kitten.sh / system
Personal Nix setup
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Add ppp router config

Phil Pluckthun e8352a8a bd7668a4

+90 -8
+4 -4
machines/ramune/configuration.nix
··· 16 16 enable = true; 17 17 ipv6 = true; 18 18 upnp.enable = true; 19 + ppp = { 20 + enable = true; 21 + mtu = 1500; 22 + }; 19 23 interfaces = { 20 24 external = { 21 25 name = "extern0"; ··· 40 44 automation = { 41 45 enable = true; 42 46 mqtt.enable = true; 43 - zigbee = { 44 - enable = true; 45 - serialPort = "/dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_fcea8ceb8612ec11ab4e23c7bd930c07-if00-port0"; 46 - }; 47 47 homebridge.enable = true; 48 48 }; 49 49 server = {
+5
modules/router/encrypt/pppoe-options.age
··· 1 + age-encryption.org/v1 2 + -> ssh-ed25519 QwbpPw O0VMlg5Kz330g8eYHFFLoCdZT9j7/9NlxNrdkWmvHAI 3 + D9vFm/fpPtXdURgflHBTgHPRPsUO5JnVYWkoNRhex1U 4 + --- NdYkkGJK0MYa6qy2MkuHZQ/UD0RkDww3ghvO2olTwyU 5 + $��5f�� ~�"�!����8�;O���]���)0���{E�*�5C�D�fC/���j_?�ǢG,��\�2q^V��n�����
+79 -4
modules/router/network.nix
··· 1 - { lib, config, ... } @ inputs: 1 + { lib, pkgs, config, ... } @ inputs: 2 2 3 3 with lib; 4 4 let ··· 41 41 }; 42 42 }; 43 43 44 + pppType = types.submodule { 45 + options = { 46 + enable = mkOption { 47 + default = false; 48 + example = true; 49 + description = "Whether to enable PPPoE"; 50 + type = types.bool; 51 + }; 52 + mtu = mkOption { 53 + default = null; 54 + type = types.nullOr types.int; 55 + }; 56 + }; 57 + }; 58 + 59 + ppp = cfg.ppp; 44 60 extern = cfg.interfaces.external; 45 61 intern = cfg.interfaces.internal; 46 62 in { ··· 76 92 type = types.listOf leaseType; 77 93 description = "List of reserved IP address leases"; 78 94 }; 95 + ppp = mkOption { 96 + default = { }; 97 + type = pppType; 98 + }; 79 99 }; 80 100 81 101 config = let 82 102 links = { 83 103 "10-${extern.name}" = { 84 104 matchConfig.PermanentMACAddress = extern.macAddress; 85 - linkConfig = { 105 + linkConfig = if ppp.enable then { 106 + Description = "PPPoE Network Interface"; 107 + Name = "wan"; 108 + MACAddress = extern.adoptMacAddress; 109 + MTUBytes = mkIf (ppp.mtu != null) (toString (ppp.mtu + 8)); 110 + } else { 86 111 Description = "External Network Interface"; 87 112 Name = extern.name; 88 113 MACAddress = extern.adoptMacAddress; 89 114 MTUBytes = "1500"; 90 115 }; 91 116 }; 92 - } // (optionalAttrs (intern != null) { 117 + } // (optionalAttrs ppp.enable { 118 + "10-ppp" = { 119 + matchConfig.Type = "ppp"; 120 + linkConfig = { 121 + Description = "External Network Interface"; 122 + Name = extern.name; 123 + }; 124 + }; 125 + }) // (optionalAttrs (intern != null) { 93 126 "11-${intern.name}" = { 94 127 matchConfig.PermanentMACAddress = intern.macAddress; 95 128 linkConfig = { ··· 132 165 "10-${extern.name}" = { 133 166 name = extern.name; 134 167 networkConfig = { 135 - DHCP = if cfg.ipv6 then "yes" else "ipv4"; 168 + DHCP = if ppp.enable 169 + then if cfg.ipv6 then "ipv6" else "no" 170 + else if cfg.ipv6 then "yes" else "ipv4"; 136 171 IPv4Forwarding = true; 137 172 IPv6Forwarding = true; 138 173 IPv6AcceptRA = mkIf cfg.ipv6 true; 174 + LinkLocalAddressing = mkIf cfg.ipv6 "ipv6"; 175 + KeepConfiguration = mkIf ppp.enable "static"; 176 + DefaultRouteOnDevice = mkIf ppp.enable true; 139 177 }; 140 178 cakeConfig = { 141 179 Parent = "root"; ··· 147 185 }; 148 186 dhcpV6Config = mkIf cfg.ipv6 { 149 187 WithoutRA = "solicit"; 188 + UseNTP = true; 150 189 UseDNS = false; 151 190 UseDomains = false; 152 191 UseAddress = false; ··· 155 194 }; 156 195 dhcpPrefixDelegationConfig = mkIf cfg.ipv6 { 157 196 UplinkInterface = ":self"; 197 + SubnetId = 0; 158 198 Announce = false; 159 199 }; 160 200 ipv6AcceptRAConfig = mkIf cfg.ipv6 { 161 201 UseDNS = false; 162 202 UseDomains = false; 203 + UseMTU = false; 204 + UseOnLinkPrefix = false; 163 205 DHCPv6Client = "always"; 164 206 Token = mkIf (extern.adoptMacAddress != null) "static:::${extern.adoptMacAddress}"; 165 207 }; 208 + routes = optionals ppp.enable [ 209 + { Gateway = "::"; } 210 + ]; 166 211 }; 167 212 } // (optionalAttrs (intern != null) { 168 213 "11-${intern.name}" = { ··· 200 245 Announce = true; 201 246 }; 202 247 }; 248 + }) // (optionalAttrs ppp.enable { 249 + "10-ppp" = { 250 + name = "wan"; 251 + networkConfig.ConfigureWithoutCarrier = true; 252 + }; 203 253 }); 254 + }; 255 + 256 + services.pppd = mkIf ppp.enable { 257 + enable = true; 258 + peers.extern.config = '' 259 + plugin pppoe.so wan 260 + ifname ${extern.name} 261 + noipdefault 262 + defaultroute 263 + replacedefaultroute 264 + persist 265 + maxfail 0 266 + holdoff 5 267 + lcp-echo-adaptive 268 + default-asyncmap 269 + noaccomp 270 + file ${config.age.secrets.pppoe-options.path} 271 + ${optionalString cfg.ipv6 "+ipv6"} 272 + ${optionalString (ppp.mtu != null) "mtu ${toString ppp.mtu}"} 273 + ${optionalString (ppp.mtu != null) "mru ${toString ppp.mtu}"} 274 + ''; 275 + }; 276 + 277 + age.secrets.pppoe-options = mkIf ppp.enable { 278 + file = ./encrypt/pppoe-options.age; 204 279 }; 205 280 206 281 services.resolved = {
+2
secrets.nix
··· 11 11 "./modules/server/encrypt/tangled-knot-ssh.age".publicKeys = keys; 12 12 "./modules/server/encrypt/gitconfig.age".publicKeys = keys; 13 13 14 + "./modules/router/encrypt/pppoe-options.age".publicKeys = keys; 15 + 14 16 "./home/fonts/encrypt/DankMono-Regular.otf.age".publicKeys = keys; 15 17 "./home/fonts/encrypt/DankMono-Bold.otf.age".publicKeys = keys; 16 18 "./home/fonts/encrypt/DankMono-Italic.otf.age".publicKeys = keys;