Daniel Barlow
a0bd250963
switch from getty to root shell on console
...
this just makes things marginally simpler
2023-11-21 23:09:48 +00:00
Daniel Barlow
a896c4e31c
rename wlan services for devices with > 1 radio
...
let's standardise on having 2.4GHz radio be "wlan", and
5GHz as "wlan5"
2023-10-07 22:28:57 +01:00
Daniel Barlow
3c483ebd9a
set PARTITION_ADVANCED only in ramdisk module
2023-09-30 21:29:12 +01:00
Daniel Barlow
c59a228955
this is the dhcp6c service we want
2023-09-26 16:43:03 +01:00
Daniel Barlow
1673a71831
WIP third example
2023-09-24 23:11:28 +01:00
Daniel Barlow
56261f77b0
add example with real hardware
2023-09-17 17:03:56 +01:00
Daniel Barlow
bb280c6d97
rename qemu example
2023-09-17 17:03:56 +01:00
Daniel Barlow
0f31afee2b
hellonet: set password for root
...
otherwise incoming ssh gets a bit fraught
2023-09-17 17:03:56 +01:00
Daniel Barlow
98c63e7498
hellonet: don't run ntp
...
it's a bit pointless when there's no connectivity to
any ntp server
2023-09-17 17:03:56 +01:00
Daniel Barlow
c6faf88dd1
doc WIP: build "hello net" example
2023-09-17 17:03:56 +01:00
Daniel Barlow
f7b30939b5
remove service-state when service exits
2023-09-13 22:49:00 +01:00
Daniel Barlow
92e107d77c
update acquire-delegated-prefix to use svc.events
2023-09-13 17:49:57 +01:00
Daniel Barlow
fa040a194c
acquire-wan-address remove boundness checking
...
if we're unbound then the script will be called with
empty ADDRESSES and so the usual case will handle this fine
by removing all the previosuly set addresses
2023-09-13 13:17:58 +01:00
Daniel Barlow
3bdb7754d3
replace var/each with accumulate
2023-09-12 20:55:08 +01:00
Daniel Barlow
8f97c5bf3c
anoia service :events method behaves as iterator
2023-09-12 20:46:52 +01:00
Daniel Barlow
7904c6bfe9
anoia users now need lfs
...
... and we need to figure out how to do transitive
dependencies, because this is not a great experience
2023-09-12 18:46:04 +01:00
Daniel Barlow
0a737c62cd
convert acquire-wan-address to writeFennel
...
this means we can get rid of the inelegant environent variable
check at the bottom of the file
2023-09-12 17:51:00 +01:00
Daniel Barlow
d49cbbb8ed
test for acquire-wan-address
2023-09-11 00:07:49 +01:00
Daniel Barlow
7683ed69de
acquire-wan-address uses parsed addresses from odhcp
2023-09-11 00:07:11 +01:00
Daniel Barlow
91e957ced7
static leases for rotuer
2023-09-04 23:07:13 +01:00
Daniel Barlow
a24c2a23a0
whitespace
2023-09-04 22:06:15 +01:00
Daniel Barlow
9e52faa0b6
remove unused imports
2023-09-04 22:05:42 +01:00
Daniel Barlow
3bdc986dd7
extract "mount filesystem" to module
2023-09-04 21:17:52 +01:00
Daniel Barlow
83092b7b73
add watchdog service
2023-09-02 17:28:40 +01:00
Daniel Barlow
6805e0090d
working down the TODOs
2023-09-01 17:57:22 +01:00
Daniel Barlow
7ad848cb77
add service to enable packet forwarding
...
might be worth looking into adding RA config to this
2023-09-01 17:34:47 +01:00
Daniel Barlow
ef666c34cd
use ssh service in examples
2023-09-01 17:32:53 +01:00
Daniel Barlow
d7336679c4
arhcive use ssh service instead of hand-rolling
2023-08-31 23:59:48 +01:00
Daniel Barlow
535eb70bb9
convert all route defns to module-based-service
2023-08-31 23:52:59 +01:00
Daniel Barlow
51ad051443
delete unneeded services.default
2023-08-31 23:52:03 +01:00
Daniel Barlow
3609d8d5ee
implement route as module-based-service
2023-08-31 23:24:23 +01:00
Daniel Barlow
e577caa15f
extneder: use bridge module
2023-08-31 18:29:45 +01:00
Daniel Barlow
333327be75
make a module for vlan
...
Acked-by: Daniel Barlow <<dan@telent.net>>
2023-08-30 23:26:44 +01:00
Daniel Barlow
aecbe08f08
add o+x permission on service-state directories
...
this is needed for resolvconf, which writes resolv.conf as
an output and wants to make it world-readable
2023-08-28 22:02:28 +01:00
Daniel Barlow
ff2d3e1a63
TODO comments
2023-08-28 22:02:28 +01:00
Daniel Barlow
8688d47c65
rotuer: create resolv.conf
2023-08-28 22:02:28 +01:00
Daniel Barlow
e86daf9bbc
default value for services.default
...
as a default default target, start all the services
2023-08-28 22:02:28 +01:00
Daniel Barlow
23ccfec5fb
update examples so they build again
2023-08-28 22:02:28 +01:00
Daniel Barlow
31f0213b6f
convert network link/address to module-based-service
...
