqqiy3axyEZpfF6T4DQUGjfWZ3Htry1EfvI=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "5689f3ebf899f644a1aabe8774d4f37eb2f6c2f9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-hardware_2": {
|
||||
"locked": {
|
||||
"lastModified": 1700392353,
|
||||
"narHash": "sha256-KARn8aVJu5fdW0jdJYoOQ1SPqWlNdz4l7r90NbArWSY=",
|
||||
|
@ -1131,54 +627,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-regression_2": {
|
||||
"locked": {
|
||||
"lastModified": 1643052045,
|
||||
"narHash": "sha256-uGJ0VXIhWKGXxkeNnq4TvV3CIOkUJ3PAoLZ3HMzNVMw=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "215d4d0fd80ca5163643b03a33fde804a29cc1e2",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1670461440,
|
||||
"narHash": "sha256-jy1LB8HOMKGJEGXgzFRLDU1CBGL0/LlkolgnqIsF0D8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "04a75b2eecc0acf6239acf9dd04485ff8d14f425",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-22.11-small",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1700026739,
|
||||
"narHash": "sha256-Igz8Ug98Z/mt6QGlkfdGZNQQw2GkT9y0AMz9ii0bOFk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e8ad54f562b4621c7c080b4a3ddbafe4735bcb86",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1700503501,
|
||||
"narHash": "sha256-Ong9/3qx2lEytSezcFdtaKQvjVma6yjBFzvt257uwjo=",
|
||||
|
@ -1194,21 +643,6 @@
|
|||
}
|
||||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1700026913,
|
||||
"narHash": "sha256-tDep0ctEmsm/VCUvhjE0EaIeIArvdfnxkoTmX6Q4JD8=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "89eea2ba1860809b7ed9e9cab9d9ac0e312f833a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nur_2": {
|
||||
"locked": {
|
||||
"lastModified": 1700498677,
|
||||
"narHash": "sha256-ABtiINPf4cwNHsWQ1dnriQvvuhRBoqScYtXYEhvevN0=",
|
||||
|
@ -1242,41 +676,15 @@
|
|||
"nix-gaming": "nix-gaming",
|
||||
"nix-neovim": "nix-neovim",
|
||||
"nix-packages": "nix-packages",
|
||||
"nixos-config-for-netboot": "nixos-config-for-netboot",
|
||||
"nixos-hardware": "nixos-hardware_2",
|
||||
"nixpkgs": "nixpkgs_4",
|
||||
"nur": "nur_2",
|
||||
"sops-nix": "sops-nix_2",
|
||||
"systems": "systems_2",
|
||||
"treefmt-nix": "treefmt-nix_2"
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nur": "nur",
|
||||
"sops-nix": "sops-nix",
|
||||
"systems": "systems",
|
||||
"treefmt-nix": "treefmt-nix"
|
||||
}
|
||||
},
|
||||
"sops-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
],
|
||||
"nixpkgs-stable": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699951338,
|
||||
"narHash": "sha256-1GeczM7XfgHcYGYiYNcdwSFu3E62vmh4d7mffWZvyzE=",
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "0e3a94167dcd10a47b89141f35b2ff9e04b34c46",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "Mic92",
|
||||
"repo": "sops-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"sops-nix_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
|
@ -1314,43 +722,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"systems_2": {
|
||||
"locked": {
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"treefmt-nix": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixos-config-for-netboot",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1699786194,
|
||||
"narHash": "sha256-3h3EH1FXQkIeAuzaWB+nK0XK54uSD46pp+dMD3gAcB4=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "e82f32aa7f06bbbd56d7b12186d555223dc399d1",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"treefmt-nix_2": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
|
|
|
@ -85,10 +85,6 @@ rec {
|
|||
inputs.flake-utils.follows = "flake-utils";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
nixos-config-for-netboot = {
|
||||
url = "github:DarkKirb/nixos-config/70a88984c0362fc5dad723173f38e11490f8d34e";
|
||||
inputs.nixos-config-for-netboot.follows = "nixos-config-for-netboot";
|
||||
};
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs";
|
||||
nur.url = "github:nix-community/NUR";
|
||||
|
@ -133,10 +129,6 @@ rec {
|
|||
name = "installer"; # Installer iso
|
||||
system = "x86_64-linux";
|
||||
}
|
||||
{
|
||||
name = "netboot"; # Installer netboot
|
||||
system = "x86_64-linux";
|
||||
}
|
||||
{
|
||||
name = "instance-20221213-1915"; # Oracle server
|
||||
system = "aarch64-linux";
|
||||
|
|
|
@ -1,252 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
utils,
|
||||
...
|
||||
}:
|
||||
# TODO:
|
||||
#
|
||||
# asserts
|
||||
# ensure that the nl80211 module is loaded/compiled in the kernel
|
||||
# wpa_supplicant and hostapd on the same wireless interface doesn't make any sense
|
||||
with lib; let
|
||||
cfg = config.services.hostapd;
|
||||
|
||||
escapedInterface = utils.escapeSystemdPath cfg.interface;
|
||||
|
||||
configFile = pkgs.writeText "hostapd.conf" ''
|
||||
interface=${cfg.interface}
|
||||
driver=${cfg.driver}
|
||||
ssid=${cfg.ssid}
|
||||
hw_mode=${cfg.hwMode}
|
||||
channel=${toString cfg.channel}
|
||||
${optionalString (cfg.countryCode != null) "country_code=${cfg.countryCode}"}
|
||||
${optionalString (cfg.countryCode != null) "ieee80211d=1"}
|
||||
|
||||
# logging (debug level)
|
||||
logger_syslog=-1
|
||||
logger_syslog_level=${toString cfg.logLevel}
|
||||
logger_stdout=-1
|
||||
logger_stdout_level=${toString cfg.logLevel}
|
||||
|
||||
ctrl_interface=/run/hostapd
|
||||
ctrl_interface_group=${cfg.group}
|
||||
|
||||
${optionalString cfg.wpa ''
|
||||
wpa=2
|
||||
wpa_passphrase=${
|
||||
if cfg.wpaPassphrase != null
|
||||
then cfg.wpaPassphrase
|
||||
else "#WPA_PASSPHRASE#"
|
||||
}
|
||||
''}
|
||||
${optionalString cfg.noScan "noscan=1"}
|
||||
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
in {
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
services.hostapd = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Enable putting a wireless interface into infrastructure mode,
|
||||
allowing other wireless devices to associate with the wireless
|
||||
interface and do wireless networking. A simple access point will
|
||||
<option>enable hostapd.wpa</option>,
|
||||
<option>hostapd.wpaPassphrase</option>, and
|
||||
<option>hostapd.ssid</option>, as well as DHCP on the wireless
|
||||
interface to provide IP addresses to the associated stations, and
|
||||
NAT (from the wireless interface to an upstream interface).
|
||||
'';
|
||||
};
|
||||
|
||||
interface = mkOption {
|
||||
default = "";
|
||||
example = "wlp2s0";
|
||||
type = types.str;
|
||||
description = ''
|
||||
The interfaces <command>hostapd</command> will use.
|
||||
'';
|
||||
};
|
||||
|
||||
noScan = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Do not scan for overlapping BSSs in HT40+/- mode.
|
||||
Caution: turning this on will violate regulatory requirements!
|
||||
'';
|
||||
};
|
||||
|
||||
driver = mkOption {
|
||||
default = "nl80211";
|
||||
example = "hostapd";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Which driver <command>hostapd</command> will use.
|
||||
Most applications will probably use the default.
|
||||
'';
|
||||
};
|
||||
|
||||
ssid = mkOption {
|
||||
default = "nixos";
|
||||
example = "mySpecialSSID";
|
||||
type = types.str;
|
||||
description = "SSID to be used in IEEE 802.11 management frames.";
|
||||
};
|
||||
|
||||
hwMode = mkOption {
|
||||
default = "g";
|
||||
type = types.enum ["a" "b" "g"];
|
||||
description = ''
|
||||
Operation mode.
