Commit graph

453 commits

Author SHA1 Message Date
Daniel Barlow
2d05695d99 add cautionary note about flashing from openwrt
h/t matthewcroughan, thank you for your service
2023-07-09 15:12:18 +01:00
Daniel Barlow
a1dff5b92d document flash.scr 2023-07-08 23:43:15 +01:00
Daniel Barlow
7c06f30675 set ipv6 wan address to that provided by dhcpv6 2023-07-08 23:08:25 +01:00
Daniel Barlow
c7ead8559b shell.nix: set FENNEL_PATH for interactive convenience 2023-07-08 23:08:25 +01:00
Daniel Barlow
a19d12d6d7 fennelrepl add PREFIX/?/init.lua to lua load path 2023-07-08 23:08:25 +01:00
Daniel Barlow
b5cd0cc2d5 fennelrepl: fix bug which introduced whitespace in package.path 2023-07-08 23:08:24 +01:00
Daniel Barlow
0c41e9305c extract service output watcher to fennel module 2023-07-08 23:08:24 +01:00
Daniel Barlow
708350711b allow running scripts using fennelrepl
e.g.

FENNEL_PATH=pkgs/?/init.fnl\;pkgs/?.fnl nix-shell --run "fennelrepl ./examples/acquire-delegated-prefix.fnl /tmp/boo eth1"
2023-07-08 23:08:24 +01:00
Daniel Barlow
e7de889403 explain why all the examples are misspelled 2023-07-07 17:45:23 +01:00
Daniel Barlow
a12e5888e9 rotuer: remove hardcoded wan address 2023-07-05 20:34:30 +01:00
Daniel Barlow
2de4d7a8f9 fennel: extract some common functions into a shareable module 2023-07-05 20:23:27 +01:00
Daniel Barlow
c3bb33c9ce add fennelrepl package
Runs fennel using a Lua compiled with the same options as the
host system, and with packages set up so it can find all the local
Lua packages

To shorten the dev feedback loop further, allows FENNEL_PATH to be set
on the command line so you can point directly it at the Fennel sources
for some library you're working against instead of having to run
nix-build and compile them to Lua
2023-07-04 22:58:51 +01:00
Daniel Barlow
24befe6bf7 install fennel from source as a package
nixos lua packaging is giving me a headache
2023-07-04 22:56:17 +01:00
Daniel Barlow
41687e916d rename luaSmall package to lua 2023-07-02 18:19:54 +01:00
Daniel Barlow
3900683413 simplify protocol for watchers of service output directories
Previously: the service wrote a timestamp and the receiver
read and parsed it to see if there was new data

Now: the service writes and removes a .lock file to prevent
the receiver reading partial data. The receiver is responsible
for remembering the *previous* state and only updating if it's changed
2023-07-02 12:09:13 +01:00
Daniel Barlow
5532144747 hardcode global wan address, temporarily 2023-07-01 12:50:06 +01:00
Daniel Barlow
9aa5ff6ed1 make a package for odhcpc-script 2023-06-30 20:02:03 +01:00
Daniel Barlow
b6e72504d6 ipv6 default route
needs to specify the ppp0 *peer* address not the local address
2023-06-30 10:17:33 +01:00
Daniel Barlow
5306b36181 ipv4 nat rules 2023-06-28 23:51:37 +01:00
Daniel Barlow
1f1164cc98 allow dhcp client on wan 2023-06-28 23:51:21 +01:00
Daniel Barlow
8affb151b5 rotuer: enable ipv6 forwarding 2023-06-28 22:31:01 +01:00
Daniel Barlow
a9848b9668 firewall: enable incoming ssh and dhcp6 2023-06-28 22:20:45 +01:00
Daniel Barlow
25eecabc6d typo 2023-06-28 22:19:11 +01:00
Daniel Barlow
80b6f62896 comment-out example of allowed incoming 2023-06-27 22:33:24 +01:00
Daniel Barlow
c595ae0ccb firewallgen: make nft shebang work 2023-06-27 21:26:23 +01:00
Daniel Barlow
64e0ef5931 use numeric proto number (tautology...) for HIP 2023-06-27 21:25:30 +01:00
Daniel Barlow
78d223a839 move nftables fib rule to the prerouting hook 2023-06-27 21:23:15 +01:00
Daniel Barlow
6101f3f3d8 load necessary kernel modules for firewall 2023-06-27 21:18:09 +01:00
Daniel Barlow
89693af82b thonk 2023-06-26 20:50:18 +01:00
Daniel Barlow
591bd78509 extract writeKconfig to its own file 2023-06-26 20:49:43 +01:00
Daniel Barlow
15be80e9de remove dead config option 2023-06-22 17:46:57 +01:00
Daniel Barlow
bc62f7df45 remove rsync openssl dependency 2023-06-22 17:34:44 +01:00
Daniel Barlow
26cb331d8b remove dead config optiuon 2023-06-22 16:56:30 +01:00
Daniel Barlow
5e45817f98 example rotuer-secrets 2023-06-22 16:54:24 +01:00
Daniel Barlow
943820d4dd add doc note about finding supported devices 2023-06-22 10:06:40 +01:00
Daniel Barlow
fc620df322 thunk 2023-06-22 09:40:27 +01:00
Daniel Barlow
6bc45c2b55 preinit: null-terminate argv array for execve 2023-06-22 09:29:44 +01:00
Daniel Barlow
b898364719 extend timeout for pppoe test 2023-06-20 23:39:46 +01:00
Daniel Barlow
0896c9c1d3 remove non-building ntp service from test config 2023-06-20 22:15:38 +01:00
Daniel Barlow
b002a94e07 rotuer: use firewallgen to make packet filter rules 2023-06-20 20:20:32 +01:00
Daniel Barlow
d79a1e15bb get fennel from source instead of luarocks 2023-06-20 20:19:11 +01:00
Daniel Barlow
340f7211ef remove unused packages 2023-06-20 20:13:59 +01:00
Daniel Barlow
3dd247a719 update arch for gl-ar750
not sure this is needed, tbh
2023-06-20 20:11:25 +01:00
Daniel Barlow
c1ba067fad remove deps from chrony
it's trying to build Perl and all manner of stuff that for
our purposes I don't think we need
2023-06-20 20:09:17 +01:00
Daniel Barlow
435a36f267 delete unused derivations in overlay 2023-06-20 20:06:36 +01:00
Daniel Barlow
ce207e4763 chronyd: disable editline
it drags in ncurses, which is Too Much
2023-06-19 21:37:06 +01:00
Daniel Barlow
a7e7146887 preinit: disable nolibc
- it stopped working with 22.11->23.05
- linking statically against musl is about 17k, so
  this is costing us 11k or so
2023-06-18 23:04:26 +01:00
Daniel Barlow
d66f5901a2 fix nftables syntax 2023-06-18 22:18:44 +01:00
Daniel Barlow
a65bb9d585 improve file-exists? function 2023-06-18 17:41:09 +01:00
Daniel Barlow
80639a7256 add firewallgen package, which creates an nft script 2023-06-18 17:40:16 +01:00