... and make bridge use it.
We also had to convert bridge back into a pair of services.
Downstreams want to depend on the bridge it self being configured
even if not necessarily all the members are up. e.g. don't want
to break ssh on lan if there's a misconfigured wlan device
2023-08-28 22:02:28 +01:00
Daniel Barlow
540a1dfd76
remove interface.device
...
build-time uses can mostly be replaced with interface.name
for runtime uses, switch to $(output ${interface} name)
2023-08-28 22:02:28 +01:00
Daniel Barlow
6f92f8fa8b
merge bridge services into one
2023-08-16 23:29:53 +01:00
Daniel Barlow
3ea40f95dc
convert pppoe to serviceDefn
2023-08-10 22:53:45 +01:00
Daniel Barlow
2942c465b9
add ssh module
2023-08-10 22:53:21 +01:00
Daniel Barlow
2414dd4b55
convert ntp to serviceDefn
2023-08-05 14:16:54 +01:00
Daniel Barlow
93e04bb834
convert bridge service to serviceDefn
2023-08-05 14:10:14 +01:00
Daniel Barlow
f82501d278
update hostapd to "build" syntax
2023-08-05 12:21:18 +01:00
Daniel Barlow
90c1d59aca
convert firewall service to new serviceDefn
...
this is a bit kludgey with dependencies, need to
come back and look at that
2023-08-05 12:07:35 +01:00
Daniel Barlow
fbb2c04132
move module-based-service parameter types into service
...
This is in preparation for writing something that extracts them
into documentation.
user configurations now call config.system.service.foo.build { ...params }
instead of config.system.service.foo
the parameter type definitions themselves now move into the
config stanza of the module referencing the service
new helper function liminix.callService
The only service moved so far is dnsmasq
2023-08-04 20:39:29 +01:00
Daniel Barlow
9994c161d4
DRY up wireless config
2023-07-22 23:37:01 +01:00
Daniel Barlow
bf1d9beec1
add first version of ntp module
2023-07-22 23:25:25 +01:00
Daniel Barlow
4396afa97b
inline excessive lets
2023-07-20 12:05:36 +01:00
Daniel Barlow
9b70fd62f6
extract bridge to module-based services
2023-07-20 12:02:09 +01:00
Daniel Barlow
86e73317ee
alias config.system.service
2023-07-20 11:28:45 +01:00
Daniel Barlow
648ea5613b
use module-based-service for hostapd
2023-07-16 17:51:50 +01:00
Daniel Barlow
1117f98afc
remove redundant let
2023-07-16 17:51:50 +01:00
Daniel Barlow
d7f3e05063
turn nftables firewall into a service-providing module
2023-07-16 17:51:50 +01:00
Daniel Barlow
669af24247
make a module for dnsmasq
2023-07-14 23:18:21 +01:00
Daniel Barlow
c13defc891
rename modules/ppp.nix -> modules/ppp/default.nix
2023-07-14 21:08:33 +01:00
Daniel Barlow
69e6eb5a89
accept attr args to pppoe service, and typecheck them
...
We use (abuse, arguably) the nixos module system for typechecking. Un
the plus side, it gives us documentation of the options and their
expected types. On the downside, the error message doesn't tell us
the file in which the error was encountered.
(This is subject to change, if I can find a better way)
2023-07-14 16:53:36 +01:00
Daniel Barlow
9441f48819
new ppp module, used by rotuer
...
The objective here is that services which depend on global config
(e.g. kernel config or busybox options or static paths in the
filesystem) now live under config.system.service, and are added
to that collection by the module that defines the necessary state.
This is a first step: the services will be configured by a typechecked
attr set instead of the arbitrary arguments that
pkgs.liminix.networking.pppoe accepts
2023-07-13 19:44:14 +01:00
Daniel Barlow
2e50368bd2
rename config.outputs to config.system.outputs
...
New rules: everything under "config" that isn't actually configuration
(e.g. build products) will in future live in config.system. This is
the first step.
2023-07-13 19:24:59 +01:00
Daniel Barlow
7c06f30675
set ipv6 wan address to that provided by dhcpv6
2023-07-08 23:08:25 +01:00
Daniel Barlow
0c41e9305c
extract service output watcher to fennel module
2023-07-08 23:08:24 +01:00
Daniel Barlow
e7de889403
explain why all the examples are misspelled
2023-07-07 17:45:23 +01:00
Daniel Barlow
a12e5888e9
rotuer: remove hardcoded wan address
2023-07-05 20:34:30 +01:00
Daniel Barlow
2de4d7a8f9
fennel: extract some common functions into a shareable module
2023-07-05 20:23:27 +01:00
Daniel Barlow
41687e916d
rename luaSmall package to lua
2023-07-02 18:19:54 +01:00
Daniel Barlow
3900683413
simplify protocol for watchers of service output directories
...