|
||||
(a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g).
|
||||
'';
|
||||
};
|
||||
|
||||
channel = mkOption {
|
||||
default = 7;
|
||||
example = 11;
|
||||
type = types.int;
|
||||
description = ''
|
||||
Channel number (IEEE 802.11)
|
||||
Please note that some drivers do not use this value from
|
||||
<command>hostapd</command> and the channel will need to be configured
|
||||
separately with <command>iwconfig</command>.
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
default = "wheel";
|
||||
example = "network";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Members of this group can control <command>hostapd</command>.
|
||||
'';
|
||||
};
|
||||
|
||||
wpa = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Enable WPA (IEEE 802.11i/D3.0) to authenticate with the access point.
|
||||
'';
|
||||
};
|
||||
|
||||
wpaPassphrase = mkOption {
|
||||
default = null;
|
||||
example = "any_64_char_string";
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
WPA-PSK (pre-shared-key) passphrase. Clients will need this
|
||||
passphrase to associate with this access point.
|
||||
Warning: This passphrase will get put into a world-readable file in
|
||||
the Nix store!
|
||||
'';
|
||||
};
|
||||
|
||||
wpaPassphraseFile = mkOption {
|
||||
default = null;
|
||||
example = "/run/secrets/wpa_passphrase";
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
File containing WPA-PSK passphrase. Clients will need this
|
||||
passphrase to associate with this access point.
|
||||
'';
|
||||
};
|
||||
|
||||
logLevel = mkOption {
|
||||
default = 2;
|
||||
type = types.int;
|
||||
description = ''
|
||||
Levels (minimum value for logged events):
|
||||
0 = verbose debugging
|
||||
1 = debugging
|
||||
2 = informational messages
|
||||
3 = notification
|
||||
4 = warning
|
||||
'';
|
||||
};
|
||||
|
||||
countryCode = mkOption {
|
||||
default = null;
|
||||
example = "US";
|
||||
type = with types; nullOr str;
|
||||
description = ''
|
||||
Country code (ISO/IEC 3166-1). Used to set regulatory domain.
|
||||
Set as needed to indicate country in which device is operating.
|
||||
This can limit available channels and transmit power.
|
||||
These two octets are used as the first two octets of the Country String
|
||||
(dot11CountryString).
|
||||
If set this enables IEEE 802.11d. This advertises the countryCode and
|
||||
the set of allowed channels and transmit power levels based on the
|
||||
regulatory limits.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
