From dcde00c428be423fe85eee1f4b80d8c230f8c3e5 Mon Sep 17 00:00:00 2001 From: sinavir Date: Fri, 19 Jan 2024 19:45:01 +0100 Subject: [PATCH] router: simplify the config for testing We don't even boot so why are we doing complicated stuff --- machines/router/configuration.nix | 111 ++---------------------------- 1 file changed, 5 insertions(+), 106 deletions(-) diff --git a/machines/router/configuration.nix b/machines/router/configuration.nix index 5538be4..c45e4bc 100644 --- a/machines/router/configuration.nix +++ b/machines/router/configuration.nix @@ -12,7 +12,6 @@ let inherit (pkgs) serviceFns; # EDIT: you can pick your preferred RFC1918 address space # for NATted connections, if you don't like this one. - ipv4LocalNet = "192.168.1"; svc = config.system.service; in rec { @@ -27,56 +26,18 @@ in rec { hardware.flash.eraseBlockSize = 126976; imports = [ - "${liminix}/modules/bridge" - "${liminix}/modules/dhcp6c" - "${liminix}/modules/dnsmasq" - "${liminix}/modules/firewall" - "${liminix}/modules/hostapd" "${liminix}/modules/network" - "${liminix}/modules/ntp" "${liminix}/modules/ssh" - "${liminix}/modules/vlan" - "${liminix}/modules/wlan.nix" "${liminix}/modules/outputs/ubimage.nix" ]; rootfsType = "ubifs"; hostname = "hackens-router"; # EDIT - services.hostap = svc.hostapd.build { - interface = config.hardware.networkInterfaces.wlan; - # EDIT: you will want to change the obvious things - # here to values of your choice - params = { - ssid = "The_Game"; - channel = "1"; - country_code = "FR"; - wpa_passphrase = "putainmauricetueschiant"; - - hw_mode="g"; - ieee80211n = 1; - auth_algs = 1; # 1=wpa2, 2=wep, 3=both - wpa = 2; # 1=wpa, 2=wpa2, 3=both - wpa_key_mgmt = "WPA-PSK"; - wpa_pairwise = "TKIP CCMP"; # auth for wpa (may not need this?) - rsn_pairwise = "CCMP"; # auth for wpa2 - wmm_enabled = 1; - }; - }; - services.int = svc.network.address.build { - interface = svc.bridge.primary.build { ifname = "int"; }; - family = "inet"; address = "${ipv4LocalNet}.1"; prefixLength = 16; - }; - - services.bridge = svc.bridge.members.build { - primary = services.int; - members = with config.hardware.networkInterfaces; - [ lan ]; - }; - - services.ntp = svc.ntp.build { - pools = { "pool.ntp.org" = ["iburst"]; }; - makestep = { threshold = 1.0; limit = 3; }; + interface = config.hardware.networkInterfaces.wan; + family = "inet"; + address = "10.0.0.8"; + prefixLength = 24; }; services.sshd = svc.ssh.build { }; @@ -85,68 +46,6 @@ in rec { # EDIT: choose a root password and then use # "mkpasswd -m sha512crypt" to determine the hash. # It should start wirh $6$. - passwd = "$6$UnjSEEpbfVAtIs8H$6xLsdpdpc/XvmxiiUtbHLkItuG/jTJuGm9omOLVZnpXzDThyRb6jeGS6W0LqHfNjfeErRwsZQVsvucMG4Iyda1"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiXXYkhRh+s7ixZ8rvG8ntIqd6FELQ9hh7HoaHQJRPU Thorkell" - ]; + passwd = "$6$9XlVymX951ai.c2C$SYtEF2Ykcud8VRuLRxfQRfuc9h7oJpVo.xDEv6fTWjBngMj3bPN9GbFMv3r.T.K2wIj1rTo9j1m58G.GTPKWo/"; }; - - services.dns = - let interface = services.int; - in svc.dnsmasq.build { - # resolvconf = services.resolvconf; - inherit interface; - ranges = [ - "${ipv4LocalNet}.10,${ipv4LocalNet}.249" - # EDIT: ... maybe. In this example we use "ra-stateless", - # meaning dnsmasq sends router advertisements with the O and A - # bits set, and provides a stateless DHCP service. The client - # will use a SLAAC address, and use DHCP for other - # configuration information. - # If you didn't understand the preceding sentence then - # the default is _probably_ fine, but if you need - # a DHCP-only IPv6 network or some other different - # configuration, this is the place to change it. - "::,constructor:$(output ${interface} ifname),ra-stateless" - ]; - # EDIT: choose a domain name for the DNS names issued for your - # DHCP-issued hosts - domain = "lan.hackens.org"; - }; - - #services.resolvconf = oneshot rec { - # dependencies = [ services.wan ]; - # name = "resolvconf"; - # up = '' - # . ${serviceFns} - # ( in_outputs ${name} - # echo "nameserver $(output ${services.wan} ns1)" > resolv.conf - # echo "nameserver $(output ${services.wan} ns2)" >> resolv.conf - # chmod 0444 resolv.conf - # ) - # ''; - #}; - - #filesystem = - # let inherit (pkgs.pseudofile) dir symlink; - # in dir { - # etc = dir { - # "resolv.conf" = symlink "${services.resolvconf}/.outputs/resolv.conf"; - # }; - # }; - - #services.defaultroute4 = svc.network.route.build { - # via = "$(output ${services.wan} address)"; - # target = "default"; - # dependencies = [ services.wan ]; - #}; - - # 4A:3D:B6:7F:44:F0 - # 129.199.146.30 - - services.packet_forwarding = svc.network.forward.build { }; - - defaultProfile.packages = with pkgs; [ - min-collect-garbage - ]; }