router: simplify the config for testing
We don't even boot so why are we doing complicated stuff
This commit is contained in:
parent
19439ea13a
commit
dcde00c428
1 changed files with 5 additions and 106 deletions
|
@ -12,7 +12,6 @@ let
|
|||
inherit (pkgs) serviceFns;
|
||||
# EDIT: you can pick your preferred RFC1918 address space
|
||||
# for NATted connections, if you don't like this one.
|
||||
ipv4LocalNet = "192.168.1";
|
||||
svc = config.system.service;
|
||||
|
||||
in rec {
|
||||
|
@ -27,56 +26,18 @@ in rec {
|
|||
hardware.flash.eraseBlockSize = 126976;
|
||||
|
||||
imports = [
|
||||
"${liminix}/modules/bridge"
|
||||
"${liminix}/modules/dhcp6c"
|
||||
"${liminix}/modules/dnsmasq"
|
||||
"${liminix}/modules/firewall"
|
||||
"${liminix}/modules/hostapd"
|
||||
"${liminix}/modules/network"
|
||||
"${liminix}/modules/ntp"
|
||||
"${liminix}/modules/ssh"
|
||||
"${liminix}/modules/vlan"
|
||||
"${liminix}/modules/wlan.nix"
|
||||
"${liminix}/modules/outputs/ubimage.nix"
|
||||
];
|
||||
rootfsType = "ubifs";
|
||||
hostname = "hackens-router"; # EDIT
|
||||
|
||||
services.hostap = svc.hostapd.build {
|
||||
interface = config.hardware.networkInterfaces.wlan;
|
||||
# EDIT: you will want to change the obvious things
|
||||
# here to values of your choice
|
||||
params = {
|
||||
ssid = "The_Game";
|
||||
channel = "1";
|
||||
country_code = "FR";
|
||||
wpa_passphrase = "putainmauricetueschiant";
|
||||
|
||||
hw_mode="g";
|
||||
ieee80211n = 1;
|
||||
auth_algs = 1; # 1=wpa2, 2=wep, 3=both
|
||||
wpa = 2; # 1=wpa, 2=wpa2, 3=both
|
||||
wpa_key_mgmt = "WPA-PSK";
|
||||
wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?)
|
||||
rsn_pairwise = "CCMP"; # auth for wpa2
|
||||
wmm_enabled = 1;
|
||||
};
|
||||
};
|
||||
|
||||
services.int = svc.network.address.build {
|
||||
interface = svc.bridge.primary.build { ifname = "int"; };
|
||||
family = "inet"; address = "${ipv4LocalNet}.1"; prefixLength = 16;
|
||||
};
|
||||
|
||||
services.bridge = svc.bridge.members.build {
|
||||
primary = services.int;
|
||||
members = with config.hardware.networkInterfaces;
|
||||
[ lan ];
|
||||
};
|
||||
|
||||
services.ntp = svc.ntp.build {
|
||||
pools = { "pool.ntp.org" = ["iburst"]; };
|
||||
makestep = { threshold = 1.0; limit = 3; };
|
||||
interface = config.hardware.networkInterfaces.wan;
|
||||
family = "inet";
|
||||
address = "10.0.0.8";
|
||||
prefixLength = 24;
|
||||
};
|
||||
|
||||
services.sshd = svc.ssh.build { };
|
||||
|
@ -85,68 +46,6 @@ in rec {
|
|||
# EDIT: choose a root password and then use
|
||||
# "mkpasswd -m sha512crypt" to determine the hash.
|
||||
# It should start wirh $6$.
|
||||
passwd = "$6$UnjSEEpbfVAtIs8H$6xLsdpdpc/XvmxiiUtbHLkItuG/jTJuGm9omOLVZnpXzDThyRb6jeGS6W0LqHfNjfeErRwsZQVsvucMG4Iyda1";
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiXXYkhRh+s7ixZ8rvG8ntIqd6FELQ9hh7HoaHQJRPU Thorkell"
|
||||
];
|
||||
passwd = "$6$9XlVymX951ai.c2C$SYtEF2Ykcud8VRuLRxfQRfuc9h7oJpVo.xDEv6fTWjBngMj3bPN9GbFMv3r.T.K2wIj1rTo9j1m58G.GTPKWo/";
|
||||
};
|
||||
|
||||
services.dns =
|
||||
let interface = services.int;
|
||||
in svc.dnsmasq.build {
|
||||
# resolvconf = services.resolvconf;
|
||||
inherit interface;
|
||||
ranges = [
|
||||
"${ipv4LocalNet}.10,${ipv4LocalNet}.249"
|
||||
# EDIT: ... maybe. In this example we use "ra-stateless",
|
||||
# meaning dnsmasq sends router advertisements with the O and A
|
||||
# bits set, and provides a stateless DHCP service. The client
|
||||
# will use a SLAAC address, and use DHCP for other
|
||||
# configuration information.
|
||||
# If you didn't understand the preceding sentence then
|
||||
# the default is _probably_ fine, but if you need
|
||||
# a DHCP-only IPv6 network or some other different
|
||||
# configuration, this is the place to change it.
|
||||
"::,constructor:$(output ${interface} ifname),ra-stateless"
|
||||
];
|
||||
# EDIT: choose a domain name for the DNS names issued for your
|
||||
# DHCP-issued hosts
|
||||
domain = "lan.hackens.org";
|
||||
};
|
||||
|
||||
#services.resolvconf = oneshot rec {
|
||||
# dependencies = [ services.wan ];
|
||||
# name = "resolvconf";
|
||||
# up = ''
|
||||
# . ${serviceFns}
|
||||
# ( in_outputs ${name}
|
||||
# echo "nameserver $(output ${services.wan} ns1)" > resolv.conf
|
||||
# echo "nameserver $(output ${services.wan} ns2)" >> resolv.conf
|
||||
# chmod 0444 resolv.conf
|
||||
# )
|
||||
# '';
|
||||
#};
|
||||
|
||||
#filesystem =
|
||||
# let inherit (pkgs.pseudofile) dir symlink;
|
||||
# in dir {
|
||||
# etc = dir {
|
||||
# "resolv.conf" = symlink "${services.resolvconf}/.outputs/resolv.conf";
|
||||
# };
|
||||
# };
|
||||
|
||||
#services.defaultroute4 = svc.network.route.build {
|
||||
# via = "$(output ${services.wan} address)";
|
||||
# target = "default";
|
||||
# dependencies = [ services.wan ];
|
||||
#};
|
||||
|
||||
# 4A:3D:B6:7F:44:F0
|
||||
# 129.199.146.30
|
||||
|
||||
services.packet_forwarding = svc.network.forward.build { };
|
||||
|
||||
defaultProfile.packages = with pkgs; [
|
||||
min-collect-garbage
|
||||
];
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue