Commit graph

158 commits

Author SHA1 Message Date
Daniel Barlow
10ab431d15 tftp addresses 2024-05-24 17:23:27 +02:00
Daniel Barlow
8b69dcc209 pass entire config fragment to levitate, not just services
to make it useful we need to be able to set packages, passwords, ssh
keys etc
2024-04-29 20:07:01 +01:00
Daniel Barlow
9b3a3b9ff7 add levitate to arhcive
this is largely untested
2024-04-28 21:38:13 +01:00
Daniel Barlow
7d08497bcb arhcive remove coldplug fudge 2024-04-28 21:37:30 +01:00
Daniel Barlow
adf62d4483 arhcive: make it work when disk is attached before boot
This is a bit of a kludge (a lot of a kludge) but it will
get it running whilt I work on something better
2024-04-17 18:49:30 +01:00
Daniel Barlow
00076c7b81 mount service: use uevent-watch 2024-04-17 12:59:13 +01:00
Daniel Barlow
721e7499f3 arhcive: use usb module instead of harcoded kconfig 2024-04-17 12:53:43 +01:00
Daniel Barlow
1a314e55b7 firewall module: provide default rules and merge extraRules
a firewall with no configuration will get a relatively sane ruleset. a
firewall with `extraRules` will get them deep merged into the default
rules.  Specifying `rules` will override the defaults
2024-03-21 12:00:34 +00:00
Daniel Barlow
9263b21faa create gateway profile by extracting from rotuer example 2024-03-21 10:04:42 +00:00
Daniel Barlow
0a820a702a extneder: delete nftables kernel config
don't need nftables on a bridge. (do we? hope not)
2024-03-20 19:05:31 +00:00
Daniel Barlow
4ea518e296 expose modulesPath to ease out-of-tree configuration.nix 2024-03-20 18:58:44 +00:00
Daniel Barlow
9d6e50cbbc extract extneder example to a "profile"
this is a bit of an experiment to reduce the copy-paste in
examples by turning them into "application" modules.

planning to follow up with another module for "wifi router"
2024-02-27 23:13:12 +00:00
Raito Bezarius
985f982435 examples/nwa50ax-ap: support bridge between lan and ethernet
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
3ec29dc1b9 examples/nwa50ax-ap: ensure mtdutils is available for further flashing
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
cdafff2095 examples/nwa50ax-ap: init
This is a quite comprehensive example using maximally the hardware
available to reach nice performance.

In the future, I will even add RADIUS examples.

Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Daniel Barlow
175db9f604 tail -F for rotuer 2024-02-16 18:30:24 +00:00
Daniel Barlow
a654577ac2 improve port-forwarding comment 2024-02-12 21:05:01 +00:00
Daniel Barlow
ae4856ea7c improve firewall comment 2024-02-12 13:56:56 +00:00
Daniel Barlow
11287a8436 allow lan dns queries (ipv6) 2024-02-11 23:32:46 +00:00
Daniel Barlow
57aece0709 rotuer: don't forward queries for local domain 2024-02-11 23:32:46 +00:00
Daniel Barlow
c1d285a220 rotuer: network debugging tools 2024-02-11 23:32:46 +00:00
Daniel Barlow
1206d02200 rotuer-secrets: remove root_password, add wifi ssid and domainName
this is step one towards getting rid of rotuer-secrets completely and
turning rotuer into a "profile" module that can be less hackily
customised for other people's networks
2024-02-11 15:56:14 +00:00
Daniel Barlow
7c196bf9b4 rotuer: make 5GHz wifi faster
VHT doesn't work unless HT is enabled, apparently
2024-02-11 15:38:19 +00:00
Daniel Barlow
aca3e11631 firewall: make ipv4 work 2024-02-08 23:15:48 +00:00
Daniel Barlow
87f6a31a06 improve firewall log format 2024-02-08 17:21:26 +00:00
Daniel Barlow
a9ea01428e firewall: don't drop in conntrack rule
as there are other rules following that might want to accept
2024-02-08 17:20:39 +00:00
Daniel Barlow
92b0bec038 rotuer: add schnapps and the rest of the lan interfaces 2024-02-07 23:48:10 +00:00
Daniel Barlow
efb29c5901 demo-firewall: add some rules for ipv4 2024-02-07 23:47:09 +00:00
Daniel Barlow
29e61be26c rotuer: get lan rfc1918 prefix from secrets 2024-02-07 23:46:16 +00:00
Daniel Barlow
49ec4a2961 installation instructions for Turris Omnia
feels like a milestone, or at least a big step towards one
2024-02-04 18:20:04 +00:00
Daniel Barlow
02cf2c6b80 add ssh keys in recovry image 2024-02-04 18:10:58 +00:00
Daniel Barlow
ef707de8b1 add extlinux in recovery example
this needlessly bloats the TFTP image, which is a shame, but is
needed for installing onto usb stick
2024-02-02 19:51:41 +00:00
Daniel Barlow
84ce618213 recovery: grow fs to partition size before starting sshd
sshd expects there to be space in /persist/secrets that it can
use to write host keys, but when we make ext4fs images we don't
put any free space in them
2024-01-28 11:30:19 +00:00
Daniel Barlow
dd8ec18881 restore boot.tftp.freeSpaceBytes 2024-01-26 22:46:36 +00:00
Daniel Barlow
1730cf07b1 bug workaround
If we set squashfs rootfsType, the image doesn't rebuild when
the kernel config is changed. Need to figure out why
2024-01-26 22:46:36 +00:00
Daniel Barlow
de51bfe13d default root device in recovery to sda1
It will probably work fine for USB-stick boot (except in the case
where there is > 1 usb device plugged in, so maybe don't do that)

It doesn't matter for TFTP boot because boot.scr overrides the root=
param anyway
2024-01-26 22:46:36 +00:00
Daniel Barlow
b09723345c don't put all of util-linux in recovery
it adds ~ 5MB to the image size
2024-01-26 22:46:36 +00:00
Daniel Barlow
c219350d7c add usb storage for turris omnia
ideally we would make this a module instead of compiling in
directly
2024-01-26 22:46:36 +00:00
Daniel Barlow
c1101d3af5 make extlinux work with liminix-rebuild
add /boot to the systemConfiguration closure
2024-01-08 18:58:07 +00:00
Daniel Barlow
228c0a1668 pass rootOptions config as rootflags= kernel cmdline opt 2024-01-08 18:54:49 +00:00
Daniel Barlow
3c941b4ce2 partial btrfs support
doesn't actually know how to make the filesystem, just
kernel config and accept it as a valid option
2024-01-07 16:43:43 +00:00
Daniel Barlow
243295aab8 recovery config for turris omnia 2024-01-07 14:58:46 +00:00
Daniel Barlow
55fa9992d4 WIP 2023-12-13 21:54:15 +00:00
Daniel Barlow
5eeb277564 move output module imports example -> device
The outputs available are a characteristic of the device, not
the example.
2023-12-10 16:38:53 +00:00
Daniel Barlow
c81e7c4d35 move all output modules to subdirectory, trash standard.nix
standard.nix isn't, is the essence here. Not all devices
support flashimage as it is currently defined - some
have diskimage, some have neither
2023-12-10 15:23:12 +00:00
Daniel Barlow
e2ea145ce5 wip 2023-11-26 22:43:56 +00:00
Daniel Barlow
27ce61ae4e add bootable config for Turris Omnia 2023-11-24 23:29:12 +00:00
Daniel Barlow
a0bd250963 switch from getty to root shell on console
this just makes things marginally simpler
2023-11-21 23:09:48 +00:00
Daniel Barlow
a896c4e31c rename wlan services for devices with > 1 radio
let's standardise on having 2.4GHz radio be "wlan", and
5GHz as "wlan5"
2023-10-07 22:28:57 +01:00
Daniel Barlow
3c483ebd9a set PARTITION_ADVANCED only in ramdisk module 2023-09-30 21:29:12 +01:00