Commit graph

161 commits

Author SHA1 Message Date
Daniel Barlow
a0bd250963 switch from getty to root shell on console
this just makes things marginally simpler
2023-11-21 23:09:48 +00:00
Daniel Barlow
a896c4e31c rename wlan services for devices with > 1 radio
let's standardise on having 2.4GHz radio be "wlan", and
5GHz as "wlan5"
2023-10-07 22:28:57 +01:00
Daniel Barlow
3c483ebd9a set PARTITION_ADVANCED only in ramdisk module 2023-09-30 21:29:12 +01:00
Daniel Barlow
c59a228955 this is the dhcp6c service we want 2023-09-26 16:43:03 +01:00
Daniel Barlow
1673a71831 WIP third example 2023-09-24 23:11:28 +01:00
Daniel Barlow
56261f77b0 add example with real hardware 2023-09-17 17:03:56 +01:00
Daniel Barlow
bb280c6d97 rename qemu example 2023-09-17 17:03:56 +01:00
Daniel Barlow
0f31afee2b hellonet: set password for root
otherwise incoming ssh gets a bit fraught
2023-09-17 17:03:56 +01:00
Daniel Barlow
98c63e7498 hellonet: don't run ntp
it's a bit pointless when there's no connectivity to
any ntp server
2023-09-17 17:03:56 +01:00
Daniel Barlow
c6faf88dd1 doc WIP: build "hello net" example 2023-09-17 17:03:56 +01:00
Daniel Barlow
f7b30939b5 remove service-state when service exits 2023-09-13 22:49:00 +01:00
Daniel Barlow
92e107d77c update acquire-delegated-prefix to use svc.events 2023-09-13 17:49:57 +01:00
Daniel Barlow
fa040a194c acquire-wan-address remove boundness checking
if we're unbound then the script will be called with
empty ADDRESSES and so the usual case will handle this fine
by removing all the previosuly set addresses
2023-09-13 13:17:58 +01:00
Daniel Barlow
3bdb7754d3 replace var/each with accumulate 2023-09-12 20:55:08 +01:00
Daniel Barlow
8f97c5bf3c anoia service :events method behaves as iterator 2023-09-12 20:46:52 +01:00
Daniel Barlow
7904c6bfe9 anoia users now need lfs
... and we need to figure out how to do transitive
dependencies, because this is not a great experience
2023-09-12 18:46:04 +01:00
Daniel Barlow
0a737c62cd convert acquire-wan-address to writeFennel
this means we can get rid of the inelegant environent variable
check at the bottom of the file
2023-09-12 17:51:00 +01:00
Daniel Barlow
d49cbbb8ed test for acquire-wan-address 2023-09-11 00:07:49 +01:00
Daniel Barlow
7683ed69de acquire-wan-address uses parsed addresses from odhcp 2023-09-11 00:07:11 +01:00
Daniel Barlow
91e957ced7 static leases for rotuer 2023-09-04 23:07:13 +01:00
Daniel Barlow
a24c2a23a0 whitespace 2023-09-04 22:06:15 +01:00
Daniel Barlow
9e52faa0b6 remove unused imports 2023-09-04 22:05:42 +01:00
Daniel Barlow
3bdc986dd7 extract "mount filesystem" to module 2023-09-04 21:17:52 +01:00
Daniel Barlow
83092b7b73 add watchdog service 2023-09-02 17:28:40 +01:00
Daniel Barlow
6805e0090d working down the TODOs 2023-09-01 17:57:22 +01:00
Daniel Barlow
7ad848cb77 add service to enable packet forwarding
might be worth looking into adding RA config to this
2023-09-01 17:34:47 +01:00
Daniel Barlow
ef666c34cd use ssh service in examples 2023-09-01 17:32:53 +01:00
Daniel Barlow
d7336679c4 arhcive use ssh service instead of hand-rolling 2023-08-31 23:59:48 +01:00
Daniel Barlow
535eb70bb9 convert all route defns to module-based-service 2023-08-31 23:52:59 +01:00
Daniel Barlow
51ad051443 delete unneeded services.default 2023-08-31 23:52:03 +01:00
Daniel Barlow
3609d8d5ee implement route as module-based-service 2023-08-31 23:24:23 +01:00
Daniel Barlow
e577caa15f extneder: use bridge module 2023-08-31 18:29:45 +01:00
Daniel Barlow
333327be75 make a module for vlan
Acked-by: Daniel Barlow <<dan@telent.net>>
2023-08-30 23:26:44 +01:00
Daniel Barlow
aecbe08f08 add o+x permission on service-state directories
this is needed for resolvconf, which writes resolv.conf as
an output and wants to make it world-readable
2023-08-28 22:02:28 +01:00
Daniel Barlow
ff2d3e1a63 TODO comments 2023-08-28 22:02:28 +01:00
Daniel Barlow
8688d47c65 rotuer: create resolv.conf 2023-08-28 22:02:28 +01:00
Daniel Barlow
e86daf9bbc default value for services.default
as a default default target, start all the services
2023-08-28 22:02:28 +01:00
Daniel Barlow
23ccfec5fb update examples so they build again 2023-08-28 22:02:28 +01:00
Daniel Barlow
31f0213b6f convert network link/address to module-based-service
... and make bridge use it.

