Daniel Barlow
f73a9d82dc
add comments
2023-07-16 17:51:50 +01:00
Daniel Barlow
1117f98afc
remove redundant let
2023-07-16 17:51:50 +01:00
Daniel Barlow
d7f3e05063
turn nftables firewall into a service-providing module
2023-07-16 17:51:50 +01:00
Daniel Barlow
73e5916cc5
thunk
2023-07-15 23:40:16 +01:00
Daniel Barlow
669af24247
make a module for dnsmasq
2023-07-14 23:18:21 +01:00
Daniel Barlow
5fee3e54d2
use ppp module in pppoe test
2023-07-14 22:23:11 +01:00
Daniel Barlow
df6cfe1cd5
move pppoe service derivation into ppp module dir
2023-07-14 21:35:59 +01:00
Daniel Barlow
c13defc891
rename modules/ppp.nix -> modules/ppp/default.nix
2023-07-14 21:08:33 +01:00
Daniel Barlow
682183a88d
move typeChecked into pkgs.liminix.lib
2023-07-14 20:22:29 +01:00
Daniel Barlow
69e6eb5a89
accept attr args to pppoe service, and typecheck them
...
We use (abuse, arguably) the nixos module system for typechecking. Un
the plus side, it gives us documentation of the options and their
expected types. On the downside, the error message doesn't tell us
the file in which the error was encountered.
(This is subject to change, if I can find a better way)
2023-07-14 16:53:36 +01:00
Daniel Barlow
9441f48819
new ppp module, used by rotuer
...
The objective here is that services which depend on global config
(e.g. kernel config or busybox options or static paths in the
filesystem) now live under config.system.service, and are added
to that collection by the module that defines the necessary state.
This is a first step: the services will be configured by a typechecked
attr set instead of the arbitrary arguments that
pkgs.liminix.networking.pppoe accepts
2023-07-13 19:44:14 +01:00
Daniel Barlow
2e50368bd2
rename config.outputs to config.system.outputs
...
New rules: everything under "config" that isn't actually configuration
(e.g. build products) will in future live in config.system. This is
the first step.
2023-07-13 19:24:59 +01:00
Daniel Barlow
492317623d
more thoughts about modules
2023-07-13 11:54:50 +01:00
Daniel Barlow
0f57ae2a32
fix section order
2023-07-09 15:18:19 +01:00
Daniel Barlow
2d05695d99
add cautionary note about flashing from openwrt
...
h/t matthewcroughan, thank you for your service
2023-07-09 15:12:18 +01:00
Daniel Barlow
a1dff5b92d
document flash.scr
2023-07-08 23:43:15 +01:00
Daniel Barlow
7c06f30675
set ipv6 wan address to that provided by dhcpv6
2023-07-08 23:08:25 +01:00
Daniel Barlow
c7ead8559b
shell.nix: set FENNEL_PATH for interactive convenience
2023-07-08 23:08:25 +01:00
Daniel Barlow
a19d12d6d7
fennelrepl add PREFIX/?/init.lua to lua load path
2023-07-08 23:08:25 +01:00
Daniel Barlow
b5cd0cc2d5
fennelrepl: fix bug which introduced whitespace in package.path
2023-07-08 23:08:24 +01:00
Daniel Barlow
0c41e9305c
extract service output watcher to fennel module
2023-07-08 23:08:24 +01:00
Daniel Barlow
708350711b
allow running scripts using fennelrepl
...
e.g.
FENNEL_PATH=pkgs/?/init.fnl\;pkgs/?.fnl nix-shell --run "fennelrepl ./examples/acquire-delegated-prefix.fnl /tmp/boo eth1"
2023-07-08 23:08:24 +01:00
Daniel Barlow
e7de889403
explain why all the examples are misspelled
2023-07-07 17:45:23 +01:00
Daniel Barlow
a12e5888e9
rotuer: remove hardcoded wan address
2023-07-05 20:34:30 +01:00
Daniel Barlow
2de4d7a8f9
fennel: extract some common functions into a shareable module
2023-07-05 20:23:27 +01:00
Daniel Barlow
c3bb33c9ce
add fennelrepl package
...
Runs fennel using a Lua compiled with the same options as the
host system, and with packages set up so it can find all the local
Lua packages
To shorten the dev feedback loop further, allows FENNEL_PATH to be set
on the command line so you can point directly it at the Fennel sources
for some library you're working against instead of having to run
nix-build and compile them to Lua
2023-07-04 22:58:51 +01:00
Daniel Barlow
24befe6bf7
install fennel from source as a package
...
nixos lua packaging is giving me a headache
2023-07-04 22:56:17 +01:00
Daniel Barlow
41687e916d
rename luaSmall package to lua
2023-07-02 18:19:54 +01:00
Daniel Barlow
3900683413
simplify protocol for watchers of service output directories
...
Previously: the service wrote a timestamp and the receiver
read and parsed it to see if there was new data
Now: the service writes and removes a .lock file to prevent
the receiver reading partial data. The receiver is responsible
for remembering the *previous* state and only updating if it's changed
2023-07-02 12:09:13 +01:00
Daniel Barlow
5532144747
hardcode global wan address, temporarily
2023-07-01 12:50:06 +01:00
Daniel Barlow
9aa5ff6ed1
make a package for odhcpc-script
2023-06-30 20:02:03 +01:00
Daniel Barlow
b6e72504d6
ipv6 default route
...
needs to specify the ppp0 *peer* address not the local address
2023-06-30 10:17:33 +01:00
Daniel Barlow
5306b36181
ipv4 nat rules
2023-06-28 23:51:37 +01:00
Daniel Barlow
1f1164cc98
allow dhcp client on wan
2023-06-28 23:51:21 +01:00
Daniel Barlow
8affb151b5
rotuer: enable ipv6 forwarding
2023-06-28 22:31:01 +01:00
Daniel Barlow
a9848b9668
firewall: enable incoming ssh and dhcp6
2023-06-28 22:20:45 +01:00
Daniel Barlow
25eecabc6d
typo
2023-06-28 22:19:11 +01:00
Daniel Barlow
80b6f62896
comment-out example of allowed incoming
2023-06-27 22:33:24 +01:00
Daniel Barlow
c595ae0ccb
firewallgen: make nft shebang work
2023-06-27 21:26:23 +01:00
Daniel Barlow
64e0ef5931
use numeric proto number (tautology...) for HIP
2023-06-27 21:25:30 +01:00
Daniel Barlow
78d223a839
move nftables fib rule to the prerouting hook
2023-06-27 21:23:15 +01:00
Daniel Barlow
6101f3f3d8
load necessary kernel modules for firewall
2023-06-27 21:18:09 +01:00
Daniel Barlow
89693af82b
thonk
2023-06-26 20:50:18 +01:00
Daniel Barlow
591bd78509
extract writeKconfig to its own file
2023-06-26 20:49:43 +01:00
Daniel Barlow
15be80e9de
remove dead config option
2023-06-22 17:46:57 +01:00
Daniel Barlow
bc62f7df45
remove rsync openssl dependency
2023-06-22 17:34:44 +01:00
Daniel Barlow
26cb331d8b
remove dead config optiuon
2023-06-22 16:56:30 +01:00
Daniel Barlow
5e45817f98
example rotuer-secrets
2023-06-22 16:54:24 +01:00
Daniel Barlow
943820d4dd
add doc note about finding supported devices
2023-06-22 10:06:40 +01:00
Daniel Barlow
fc620df322
thunk
2023-06-22 09:40:27 +01:00