liminix/default.nix

113 lines
2.9 KiB
Nix
Raw Normal View History

{
2023-01-29 21:29:36 +01:00
device
, liminix-config ? <liminix-config>
2023-02-05 23:38:21 +01:00
, nixpkgs ? <nixpkgs>
}:
let
overlay = import ./overlay.nix;
2023-02-05 23:38:21 +01:00
pkgs = import nixpkgs (device.system // {
overlays = [overlay];
config = {allowUnsupportedSystem = true; };
});
2023-02-11 00:10:44 +01:00
2023-02-13 21:30:12 +01:00
config = (import ./lib/merge-modules.nix) [
./modules/base.nix
device.module
liminix-config
2022-09-27 11:19:44 +02:00
./modules/s6
2022-09-28 22:31:15 +02:00
./modules/users.nix
2023-02-11 00:10:44 +01:00
./modules/outputs.nix
2023-02-05 23:38:21 +01:00
] pkgs;
2022-10-05 22:52:30 +02:00
2023-02-14 23:08:52 +01:00
borderVm = ((import <nixpkgs/nixos>) {
configuration =
{ config, ... }:
{
imports = [
<nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
];
boot.kernelParams = [
"loglevel=9"
];
systemd.services.pppoe =
let conf = pkgs.writeText "kpppoed.toml"
''
interface_name = "eth0"
services = [ "myservice" ]
lns_ipaddr = "90.155.53.19"
ac_name = "kpppoed-1.0"
'';
in {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.pkgsBuildBuild.go-l2tp}/bin/kpppoed -config ${conf}";
};
};
systemd.services.tufted = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.pkgsBuildBuild.tufted}/bin/tufted /home/liminix/liminix";
};
};
2023-02-14 23:08:52 +01:00
virtualisation = {
qemu = {
networkingOptions = [];
options = [
"-device vfio-pci,host=01:00.0"
"-nographic"
"-serial mon:stdio"
];
};
sharedDirectories = {
liminix = {
source = builtins.toString ./.;
target = "/home/liminix/liminix";
};
};
};
2023-02-15 21:46:11 +01:00
environment.systemPackages = with pkgs.pkgsBuildBuild; [
tcpdump
wireshark
socat
tufted
iptables
];
2023-02-14 23:08:52 +01:00
security.sudo.wheelNeedsPassword = false;
networking = {
hostName = "border";
firewall = { enable = false; };
interfaces.eth1 = {
useDHCP = false;
ipv4.addresses = [ { address = "10.0.0.1"; prefixLength = 24;}];
};
2023-02-14 23:08:52 +01:00
};
users.users.liminix = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "wheel"];
};
services.getty.autologinUser = "liminix";
};
}).config.system;
in {
2023-02-11 00:10:44 +01:00
outputs = config.outputs // {
default = config.outputs.${config.device.defaultOutput};
};
2022-09-25 14:18:26 +02:00
# this is just here as a convenience, so that we can get a
# cross-compiling nix-shell for any package we're customizing
2023-02-07 00:19:35 +01:00
inherit pkgs;
2023-02-08 19:10:11 +01:00
buildEnv = pkgs.mkShell {
packages = with pkgs.pkgsBuildBuild; [
tufted
routeros.routeros
routeros.ros-exec-script
mips-vm
2023-02-14 23:08:52 +01:00
borderVm.build.vm
go-l2tp
2023-02-08 19:10:11 +01:00
];
};
}