We also had to convert bridge back into a pair of services.
Downstreams want to depend on the bridge it self being configured
even if not necessarily all the members are up. e.g. don't want
to break ssh on lan if there's a misconfigured wlan device
2023-08-28 22:02:28 +01:00
Daniel Barlow
540a1dfd76 remove interface.device
build-time uses can mostly be replaced with interface.name

for runtime uses, switch to $(output ${interface} name)
2023-08-28 22:02:28 +01:00
Daniel Barlow
6f92f8fa8b merge bridge services into one 2023-08-16 23:29:53 +01:00
Daniel Barlow
3ea40f95dc convert pppoe to serviceDefn 2023-08-10 22:53:45 +01:00
Daniel Barlow
2942c465b9 add ssh module 2023-08-10 22:53:21 +01:00
Daniel Barlow
2414dd4b55 convert ntp to serviceDefn 2023-08-05 14:16:54 +01:00
Daniel Barlow
93e04bb834 convert bridge service to serviceDefn 2023-08-05 14:10:14 +01:00
Daniel Barlow
f82501d278 update hostapd to "build" syntax 2023-08-05 12:21:18 +01:00
Daniel Barlow
90c1d59aca convert firewall service to new serviceDefn
this is a bit kludgey with dependencies, need to
come back and look at that
2023-08-05 12:07:35 +01:00
Daniel Barlow
fbb2c04132 move module-based-service parameter types into service
This is in preparation for writing something that extracts them
into documentation.

user configurations now call config.system.service.foo.build { ...params }
instead of config.system.service.foo

the parameter type definitions themselves now move into the
config stanza of the module referencing the service

new helper function  liminix.callService

The only service moved so far is dnsmasq
2023-08-04 20:39:29 +01:00
Daniel Barlow
9994c161d4 DRY up wireless config 2023-07-22 23:37:01 +01:00
Daniel Barlow
bf1d9beec1 add first version of ntp module 2023-07-22 23:25:25 +01:00
Daniel Barlow
4396afa97b inline excessive lets 2023-07-20 12:05:36 +01:00
Daniel Barlow
9b70fd62f6 extract bridge to module-based services 2023-07-20 12:02:09 +01:00
Daniel Barlow
86e73317ee alias config.system.service 2023-07-20 11:28:45 +01:00
Daniel Barlow
648ea5613b use module-based-service for hostapd 2023-07-16 17:51:50 +01:00
Daniel Barlow
1117f98afc remove redundant let 2023-07-16 17:51:50 +01:00
Daniel Barlow
d7f3e05063 turn nftables firewall into a service-providing module 2023-07-16 17:51:50 +01:00
Daniel Barlow
669af24247 make a module for dnsmasq 2023-07-14 23:18:21 +01:00
Daniel Barlow
c13defc891 rename modules/ppp.nix -> modules/ppp/default.nix 2023-07-14 21:08:33 +01:00
Daniel Barlow
69e6eb5a89 accept attr args to pppoe service, and typecheck them
We use (abuse, arguably) the nixos module system for typechecking.  Un
the plus side, it gives us documentation of the options and their
expected types. On the downside, the error message doesn't tell us
the file in which the error was encountered.

(This is subject to change, if I can find a better way)
2023-07-14 16:53:36 +01:00
Daniel Barlow
9441f48819 new ppp module, used by rotuer
The objective here is that services which depend on global config
(e.g. kernel config or busybox options or static paths in the
filesystem) now live under config.system.service, and are added
to that collection by the module that defines the necessary state.

This is a first step: the services will be configured by a typechecked
attr set instead of the arbitrary arguments that
pkgs.liminix.networking.pppoe accepts
2023-07-13 19:44:14 +01:00
Daniel Barlow
2e50368bd2 rename config.outputs to config.system.outputs
New rules: everything under "config" that isn't actually configuration
(e.g. build products) will in future live in config.system. This is
the first step.
2023-07-13 19:24:59 +01:00
Daniel Barlow
7c06f30675 set ipv6 wan address to that provided by dhcpv6 2023-07-08 23:08:25 +01:00
Daniel Barlow
0c41e9305c extract service output watcher to fennel module 2023-07-08 23:08:24 +01:00
Daniel Barlow
e7de889403 explain why all the examples are misspelled 2023-07-07 17:45:23 +01:00
Daniel Barlow
a12e5888e9 rotuer: remove hardcoded wan address 2023-07-05 20:34:30 +01:00
Daniel Barlow
2de4d7a8f9 fennel: extract some common functions into a shareable module 2023-07-05 20:23:27 +01:00
Daniel Barlow
41687e916d rename luaSmall package to lua 2023-07-02 18:19:54 +01:00
Daniel Barlow
3900683413 simplify protocol for watchers of service output directories
Previously: the service wrote a timestamp and the receiver
read and parsed it to see if there was new data

