WIP: ap v02 #592

mdebray · 2025-08-18T23:13:43+02:00

mdebray commented

2025-08-18 23:13:43 +02:00

No description provided.

mdebray added 27 commits

2025-08-18 23:13:44 +02:00

feat(machines/ap01): add default VLAN and admin VLAN d938ee049e

Put DHCPv4 on the default VLAN now.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>

feat(machines/ap01/recovery): fix levitation dependencies 4beacc7776

We should use the right DHCPv4.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>

feat(machines/ap01/recovery): pass the parent hostname with live indicator 002555e8df

This makes the experience nicer.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>

feat(scripts/liminix): make it easy to extract the firmware part of the Zyxel NWA FIT image 06b1046dd2

This is useful when reflashing the system from scratch in the levitation
mode.

Note that doing this will reset the UBI counter to zero, this is bad for
wear leveling.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>

feat(scripts/liminix): add a basic liminix rebuild 43d0b1fadb

This script requires manual efforts on the operator end not to fuck up
too hard.

This adds min-copy-closure and min-garbage-collect to the development
shell.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>

chore(machines/ap01/recovery): better scope for pkgs and add zyxel-bootconfig to levitation 0d377bdeae

This is useful to reconfigure A/B in memory.

Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>

fix(LICENSE): Add license information 262211dd80

feat(ap01/networking): Enable dynamic vlans and drop useless bridge 37bfe92c2c

feat(ap01/ssid): Same SSID everywhere ebf4ea1859

fix(ap01/radius-secret): Use environment variable for radius secret 859396a224

This is a hack, please fix it in the next iteration of the project

feat: Add TODO before release f47418bdb5

fix(ap01/levitate): Add iproute to levitated system else we don't have the network 68ca99bd4c

feat(ap01/lavitate): Add admin vlan dhcp in levitation 370a421a8b

Else we would need to change the switch config when rebuilding the AP

feat(scripts): Add zyxel exploit script 66db0f18b9

feat(ap01): WIP ec2420494c

feat(ap-v01): Use static address for admin vlan f82c53d0e5

refactor(liminix): Refactor liminix meta nodes e222990986

feat(ap): Separate 2.4G and 5G SSIDs and set correct channels f95f25b5cd

feat(liminix): Add script for mass AP rebuilds 161ad96114

feat(hive): Add more personalisation for liminix hosts 2ac37fdfb3

feat(ap): init ap-dev 4a72bb36e4

fix(REBASE): Make it build f65de3ab6e

TODO: rewrite history to include these changes at the right place

feat: prometheus exporter 48d72a4d13

fix: maurice home is different 3dfcfcf4d6

feat(led): try some stuff 3a596299da

fix(ap-dev): Make dns and ntp work 0293ab10c2

fix(liminix/hostapd): More verbose logging

Run pre-commit on all files / pre-commit (push) Successful in 24s

Details

c5c8ec9879

ecoppens commented

2025-08-18 23:16:33 +02:00

Faudrait essayer de le rendre mergeable à terme pour éviter d'avoir "2 branches main".

ecoppens reviewed

2025-08-18 23:31:24 +02:00

machines/liminix/ap-v01/exporter.nix Outdated

					
				@ -0,0 +8,4 @@

				in

				{

				  services.prom-exporter = svc.openwrt-prometheus-exporter.build {

				    httpPorts = [ "192.168.1.148:8888" ];

ecoppens commented

2025-08-18 23:21:51 +02:00

L'IP est bonne?

mdebray commented

2025-08-18 23:42:47 +02:00

ça n'a pas l'air hehe

mdebray marked this conversation as resolved

machines/liminix/ap-v01/lan.nix

					
				@ -0,0 +8,4 @@

				in

				{

				  # Our bridging is a bit complicated, therefore, we need iproute2.

				  programs.iproute2.enable = true;

ecoppens commented

2025-08-18 23:22:38 +02:00

déjà défini autre part

mdebray marked this conversation as resolved

machines/liminix/ap-v01/management.nix

					
				@ -0,0 +11,4 @@

				  dgn-access-control.enable = true;

				  users.root = {

				    # TODO: Change this well-known password

				    passwd = "$6$Z2MiaMXkpUJRPl2/$fxVE3iD/n208CISM2F6OnWj0Qq0QG2tTQqLCjU80PFJJGIwNLLyOp6SeYH3dH20OvJX1loZRETrThZfIPw.rb/";

ecoppens commented

2025-08-18 23:23:15 +02:00

On a besoin du mot de passe si tout le monde a accès avec clés SSH?