default = "";
|
||||
example = ''
|
||||
auth_algo=0
|
||||
ieee80211n=1
|
||||
ht_capab=[HT40-][SHORT-GI-40][DSSS_CCK-40]
|
||||
'';
|
||||
type = types.lines;
|
||||
description = "Extra configuration options to put in hostapd.conf.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
disabledModules = ["services/networking/hostapd.nix"];
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.wpa != null -> (cfg.wpaPassphrase != null || cfg.wpaPassphraseFile != null);
|
||||
message = "Either wpaPassphrase or wpaPassphraseFile must be set if wpa is enabled.";
|
||||
}
|
||||
{
|
||||
assertion = cfg.wpaPassphraseFile != null -> cfg.wpaPassphrase == null;
|
||||
message = "You cannot provide a wpaPassphrase and a wpaPassphraseFile!";
|
||||
}
|
||||
];
|
||||
|
||||
environment.systemPackages = [pkgs.hostapd];
|
||||
|
||||
services.udev.packages = optionals (cfg.countryCode != null) [pkgs.crda];
|
||||
|
||||
systemd.services.hostapd = {
|
||||
description = "hostapd wireless AP";
|
||||
|
||||
path = [pkgs.hostapd];
|
||||
after = ["sys-subsystem-net-devices-${escapedInterface}.device"];
|
||||
bindsTo = ["sys-subsystem-net-devices-${escapedInterface}.device"];
|
||||
requiredBy = ["network-link-${cfg.interface}.service"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
|
||||
preStart = mkIf (cfg.wpaPassphraseFile != null) ''
|
||||
PASSPHRASE=$(cat ${cfg.wpaPassphraseFile})
|
||||
sed "s|#WPA_PASSPHRASE#|$PASSPHRASE|g" ${configFile} > /run/hostapd/hostapd.conf
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.hostapd}/bin/hostapd ${
|
||||
if cfg.wpaPassphraseFile != null
|
||||
then "/run/hostapd/hostapd.conf"
|
||||
else configFile
|
||||
}";
|
||||
Restart = "always";
|
||||
};
|
||||
};
|
||||
systemd.tmpfiles.rules = mkIf (cfg.wpaPassphraseFile != null) [
|
||||
"d '/run/hostapd' 0700 root root - -"
|
||||
];
|
||||
};
|
||||
}
|
|
@ -9,7 +9,6 @@ services:
|
|||
gitea_token: ENC[AES256_GCM,data:v0Ej8841I1F/dK5ZplRzZlvngpueMQKspM5USzX9VkOEmpCs2NA3+Q==,iv:fZisAuyqk7ATFx6qHYkScUeS8SsikjiPzVovZjGnUYM=,tag:7+O+Sn7unPDy88a6T70Jmg==,type:str]
|
||||
github_token: ENC[AES256_GCM,data:AWMeX+P8YHGpSuH+5KqvE9zNxkEPKGvdRaQjNysO4/XE4csGjCvmjA==,iv:MCRtws/SM7lWS2/2pp5tbeX7+I5h4LVd9bJp//ln9hs=,tag:LMEGWFAaOqH0fqfNgc87AQ==,type:str]
|
||||
aws_credentials: ENC[AES256_GCM,data:TqfAEFfDEIicrI/qNEpHYI/cXw5OZ4z31eq05WTIQWxuyD01UfduuJeHlPNuzp7+cGVSExBUccNvVpwz7ivESoMLqiP459GfXert/SZi56fMZdOsfFxbl5x/ks71bamj5/qIXxQW0hqSOG8TwQNIMNQgAcA=,iv:HDXc7F+3WXnIfRL8rYxMnQPlfNLMYJAjKKjWVzIhNQ0=,tag:u+D+/YY+60TAEmhHMGoUwg==,type:str]