Previously: the service wrote a timestamp and the receiver
read and parsed it to see if there was new data
Now: the service writes and removes a .lock file to prevent
the receiver reading partial data. The receiver is responsible
for remembering the *previous* state and only updating if it's changed
2023-07-02 12:09:13 +01:00
Daniel Barlow
5532144747
hardcode global wan address, temporarily
2023-07-01 12:50:06 +01:00
Daniel Barlow
9aa5ff6ed1
make a package for odhcpc-script
2023-06-30 20:02:03 +01:00
Daniel Barlow
b6e72504d6
ipv6 default route
...
needs to specify the ppp0 *peer* address not the local address
2023-06-30 10:17:33 +01:00
Daniel Barlow
5306b36181
ipv4 nat rules
2023-06-28 23:51:37 +01:00
Daniel Barlow
1f1164cc98
allow dhcp client on wan
2023-06-28 23:51:21 +01:00
Daniel Barlow
8affb151b5
rotuer: enable ipv6 forwarding
2023-06-28 22:31:01 +01:00
Daniel Barlow
a9848b9668
firewall: enable incoming ssh and dhcp6
2023-06-28 22:20:45 +01:00
Daniel Barlow
25eecabc6d
typo
2023-06-28 22:19:11 +01:00
Daniel Barlow
80b6f62896
comment-out example of allowed incoming
2023-06-27 22:33:24 +01:00
Daniel Barlow
64e0ef5931
use numeric proto number (tautology...) for HIP
2023-06-27 21:25:30 +01:00
Daniel Barlow
78d223a839
move nftables fib rule to the prerouting hook
2023-06-27 21:23:15 +01:00
Daniel Barlow
6101f3f3d8
load necessary kernel modules for firewall
2023-06-27 21:18:09 +01:00
Daniel Barlow
15be80e9de
remove dead config option
2023-06-22 17:46:57 +01:00
Daniel Barlow
26cb331d8b
remove dead config optiuon
2023-06-22 16:56:30 +01:00
Daniel Barlow
5e45817f98
example rotuer-secrets
2023-06-22 16:54:24 +01:00
Daniel Barlow
b002a94e07
rotuer: use firewallgen to make packet filter rules
2023-06-20 20:20:32 +01:00
Daniel Barlow
340f7211ef
remove unused packages
2023-06-20 20:13:59 +01:00
Daniel Barlow
a65bb9d585
improve file-exists? function
2023-06-18 17:41:09 +01:00
Daniel Barlow
3f4dbfcfd3
ipv6 prefix delegation for rotuer
...
much tidying needed, but it works
2023-05-31 23:29:05 +01:00
Daniel Barlow
d82173133c
odhcpc script: mkdir
2023-05-30 21:00:20 +01:00
Daniel Barlow
cb30ce52eb
rotuer: use writeFennelScript for odhcpc update script
2023-05-30 18:20:14 +01:00
Daniel Barlow
fa7e682e87
dhcp6c readiness notification
2023-05-26 18:36:44 +01:00
Daniel Barlow
447f068569
partly support getting IPv6 addresses
...
- gets interface id from ppp
- runs odhcpc to get RA and prefix delegation
- doesn't do anything useful with the data yet
2023-05-24 23:01:50 +01:00
Daniel Barlow
0173a9ced9
set PATH correctly in ssh sessions
...
for a non=interactive shell ("ssh linminix foo") ash does not source
*any* startup files, so we need to set this to something more useful
than /bin:usr/bin
2023-05-21 17:07:19 +01:00
Daniel Barlow
a48d51ffdc
keep dropbear host keys in /persist if it exists
2023-05-21 12:01:42 +01:00
Daniel Barlow
f249c12bec
cruft
2023-05-20 22:48:30 +01:00
Daniel Barlow
eadd982a79
rotuer: set hostname
2023-05-20 22:34:57 +01:00
Daniel Barlow
b0a0fdcfcc
add "standard" module, which includes flashimage kexec & jffs2
...
most systems need most of these, so it makes writing the docs a
lot easier
2023-05-17 15:38:22 +01:00
Daniel Barlow
6d6dbe1cbb
tftpboot: allow padding image with freeSpaceBytes
...
this is useful for writable filesystems so that there's more than
an erase block of space to write into
2023-04-26 22:15:19 +01:00
Daniel Barlow
6adab44fcf
rotuer; run chronyd for accurate time
2023-04-23 20:56:20 +01:00
Daniel Barlow
4342d3403f
make rotuer example build again
2023-04-23 20:56:20 +01:00
Daniel Barlow
fe99abc450
shrink rsync
...
remove openssl requirement, it uses it for "optimised assembly
versions" of md5 - but only on x86/arm/sparc not mips anyway
2023-04-10 22:57:50 +01:00