mdebray commented

2025-08-18 23:55:15 +02:00

Oui ok mais ducoup ça veut dire qu'on pourra plus se ssh depuis les vault

ecoppens commented

2025-08-19 10:32:29 +02:00

En proxy jumpant? mais au pire laisse

mdebray commented

2025-08-19 10:33:50 +02:00

Je vais mettre un mdp un peu plus sûr et on pourra le copier coller

👍 1

mdebray marked this conversation as resolved

ecoppens reviewed

2025-08-18 23:34:57 +02:00

machines/liminix/ap-v01/wlan.nix Outdated

					
				@ -0,0 +20,4 @@

				  hex = x: lib.fixedWidthString 2 "0" (lib.toHexString x);

				  mac-1 = "02:5B:6A:00:00:${hex apIndex}";

ecoppens commented

2025-08-18 23:34:57 +02:00

On a bien moins que 256 APs?

mdebray commented

2025-08-18 23:42:02 +02:00

oui, 102 ou un truc comme ça

mdebray marked this conversation as resolved

mdebray force-pushed mdebray/ap-dev from 91d0e9dbaf to 079298aa6e

2025-08-18 23:46:35 +02:00

Compare

mdebray added 1 commit

2025-08-19 10:45:26 +02:00

chore(ap-v02): Rotate password

Check meta / check_dns (pull_request) Successful in 19s

Details

Build all the nodes / ap01 (pull_request) Failing after 21s

Details

Check workflows / check_workflows (pull_request) Failing after 24s

Details

Build all the nodes / Jaccess01 (pull_request) Successful in 24s

Details

Build all the nodes / Jaccess04 (pull_request) Successful in 26s

Details

Run pre-commit on all files / pre-commit (push) Successful in 31s

Details

Run pre-commit on all files / pre-commit (pull_request) Successful in 34s

Details

Build all the nodes / bridge01 (pull_request) Successful in 45s

Details

Build all the nodes / build01 (pull_request) Successful in 52s

Details

Build all the nodes / cof02 (pull_request) Successful in 49s

Details

Build all the nodes / hypervisor01 (pull_request) Successful in 47s

Details

Build all the nodes / geo01 (pull_request) Successful in 56s

Details

Build all the nodes / geo02 (pull_request) Successful in 58s

Details

Build all the nodes / hypervisor03 (pull_request) Successful in 53s

Details

Build all the nodes / compute01 (pull_request) Successful in 1m8s

Details

Build all the nodes / hypervisor02 (pull_request) Successful in 59s

Details

Build all the nodes / netcore01 (pull_request) Successful in 21s

Details

Build all the nodes / netcore02 (pull_request) Successful in 21s

Details

Build all the nodes / iso (pull_request) Successful in 54s

Details

Build all the nodes / lab-router01 (pull_request) Successful in 44s

Details

Build all the nodes / krz01 (pull_request) Successful in 1m9s

Details

Build all the nodes / storage01 (pull_request) Successful in 50s

Details

Build all the nodes / tower01 (pull_request) Successful in 52s

Details

Build all the nodes / vault01 (pull_request) Successful in 56s

Details

Build all the nodes / rescue01 (pull_request) Successful in 1m2s

Details

Build all the nodes / web02 (pull_request) Successful in 45s

Details

Build all the nodes / web01 (pull_request) Successful in 1m5s

Details

Build the shell / build-shell (pull_request) Successful in 26s

Details

Build all the nodes / web03 (pull_request) Successful in 52s

Details

Build all the nodes / zulip01 (pull_request) Successful in 42s

Details

ca9b2c208c

mdebray commented

2025-08-19 10:48:21 +02:00

@ecoppens wrote in #592 (comment):

Faudrait essayer de le rendre mergeable à terme pour éviter d'avoir "2 branches main".