Now: the service writes and removes a .lock file to prevent
the receiver reading partial data. The receiver is responsible
for remembering the *previous* state and only updating if it's changed
2023-07-02 12:09:13 +01:00
Daniel Barlow
5532144747 hardcode global wan address, temporarily 2023-07-01 12:50:06 +01:00
Daniel Barlow
9aa5ff6ed1 make a package for odhcpc-script 2023-06-30 20:02:03 +01:00
Daniel Barlow
b6e72504d6 ipv6 default route
needs to specify the ppp0 *peer* address not the local address
2023-06-30 10:17:33 +01:00
Daniel Barlow
5306b36181 ipv4 nat rules 2023-06-28 23:51:37 +01:00
Daniel Barlow
1f1164cc98 allow dhcp client on wan 2023-06-28 23:51:21 +01:00
Daniel Barlow
8affb151b5 rotuer: enable ipv6 forwarding 2023-06-28 22:31:01 +01:00
Daniel Barlow
a9848b9668 firewall: enable incoming ssh and dhcp6 2023-06-28 22:20:45 +01:00
Daniel Barlow
25eecabc6d typo 2023-06-28 22:19:11 +01:00
Daniel Barlow
80b6f62896 comment-out example of allowed incoming 2023-06-27 22:33:24 +01:00
Daniel Barlow
64e0ef5931 use numeric proto number (tautology...) for HIP 2023-06-27 21:25:30 +01:00
Daniel Barlow
78d223a839 move nftables fib rule to the prerouting hook 2023-06-27 21:23:15 +01:00
Daniel Barlow
6101f3f3d8 load necessary kernel modules for firewall 2023-06-27 21:18:09 +01:00
Daniel Barlow
15be80e9de remove dead config option 2023-06-22 17:46:57 +01:00
Daniel Barlow
26cb331d8b remove dead config optiuon 2023-06-22 16:56:30 +01:00
Daniel Barlow
5e45817f98 example rotuer-secrets 2023-06-22 16:54:24 +01:00
Daniel Barlow
b002a94e07 rotuer: use firewallgen to make packet filter rules 2023-06-20 20:20:32 +01:00
Daniel Barlow
340f7211ef remove unused packages 2023-06-20 20:13:59 +01:00
Daniel Barlow
a65bb9d585 improve file-exists? function 2023-06-18 17:41:09 +01:00
Daniel Barlow
3f4dbfcfd3 ipv6 prefix delegation for rotuer
much tidying needed, but it works
2023-05-31 23:29:05 +01:00
Daniel Barlow
d82173133c odhcpc script: mkdir 2023-05-30 21:00:20 +01:00
Daniel Barlow
cb30ce52eb rotuer: use writeFennelScript for odhcpc update script 2023-05-30 18:20:14 +01:00
Daniel Barlow
fa7e682e87 dhcp6c readiness notification 2023-05-26 18:36:44 +01:00
Daniel Barlow
447f068569 partly support getting IPv6 addresses
- gets interface id from ppp
- runs odhcpc to get RA and prefix delegation
- doesn't do anything useful with the data yet
2023-05-24 23:01:50 +01:00
Daniel Barlow
0173a9ced9 set PATH correctly in ssh sessions
for a non=interactive shell ("ssh linminix foo") ash does not source
*any* startup files, so we need to set this to something more useful
than /bin:usr/bin
2023-05-21 17:07:19 +01:00
Daniel Barlow
a48d51ffdc keep dropbear host keys in /persist if it exists 2023-05-21 12:01:42 +01:00
Daniel Barlow
f249c12bec cruft 2023-05-20 22:48:30 +01:00
Daniel Barlow
eadd982a79 rotuer: set hostname 2023-05-20 22:34:57 +01:00
Daniel Barlow
b0a0fdcfcc add "standard" module, which includes flashimage kexec & jffs2
most systems need most of these, so it makes writing the docs a
lot easier
2023-05-17 15:38:22 +01:00
Daniel Barlow
6d6dbe1cbb tftpboot: allow padding image with freeSpaceBytes
this is useful for writable filesystems so that there's more than
an erase block of space to write into
2023-04-26 22:15:19 +01:00
Daniel Barlow
6adab44fcf rotuer; run chronyd for accurate time 2023-04-23 20:56:20 +01:00
Daniel Barlow
4342d3403f make rotuer example build again 2023-04-23 20:56:20 +01:00
Daniel Barlow
fe99abc450 shrink rsync
remove openssl requirement, it  uses it for "optimised assembly
versions" of md5 - but only on x86/arm/sparc not mips anyway
2023-04-10 22:57:50 +01:00