DGNum/liminix
14
0
Fork 2
Code Issues 15 Pull requests 7 Projects Releases Packages Wiki Activity Actions
1183 commits 9 branches 0 tags 1.5 MiB
Commit graph

75 commits

Author SHA1 Message Date
Daniel Barlow
1a314e55b7 firewall module: provide default rules and merge extraRules 
a firewall with no configuration will get a relatively sane ruleset. a
firewall with `extraRules` will get them deep merged into the default
rules.  Specifying `rules` will override the defaults
 2024-03-21 12:00:34 +00:00
Daniel Barlow
9263b21faa create gateway profile by extracting from rotuer example 2024-03-21 10:04:42 +00:00
Daniel Barlow
175db9f604 tail -F for rotuer 2024-02-16 18:30:24 +00:00
Daniel Barlow
57aece0709 rotuer: don't forward queries for local domain 2024-02-11 23:32:46 +00:00
Daniel Barlow
c1d285a220 rotuer: network debugging tools 2024-02-11 23:32:46 +00:00
Daniel Barlow
1206d02200 rotuer-secrets: remove root_password, add wifi ssid and domainName 
this is step one towards getting rid of rotuer-secrets completely and
turning rotuer into a "profile" module that can be less hackily
customised for other people's networks
 2024-02-11 15:56:14 +00:00
Daniel Barlow
7c196bf9b4 rotuer: make 5GHz wifi faster 
VHT doesn't work unless HT is enabled, apparently
 2024-02-11 15:38:19 +00:00
Daniel Barlow
92b0bec038 rotuer: add schnapps and the rest of the lan interfaces 2024-02-07 23:48:10 +00:00
Daniel Barlow
29e61be26c rotuer: get lan rfc1918 prefix from secrets 2024-02-07 23:46:16 +00:00
Daniel Barlow
c1101d3af5 make extlinux work with liminix-rebuild 
add /boot to the systemConfiguration closure
 2024-01-08 18:58:07 +00:00
Daniel Barlow
228c0a1668 pass rootOptions config as rootflags= kernel cmdline opt 2024-01-08 18:54:49 +00:00
Daniel Barlow
3c941b4ce2 partial btrfs support 
doesn't actually know how to make the filesystem, just
kernel config and accept it as a valid option
 2024-01-07 16:43:43 +00:00
Daniel Barlow
55fa9992d4 WIP 2023-12-13 21:54:15 +00:00
Daniel Barlow
5eeb277564 move output module imports example -> device 
The outputs available are a characteristic of the device, not
the example.
 2023-12-10 16:38:53 +00:00
Daniel Barlow
c81e7c4d35 move all output modules to subdirectory, trash standard.nix 
standard.nix isn't, is the essence here. Not all devices
support flashimage as it is currently defined - some
have diskimage, some have neither
 2023-12-10 15:23:12 +00:00
Daniel Barlow
a896c4e31c rename wlan services for devices with > 1 radio 
let's standardise on having 2.4GHz radio be "wlan", and
5GHz as "wlan5"
 2023-10-07 22:28:57 +01:00
Daniel Barlow
c59a228955 this is the dhcp6c service we want 2023-09-26 16:43:03 +01:00
Daniel Barlow
f7b30939b5 remove service-state when service exits 2023-09-13 22:49:00 +01:00
Daniel Barlow
91e957ced7 static leases for rotuer 2023-09-04 23:07:13 +01:00
Daniel Barlow
a24c2a23a0 whitespace 2023-09-04 22:06:15 +01:00
Daniel Barlow
9e52faa0b6 remove unused imports 2023-09-04 22:05:42 +01:00
Daniel Barlow
6805e0090d working down the TODOs 2023-09-01 17:57:22 +01:00
Daniel Barlow
7ad848cb77 add service to enable packet forwarding 
might be worth looking into adding RA config to this
 2023-09-01 17:34:47 +01:00
Daniel Barlow
3609d8d5ee implement route as module-based-service 2023-08-31 23:24:23 +01:00
Daniel Barlow
aecbe08f08 add o+x permission on service-state directories 
this is needed for resolvconf, which writes resolv.conf as
an output and wants to make it world-readable
 2023-08-28 22:02:28 +01:00
Daniel Barlow
ff2d3e1a63 TODO comments 2023-08-28 22:02:28 +01:00
Daniel Barlow
8688d47c65 rotuer: create resolv.conf 2023-08-28 22:02:28 +01:00
Daniel Barlow
e86daf9bbc default value for services.default 
as a default default target, start all the services
 2023-08-28 22:02:28 +01:00
Daniel Barlow
31f0213b6f convert network link/address to module-based-service 
... and make bridge use it.

We also had to convert bridge back into a pair of services.
Downstreams want to depend on the bridge it self being configured
even if not necessarily all the members are up. e.g. don't want
to break ssh on lan if there's a misconfigured wlan device
 2023-08-28 22:02:28 +01:00
Daniel Barlow
540a1dfd76 remove interface.device 
build-time uses can mostly be replaced with interface.name

for runtime uses, switch to $(output ${interface} name)
 2023-08-28 22:02:28 +01:00
Daniel Barlow
6f92f8fa8b merge bridge services into one 2023-08-16 23:29:53 +01:00
Daniel Barlow
3ea40f95dc convert pppoe to serviceDefn 2023-08-10 22:53:45 +01:00
Daniel Barlow
2942c465b9 add ssh module 2023-08-10 22:53:21 +01:00
Daniel Barlow
2414dd4b55 convert ntp to serviceDefn 2023-08-05 14:16:54 +01:00
Daniel Barlow
93e04bb834 convert bridge service to serviceDefn 2023-08-05 14:10:14 +01:00
Daniel Barlow
f82501d278 update hostapd to "build" syntax 2023-08-05 12:21:18 +01:00
Daniel Barlow
90c1d59aca convert firewall service to new serviceDefn 
this is a bit kludgey with dependencies, need to
come back and look at that
 2023-08-05 12:07:35 +01:00
Daniel Barlow
fbb2c04132 move module-based-service parameter types into service 
This is in preparation for writing something that extracts them
into documentation.

user configurations now call config.system.service.foo.build { ...params }
instead of config.system.service.foo

the parameter type definitions themselves now move into the
config stanza of the module referencing the service

new helper function  liminix.callService

The only service moved so far is dnsmasq
 2023-08-04 20:39:29 +01:00
Daniel Barlow
9994c161d4 DRY up wireless config 2023-07-22 23:37:01 +01:00
Daniel Barlow
bf1d9beec1 add first version of ntp module 2023-07-22 23:25:25 +01:00
Daniel Barlow
4396afa97b inline excessive lets 2023-07-20 12:05:36 +01:00
Daniel Barlow
9b70fd62f6 extract bridge to module-based services 2023-07-20 12:02:09 +01:00
Daniel Barlow
86e73317ee alias config.system.service 2023-07-20 11:28:45 +01:00
Daniel Barlow
648ea5613b use module-based-service for hostapd 2023-07-16 17:51:50 +01:00
Daniel Barlow
1117f98afc remove redundant let 2023-07-16 17:51:50 +01:00
Daniel Barlow
d7f3e05063 turn nftables firewall into a service-providing module 2023-07-16 17:51:50 +01:00
Daniel Barlow
669af24247 make a module for dnsmasq 2023-07-14 23:18:21 +01:00
Daniel Barlow
c13defc891 rename modules/ppp.nix -> modules/ppp/default.nix 2023-07-14 21:08:33 +01:00
Daniel Barlow
69e6eb5a89 accept attr args to pppoe service, and typecheck them 
We use (abuse, arguably) the nixos module system for typechecking.  Un
the plus side, it gives us documentation of the options and their
expected types. On the downside, the error message doesn't tell us
the file in which the error was encountered.

(This is subject to change, if I can find a better way)
 2023-07-14 16:53:36 +01:00
Daniel Barlow
9441f48819 new ppp module, used by rotuer 
The objective here is that services which depend on global config
(e.g. kernel config or busybox options or static paths in the
filesystem) now live under config.system.service, and are added
to that collection by the module that defines the necessary state.

This is a first step: the services will be configured by a typechecked
attr set instead of the arbitrary arguments that
pkgs.liminix.networking.pppoe accepts
 2023-07-13 19:44:14 +01:00