Ouais, j'ai déjà rebase là mais il y a pas mal de taf. En particulier je pense il faut arriver à upgrade nixpkgs et proprifier tous les hacks qu'on a ici et là (vraiment il y en a plein). C'est out of scope pour le déploiement là (en tout cas je le ferai pas)

@ecoppens wrote in https://git.dgnum.eu/DGNum/infrastructure/pulls/592#issuecomment-17269: > Faudrait essayer de le rendre mergeable à terme pour éviter d'avoir "2 branches main". Ouais, j'ai déjà rebase là mais il y a pas mal de taf. En particulier je pense il faut arriver à upgrade nixpkgs et proprifier tous les hacks qu'on a ici et là (vraiment il y en a plein). C'est out of scope pour le déploiement là (en tout cas je le ferai pas)

ecoppens requested changes

2025-08-22 19:05:57 +02:00

machines/liminix/ap-v01/wlan.nix Outdated

					
				@ -0,0 +122,4 @@

				        baseParams // clientRadius // externalRadius // radiusKeyMgmt

				      ) config.hardware.networkInterfaces.wlan0 secrets-1

				    );

				    hostap-1-ready = lib.mkIf (!is5GOnly) svc.hostapd-ready.build {

ecoppens commented

2025-08-22 19:05:51 +02:00

Erreur: il y a 3 arguments à mkIf

ecoppens marked this conversation as resolved

ecoppens requested changes

2025-08-22 22:09:44 +02:00

meta/nodes/liminix.nix Outdated

					
				@ -21,0 +157,4 @@

				          ap-range = mkRange 0 3;

				        }

				        # Tour B

				        // (mkDualAp "AP-MB705" self."AP-MB716".channelIndex)

ecoppens commented

2025-08-22 22:09:42 +02:00

Il manque un tiret.

ecoppens commented

2025-08-22 22:11:08 +02:00

et MB716 n'existe pas

ecoppens marked this conversation as resolved

ecoppens added 2 commits

2025-08-23 13:23:39 +02:00

fix(ap-v01): fix syntax and naming of APs ff27b49d6d

feat(ap-v01): add Jourdan APs

Build all the nodes / ap01 (pull_request) Failing after 18s

Details

Check meta / check_dns (pull_request) Successful in 19s

Details

Check workflows / check_workflows (pull_request) Failing after 21s

Details

Build all the nodes / Jaccess01 (pull_request) Successful in 21s

Details

Run pre-commit on all files / pre-commit (push) Successful in 26s

Details

Build all the nodes / Jaccess04 (pull_request) Successful in 26s

Details

Run pre-commit on all files / pre-commit (pull_request) Successful in 32s

Details

Build all the nodes / netcore01 (pull_request) Successful in 23s

Details

Build all the nodes / netcore02 (pull_request) Successful in 25s

Details

Build all the nodes / geo01 (pull_request) Successful in 52s

Details

Build all the nodes / build01 (pull_request) Successful in 54s

Details

Build all the nodes / geo02 (pull_request) Successful in 55s

Details

Build all the nodes / hypervisor01 (pull_request) Successful in 55s

Details

Build all the nodes / cof02 (pull_request) Successful in 57s

Details

Build all the nodes / bridge01 (pull_request) Successful in 58s

Details

Build all the nodes / compute01 (pull_request) Successful in 1m11s

Details

Build all the nodes / hypervisor02 (pull_request) Successful in 58s

Details

Build all the nodes / hypervisor03 (pull_request) Successful in 57s

Details

Build all the nodes / lab-router01 (pull_request) Successful in 53s

Details

Build all the nodes / iso (pull_request) Successful in 57s

Details

Build all the nodes / krz01 (pull_request) Successful in 1m15s

Details

Build the shell / build-shell (pull_request) Successful in 25s

Details

Build all the nodes / tower01 (pull_request) Successful in 45s

Details

Build all the nodes / storage01 (pull_request) Successful in 52s

Details

Build all the nodes / rescue01 (pull_request) Successful in 1m4s

Details

Build all the nodes / web02 (pull_request) Successful in 56s

Details

Build all the nodes / zulip01 (pull_request) Successful in 1m2s

Details

Build all the nodes / vault01 (pull_request) Successful in 1m5s

Details

Build all the nodes / web03 (pull_request) Successful in 1m4s

Details

Build all the nodes / web01 (pull_request) Successful in 1m8s

Details

a72aa89e5c

ecoppens reviewed

2025-08-23 17:27:19 +02:00

meta/nodes/liminix.nix Outdated

					
				@ -21,0 +191,4 @@

				        # Jourdan

				        #

				        # Hypnos-1

				        // alignedFloors {

ecoppens commented

2025-08-23 17:27:19 +02:00

il faut bien set les channel index pour hypnos (cc @mdebray)