|
||||
hostapd: ENC[AES256_GCM,data:KCOOPShBt6gs8TK0Ns6Kzw==,iv:haG+7w893r9w9XySav8n2MWIAOi8eehy61rQudpdjGU=,tag:yupv4fTLiOgTU7SKoAR3og==,type:str]
|
||||
rspamd:
|
||||
dkim:
|
||||
darkkirb.de: ENC[AES256_GCM,data:BWh1VbxBjMKMLPsFHrLIHWZGyzy8bJGYC22f1FXPWxy4WD23tfXuFMiM5TOjSgd7/7nImpndtYMXqKwyoAePGtGhpk6xogH9ObeuVisOvI8HnDZS2uuSxqWA9qA3fmP867DCDl4h3eeclpUburidCDuS4ZriA467fbvbLynX5EqntnWmrWZdTnnXs7WTAL+4ePj6optoL33BgLOvh7PREyLfzgaoBrMhJdW4mBp6XNfIbuY9JH5sUXKV4rNHDBZNoBi6UJXK69futQ+Q6Dj95OKE7l8iY/HfpF7nt1Lb9Prr1wyCQdfEd233NfUgfz6EomuKbhu3bUKau3wwIxF0qAnU+gW1BxMPzDOAS9Pm8XByJ4R9H6gHuTyleCDyq2t1TfJe7FtbIE3I9HsvrpqHGt1NETtwXrdK508PI3WrLGJusCND8KpRA0G4NMazQNPrvrFlQcQcTRe7QmZv3SLNqB4OemWSlS4uDwDYyxeaMnaKqgrwX3emRlIrrKk/eEGyCFG+FtBqsLlAiGHNE44kfjQQCrqNLFgYPWeTzgnpO0uwscYmCik6xFlpxn/0EEUtFnfOcRq3rCt9NNMX4zpJk+lFTu21LG42whDvxw4EpskLWYtdfHwob2o3IbrzuL1R7WknKMvn02asVLmn5YlOgX4dJA6J9eT17Omeq08VUnAxuOEDOZENNKMIxzoEoX90ZkjpHYqyCwJ/1ITZ1WXAaFnp8ow+wySVOYFCnw5x16A6GpDzz1rDZnXr4DY39W/yXabD9M4EAdRZHuJPEbnww5XR3n5NgYxvA9sQsKsgu4j0erJWda31Jwko6YXvJ6jMG8iySMzaD9UHZhtp3+E0kTgMzJB5gVCXuG90AUWQ4+ODK/9yO0aswi6pTakQr/y3k/XbKi85Ndt7YqhOYJZxuZdnWa519Q1Bsnyr64bbfQrRjCWeDl150G18/u5FES9dSgB0nHxIdvu8M/Xhgk0dCiQiGNWNF6XFfFFgTBu0uw8x5fIGgMrV2pp6OKUmz7Ty/UGH30c8BCTECAsafWi4WCAfpxOu5PXC9oi8QOjJegW/tetGK9S2G8+jFQvvONdQImB6IC0zzaW7BKipa3IVdc4KYtZ9NxxNKp6X2GcXEF2l6spmcZOtSeDNgKXHQE7b9wViGSdjj5KQK5RuMsxO4BAeGuLB+3jGNGiK3RijhjAIEvlSOIVoipf1lu+9QYa4wBmCOQ==,iv:uvRzwnbFMKT6EKGBfxst7CCD+uu0n/pYrjEtcHF2TIA=,tag:v4sWaO5ek6su907Z/RRPtw==,type:str]
|
||||
|
@ -45,8 +44,8 @@ sops:
|
|||
WnV3QWxtalIzWFdoQmpDTmJsNGdNOW8K++rFGXy0G6Gcu2gQwSP6xfXInQ/y5nh5
|
||||
2oGp8sfOLFWnNI4SWL0ChP47K3C/9ysUHwQnUYPbRafZ/4X6cN40ZQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-11-03T13:33:44Z"
|
||||
mac: ENC[AES256_GCM,data:CUi7/JEP6LerZ1SKYt4nEJQNbLs6iLK4U758qFXCpLkHBX2DA7wpu2HQ98SXkfQYHNOmoH/2LhCd+Am+UixnzmTZPXol7zntO3zSrjLQh208Cpp7lYO+sDFLOJqijjth1n6c4dri5yaXJwHLQn/iLZR0Ktespl38RotWnaQ597A=,iv:K6nhBEpagZSrTVfFiS1iGC/K691yxrdFP/sqoMZvWO0=,tag:7N10AC167RoG2qKUH11g5g==,type:str]
|
||||
lastmodified: "2023-11-21T12:39:29Z"
|
||||
mac: ENC[AES256_GCM,data:MP5inznWToSedLyM6/SAT6apYow+JIz9qPSzKAXFn6XFjuqq/3f89twE+5cGSI8eH+syj8olhgrgw3/aCi6HYkZMIOXDQBM4ieDEI61LSAmYTX+c32CQzZHzR3Pi5PTFAxPvsG6knO9P7T81J9zQ2iP2TNWOAputAd4KLyY5Ob4=,iv:HY8cJBbpfr8YlQ2pbnQpVE2oAicyVsehtKZ8ExgQQEA=,tag:TLkoPPS73aFbYHJ4TPeMeg==,type:str]
|
||||
pgp:
|
||||
- created_at: "2022-04-24T10:34:20Z"
|
||||
enc: |
|
||||
|
|
Loading…
Reference in a new issue