Commit graph

66 commits

Author SHA1 Message Date
Daniel Barlow
f82501d278 update hostapd to "build" syntax 2023-08-05 12:21:18 +01:00
Daniel Barlow
90c1d59aca convert firewall service to new serviceDefn
this is a bit kludgey with dependencies, need to
come back and look at that
2023-08-05 12:07:35 +01:00
Daniel Barlow
fbb2c04132 move module-based-service parameter types into service
This is in preparation for writing something that extracts them
into documentation.

user configurations now call config.system.service.foo.build { ...params }
instead of config.system.service.foo

the parameter type definitions themselves now move into the
config stanza of the module referencing the service

new helper function  liminix.callService

The only service moved so far is dnsmasq
2023-08-04 20:39:29 +01:00
Daniel Barlow
9994c161d4 DRY up wireless config 2023-07-22 23:37:01 +01:00
Daniel Barlow
bf1d9beec1 add first version of ntp module 2023-07-22 23:25:25 +01:00
Daniel Barlow
4396afa97b inline excessive lets 2023-07-20 12:05:36 +01:00
Daniel Barlow
9b70fd62f6 extract bridge to module-based services 2023-07-20 12:02:09 +01:00
Daniel Barlow
86e73317ee alias config.system.service 2023-07-20 11:28:45 +01:00
Daniel Barlow
648ea5613b use module-based-service for hostapd 2023-07-16 17:51:50 +01:00
Daniel Barlow
1117f98afc remove redundant let 2023-07-16 17:51:50 +01:00
Daniel Barlow
d7f3e05063 turn nftables firewall into a service-providing module 2023-07-16 17:51:50 +01:00
Daniel Barlow
669af24247 make a module for dnsmasq 2023-07-14 23:18:21 +01:00
Daniel Barlow
c13defc891 rename modules/ppp.nix -> modules/ppp/default.nix 2023-07-14 21:08:33 +01:00
Daniel Barlow
69e6eb5a89 accept attr args to pppoe service, and typecheck them
We use (abuse, arguably) the nixos module system for typechecking.  Un
the plus side, it gives us documentation of the options and their
expected types. On the downside, the error message doesn't tell us
the file in which the error was encountered.

(This is subject to change, if I can find a better way)
2023-07-14 16:53:36 +01:00
Daniel Barlow
9441f48819 new ppp module, used by rotuer
The objective here is that services which depend on global config
(e.g. kernel config or busybox options or static paths in the
filesystem) now live under config.system.service, and are added
to that collection by the module that defines the necessary state.

This is a first step: the services will be configured by a typechecked
attr set instead of the arbitrary arguments that
pkgs.liminix.networking.pppoe accepts
2023-07-13 19:44:14 +01:00
Daniel Barlow
2e50368bd2 rename config.outputs to config.system.outputs
New rules: everything under "config" that isn't actually configuration
(e.g. build products) will in future live in config.system. This is
the first step.
2023-07-13 19:24:59 +01:00
Daniel Barlow
7c06f30675 set ipv6 wan address to that provided by dhcpv6 2023-07-08 23:08:25 +01:00
Daniel Barlow
0c41e9305c extract service output watcher to fennel module 2023-07-08 23:08:24 +01:00
Daniel Barlow
e7de889403 explain why all the examples are misspelled 2023-07-07 17:45:23 +01:00
Daniel Barlow
a12e5888e9 rotuer: remove hardcoded wan address 2023-07-05 20:34:30 +01:00
Daniel Barlow
2de4d7a8f9 fennel: extract some common functions into a shareable module 2023-07-05 20:23:27 +01:00
Daniel Barlow
41687e916d rename luaSmall package to lua 2023-07-02 18:19:54 +01:00
Daniel Barlow
3900683413 simplify protocol for watchers of service output directories
Previously: the service wrote a timestamp and the receiver
read and parsed it to see if there was new data

Now: the service writes and removes a .lock file to prevent
the receiver reading partial data. The receiver is responsible
for remembering the *previous* state and only updating if it's changed
2023-07-02 12:09:13 +01:00
Daniel Barlow
5532144747 hardcode global wan address, temporarily 2023-07-01 12:50:06 +01:00
Daniel Barlow
9aa5ff6ed1 make a package for odhcpc-script 2023-06-30 20:02:03 +01:00
Daniel Barlow
b6e72504d6 ipv6 default route
needs to specify the ppp0 *peer* address not the local address
2023-06-30 10:17:33 +01:00
Daniel Barlow
5306b36181 ipv4 nat rules 2023-06-28 23:51:37 +01:00
Daniel Barlow
1f1164cc98 allow dhcp client on wan 2023-06-28 23:51:21 +01:00
Daniel Barlow
8affb151b5 rotuer: enable ipv6 forwarding 2023-06-28 22:31:01 +01:00
Daniel Barlow
a9848b9668 firewall: enable incoming ssh and dhcp6 2023-06-28 22:20:45 +01:00
Daniel Barlow
25eecabc6d typo 2023-06-28 22:19:11 +01:00
Daniel Barlow
80b6f62896 comment-out example of allowed incoming 2023-06-27 22:33:24 +01:00
Daniel Barlow
64e0ef5931 use numeric proto number (tautology...) for HIP 2023-06-27 21:25:30 +01:00
Daniel Barlow
78d223a839 move nftables fib rule to the prerouting hook 2023-06-27 21:23:15 +01:00
Daniel Barlow
6101f3f3d8 load necessary kernel modules for firewall 2023-06-27 21:18:09 +01:00
Daniel Barlow
15be80e9de remove dead config option 2023-06-22 17:46:57 +01:00
Daniel Barlow
26cb331d8b remove dead config optiuon 2023-06-22 16:56:30 +01:00
Daniel Barlow
5e45817f98 example rotuer-secrets 2023-06-22 16:54:24 +01:00
Daniel Barlow
b002a94e07 rotuer: use firewallgen to make packet filter rules 2023-06-20 20:20:32 +01:00
Daniel Barlow
340f7211ef remove unused packages 2023-06-20 20:13:59 +01:00
Daniel Barlow
a65bb9d585 improve file-exists? function 2023-06-18 17:41:09 +01:00
Daniel Barlow
3f4dbfcfd3 ipv6 prefix delegation for rotuer
much tidying needed, but it works
2023-05-31 23:29:05 +01:00
Daniel Barlow
d82173133c odhcpc script: mkdir 2023-05-30 21:00:20 +01:00
Daniel Barlow
cb30ce52eb rotuer: use writeFennelScript for odhcpc update script 2023-05-30 18:20:14 +01:00
Daniel Barlow
fa7e682e87 dhcp6c readiness notification 2023-05-26 18:36:44 +01:00
Daniel Barlow
447f068569 partly support getting IPv6 addresses
- gets interface id from ppp
- runs odhcpc to get RA and prefix delegation
- doesn't do anything useful with the data yet
2023-05-24 23:01:50 +01:00
Daniel Barlow
0173a9ced9 set PATH correctly in ssh sessions
for a non=interactive shell ("ssh linminix foo") ash does not source
*any* startup files, so we need to set this to something more useful
than /bin:usr/bin
2023-05-21 17:07:19 +01:00
Daniel Barlow
a48d51ffdc keep dropbear host keys in /persist if it exists 2023-05-21 12:01:42 +01:00
Daniel Barlow
f249c12bec cruft 2023-05-20 22:48:30 +01:00
Daniel Barlow
eadd982a79 rotuer: set hostname 2023-05-20 22:34:57 +01:00