ecoppens marked this conversation as resolved

ecoppens force-pushed mdebray/ap-dev from a72aa89e5c to cb424b4071

2025-08-27 22:43:49 +02:00

Compare

ecoppens added 1 commit

2025-08-27 22:46:00 +02:00

fix(ap): set correct ip for radius

Check meta / check_dns (pull_request) Successful in 18s

Details

Check workflows / check_workflows (pull_request) Failing after 20s

Details

Build all the nodes / ap01 (pull_request) Failing after 20s

Details

Build all the nodes / Jaccess01 (pull_request) Successful in 22s

Details

Build all the nodes / Jaccess04 (pull_request) Successful in 26s

Details

Run pre-commit on all files / pre-commit (push) Successful in 30s

Details

Run pre-commit on all files / pre-commit (pull_request) Successful in 32s

Details

Build all the nodes / netcore01 (pull_request) Successful in 24s

Details

Build all the nodes / netcore02 (pull_request) Successful in 25s

Details

Build all the nodes / bridge01 (pull_request) Successful in 57s

Details

Build all the nodes / geo01 (pull_request) Successful in 58s

Details

Build all the nodes / hypervisor03 (pull_request) Successful in 1m3s

Details

Build all the nodes / hypervisor02 (pull_request) Successful in 1m3s

Details

Build all the nodes / geo02 (pull_request) Successful in 1m8s

Details

Build all the nodes / hypervisor01 (pull_request) Successful in 1m9s

Details

Build all the nodes / cof02 (pull_request) Successful in 1m10s

Details

Build all the nodes / build01 (pull_request) Successful in 1m11s

Details

Build all the nodes / iso (pull_request) Successful in 1m13s

Details

Build all the nodes / compute01 (pull_request) Successful in 1m18s

Details

Build all the nodes / lab-router01 (pull_request) Successful in 1m4s

Details

Build all the nodes / storage01 (pull_request) Successful in 59s

Details

Build all the nodes / rescue01 (pull_request) Successful in 1m5s

Details

Build all the nodes / tower01 (pull_request) Successful in 59s

Details

Build all the nodes / krz01 (pull_request) Successful in 1m15s

Details

Build the shell / build-shell (pull_request) Successful in 26s

Details

Build all the nodes / vault01 (pull_request) Successful in 58s

Details

Build all the nodes / web02 (pull_request) Successful in 46s

Details

Build all the nodes / web01 (pull_request) Successful in 1m7s

Details

Build all the nodes / zulip01 (pull_request) Successful in 49s

Details

Build all the nodes / web03 (pull_request) Successful in 56s

Details

474da87b06

ecoppens added 1 commit

2025-09-02 19:14:27 +02:00

feat(meta): add APs meta

Check meta / check_meta (pull_request) Failing after 16s

Details

Check workflows / check_workflows (pull_request) Failing after 17s

Details

Build all the nodes / ap01 (pull_request) Failing after 18s

Details

Build all the nodes / Jaccess01 (pull_request) Successful in 24s

Details

Build all the nodes / Jaccess04 (pull_request) Successful in 25s

Details

Run pre-commit on all files / pre-commit (push) Successful in 27s

Details

Run pre-commit on all files / pre-commit (pull_request) Successful in 33s

Details

Build all the nodes / netcore01 (pull_request) Successful in 24s

Details

Build all the nodes / netcore02 (pull_request) Successful in 22s

Details

Build all the nodes / bridge01 (pull_request) Successful in 58s

Details

Build all the nodes / build01 (pull_request) Successful in 1m1s

Details

Build all the nodes / cof02 (pull_request) Successful in 1m4s

Details

Build all the nodes / hypervisor01 (pull_request) Successful in 1m6s

Details

Build all the nodes / geo02 (pull_request) Successful in 1m6s

Details

Build all the nodes / geo01 (pull_request) Successful in 1m6s

Details

Build all the nodes / hypervisor02 (pull_request) Successful in 1m7s

Details

Build all the nodes / hypervisor03 (pull_request) Successful in 57s

Details

Build all the nodes / compute01 (pull_request) Successful in 1m16s

Details

Build all the nodes / iso (pull_request) Successful in 1m2s

Details

Build all the nodes / lab-router01 (pull_request) Successful in 59s

Details

Build all the nodes / krz01 (pull_request) Successful in 1m12s

Details

Build the shell / build-shell (pull_request) Successful in 23s

Details

Build all the nodes / storage01 (pull_request) Successful in 48s

