From e5f31469ee01e8fc6ab40d62c0a58210200113fb Mon Sep 17 00:00:00 2001 From: Ryan Lahfa Date: Sun, 8 Dec 2024 23:18:08 +0100 Subject: [PATCH] feat(machines/ap01): add default VLAN and admin VLAN Put DHCPv4 on the default VLAN now. Signed-off-by: Ryan Lahfa --- machines/liminix/ap01/addresses.nix | 10 +++-- machines/liminix/ap01/dns.nix | 5 ++- machines/liminix/ap01/lan.nix | 62 +++++++++++++++-------------- npins/sources.json | 4 +- 4 files changed, 44 insertions(+), 37 deletions(-) diff --git a/machines/liminix/ap01/addresses.nix b/machines/liminix/ap01/addresses.nix index b3d0840..932a805 100644 --- a/machines/liminix/ap01/addresses.nix +++ b/machines/liminix/ap01/addresses.nix @@ -3,16 +3,18 @@ let svc = config.system.service; in { - services.dhcpv4 = svc.network.dhcp.client.build { + services.init-dhcpv4 = svc.network.dhcp.client.build { interface = config.services.int; dependencies = [ config.services.bridge.components.lan ]; }; - services.defaultroute4 = svc.network.route.build { - via = "$(output ${config.services.dhcpv4} router)"; + services.init-defaultroute4 = svc.network.route.build { + via = "$(output ${config.services.init-dhcpv4} router)"; target = "default"; - dependencies = [ config.services.dhcpv4 ]; + dependencies = [ config.services.init-dhcpv4 ]; }; + + # TODO: ensure SLAAC for admin-vlan. } diff --git a/machines/liminix/ap01/dns.nix b/machines/liminix/ap01/dns.nix index d8346f8..0cbe3f6 100644 --- a/machines/liminix/ap01/dns.nix +++ b/machines/liminix/ap01/dns.nix @@ -8,17 +8,18 @@ in # TODO: support dynamic reconfiguration once we are in the target VLAN? services.resolvconf = oneshot rec { name = "resolvconf"; + # TODO: imho, DNS should be static and provided by the router? up = '' . ${serviceFns} ( in_outputs ${name} - for i in $(output ${config.services.dhcpv4} dns); do + for i in $(output ${config.services.init-dhcpv4} dns); do echo "nameserver $i" >> resolv.conf done ) ''; dependencies = [ - config.services.dhcpv4 + config.services.init-dhcpv4 ]; }; diff --git a/machines/liminix/ap01/lan.nix b/machines/liminix/ap01/lan.nix index 4916706..f8b0051 100644 --- a/machines/liminix/ap01/lan.nix +++ b/machines/liminix/ap01/lan.nix @@ -3,37 +3,41 @@ let svc = config.system.service; in { - services.int = svc.bridge.primary.build { - ifname = "int"; - macAddressFromInterface = config.hardware.networkInterfaces.lan; - }; + # Our bridging is a bit complicated, therefore, we need iproute2. + programs.iproute2.enable = true; - services.bridge = svc.bridge.members.build { - primary = config.services.int; - members = { - lan.member = config.hardware.networkInterfaces.lan; - wlan0 = { - member = config.hardware.networkInterfaces.wlan0; - # Bridge only once hostapd is ready. - dependencies = [ config.services.hostap-1-ready ]; - }; - wlan1 = { - member = config.hardware.networkInterfaces.wlan1; - # Bridge only once hostapd is ready. - dependencies = [ config.services.hostap-2-ready ]; + services = { + int = svc.bridge.primary.build { + ifname = "int"; + macAddressFromInterface = config.hardware.networkInterfaces.lan; + untagged = { + enable = true; + pvid = 1; + default-pvid = 1; }; }; + + bridge = svc.bridge.members.build { + primary = config.services.int; + members = { + lan.member = config.hardware.networkInterfaces.lan; + wlan0 = { + member = config.hardware.networkInterfaces.wlan0; + # Bridge only once hostapd is ready. + dependencies = [ config.services.hostap-1-ready ]; + }; + wlan1 = { + member = config.hardware.networkInterfaces.wlan1; + # Bridge only once hostapd is ready. + dependencies = [ config.services.hostap-2-ready ]; + }; + }; + }; + + admin-vlan = svc.vlan.build { + ifname = "admin"; + primary = config.services.int; + vid = "3001"; + }; }; - - # Default VLAN - # services.vlan-apro = svc.vlan.build { - # vlanId = 0; - # interface = config.services.int; - # }; - - # # Administration VLAN - # services.vlan-admin = svc.vlan.build { - # vlan = 3001; - # interface = config.services.int; - # }; } diff --git a/npins/sources.json b/npins/sources.json index d376076..a9adcb1 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -131,9 +131,9 @@ "url": "https://git.dgnum.eu/DGNum/liminix" }, "branch": "main", - "revision": "473d6acc3de70bd6dbbb4a77af54f508f25c3c9c", + "revision": "1322de1ee0cdb19fead79e12ab279ee0b575019a", "url": null, - "hash": "00slsh0yqd8n8jcx3sbxgcmw1z28bnszy87pfs0ynfkl3bldzs3d" + "hash": "07nk6nik97k8a57cf17dcj3gn2lbhw1myymrxpqc2aqa3haj754k" }, "linkal": { "type": "Git",