Details

Build all the nodes / tower01 (pull_request) Successful in 45s

Details

Build all the nodes / rescue01 (pull_request) Successful in 57s

Details

Build all the nodes / web02 (pull_request) Successful in 53s

Details

Build all the nodes / vault01 (pull_request) Successful in 58s

Details

Build all the nodes / zulip01 (pull_request) Successful in 54s

Details

Build all the nodes / web03 (pull_request) Successful in 55s

Details

Build all the nodes / web01 (pull_request) Successful in 1m3s

Details

5c025f1b0b

ecoppens force-pushed mdebray/ap-dev from 5c025f1b0b to 766c1a0745

2025-09-02 19:21:28 +02:00

Compare

ecoppens commented

2025-09-08 11:30:57 +02:00

est-ce qu'on devrait pas nommer ap-prod au lieu d'un nommage par version (ap-v01)

ecoppens referenced this pull request

2025-09-08 13:18:50 +02:00

feat(ap-prod): init #621

ecoppens closed this pull request

2025-09-09 10:39:15 +02:00

dgnum-chores referenced this pull request from a commit

2025-09-17 08:00:18 +02:00

lon: update git-hooks

dgnum-chores referenced this pull request from a commit

2025-09-24 08:00:24 +02:00

lon: update git-hooks

dgnum-chores referenced this pull request from a commit

2025-10-01 08:00:25 +02:00

lon: update git-hooks

thubrecht referenced this pull request from a commit

2025-10-03 13:23:41 +02:00

lon: update git-hooks

Check meta / check_meta (pull_request) Successful in 17s

Required

Details

Check meta / check_dns (pull_request) Successful in 17s

Required

Details

Check workflows / check_workflows (pull_request) Failing after 18s

Required

Details

Build all the nodes / ap01 (pull_request) Failing after 19s

Required

Details

Build all the nodes / Jaccess01 (pull_request) Successful in 24s

Required

Details

Build all the nodes / Jaccess04 (pull_request) Successful in 25s

Required

Details

Run pre-commit on all files / pre-commit (push) Successful in 30s

Required

Details

Run pre-commit on all files / pre-commit (pull_request) Successful in 39s

Required

Details

Build all the nodes / netcore01 (pull_request) Successful in 25s

Required

Details

Build all the nodes / netcore02 (pull_request) Successful in 24s

Required

Details

Build all the nodes / bridge01 (pull_request) Successful in 50s

Required

Details

Build all the nodes / build01 (pull_request) Successful in 54s

Required

Details

Build all the nodes / lab-router01 (pull_request) Successful in 1m5s

Required

Details

Build all the nodes / hypervisor03 (pull_request) Successful in 1m7s

Required

Details

Build all the nodes / geo01 (pull_request) Successful in 1m7s

Required

Details

Build all the nodes / geo02 (pull_request) Successful in 1m7s

Required

Details

Build all the nodes / hypervisor02 (pull_request) Successful in 1m7s

Required

Details

Build all the nodes / cof02 (pull_request) Successful in 1m9s

Required

Details

Build all the nodes / hypervisor01 (pull_request) Successful in 1m13s

Required

Details

Build all the nodes / iso (pull_request) Successful in 1m15s

Required

Details

Build all the nodes / compute01 (pull_request) Successful in 1m23s

Required

Details

Build all the nodes / tower01 (pull_request) Successful in 1m2s

Required

Details

Build all the nodes / rescue01 (pull_request) Successful in 1m13s

Required

Details

Build all the nodes / storage01 (pull_request) Successful in 1m8s

Required

Details

Build all the nodes / vault01 (pull_request) Successful in 1m8s

Required

Details

Build the shell / build-shell (pull_request) Successful in 29s

Required

Details

Build all the nodes / krz01 (pull_request) Successful in 1m37s

Required

Details

Build all the nodes / web02 (pull_request) Successful in 58s

Required

Details

Build all the nodes / zulip01 (pull_request) Successful in 49s

Required

Details

Build all the nodes / web03 (pull_request) Successful in 55s

Required

Details

Build all the nodes / web01 (pull_request) Successful in 1m5s

Required

Details

Pull request closed

Please reopen this pull request to perform a merge.

Sign in to join this conversation.

No reviewers

No labels

No milestone

No project

No assignees

2 participants

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: DGNum/infrastructure#592

Rows
Columns