freifunk: doc
This commit is contained in:
parent
b163f350de
commit
6f16c99c38
|
@ -37,8 +37,12 @@ in {
|
|||
networking.firewall.enable = false;
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
# This doesn't really work, hence the `extraCommands`
|
||||
externalInterface = meshInterface;
|
||||
#internalInterfaces = [ "core" ];
|
||||
|
||||
# Setup routing into Freifunk,
|
||||
# masquerading anything that isn't already their IP range
|
||||
extraCommands = ''
|
||||
set +e
|
||||
${pkgs.iproute}/bin/ip rule add to 10.200.0.0/16 table bmx priority 300
|
||||
|
@ -47,17 +51,19 @@ in {
|
|||
set -e
|
||||
'';
|
||||
};
|
||||
# Configure rt_table name
|
||||
networking.iproute2 = {
|
||||
enable = true;
|
||||
rttablesExtraConfig = "${toString rt_table} bmx";
|
||||
};
|
||||
|
||||
# Required for krops
|
||||
# Required for krops: ssh git
|
||||
services.openssh.enable = true;
|
||||
environment.systemPackages = with pkgs; [ git tcpdump ];
|
||||
|
||||
systemd.network = {
|
||||
netdevs = {
|
||||
# Dummy interface for primary (10.200) address
|
||||
bmx_prime = {
|
||||
enable = true;
|
||||
netdevConfig = {
|
||||
|
@ -67,6 +73,7 @@ in {
|
|||
};
|
||||
};
|
||||
networks = {
|
||||
# Wired mesh interface
|
||||
"10-bmx" = {
|
||||
enable = true;
|
||||
matchConfig = { Name = meshInterface; };
|
||||
|
@ -77,6 +84,7 @@ in {
|
|||
};
|
||||
} ];
|
||||
};
|
||||
# Dummy interface for primary (10.200) address
|
||||
"11-bmx-loopback" = {
|
||||
enable = true;
|
||||
matchConfig = { Name = meshLoopback; };
|
||||
|
@ -87,22 +95,15 @@ in {
|
|||
};
|
||||
} ];
|
||||
};
|
||||
# ZW
|
||||
"20-core" = {
|
||||
enable = true;
|
||||
matchConfig = { Name = "core"; };
|
||||
addresses = [ {
|
||||
addressConfig = {
|
||||
Address = "${coreAddress}/${toString corePrefixlen}";
|
||||
};
|
||||
} {
|
||||
addressConfig = {
|
||||
Address = "2a02:8106:208:5281:8000::1/64";
|
||||
};
|
||||
} {
|
||||
addressConfig = {
|
||||
Address = "fd23:42:c3d2:581:8000::1/64";
|
||||
};
|
||||
} ];
|
||||
addresses = map (Address: { addressConfig = { inherit Address; }; }) [
|
||||
"${coreAddress}/${toString corePrefixlen}"
|
||||
"2a02:8106:208:5281:8000::1/64"
|
||||
"fd23:42:c3d2:581:8000::1/64"
|
||||
];
|
||||
routes = [ {
|
||||
routeConfig = {
|
||||
# upstream1
|
||||
|
@ -117,22 +118,25 @@ in {
|
|||
};
|
||||
};
|
||||
};
|
||||
# Freifunk Dresden routing daemon
|
||||
systemd.services.bmxd = {
|
||||
after = [ "systemd-networkd.service" ];
|
||||
wantedBy = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${bmxd}/sbin/bmxd \
|
||||
--rt_table_offset=${toString rt_table} \
|
||||
--no_fork 1 \
|
||||
--throw-rules 0 \
|
||||
--prio-rules 0 \
|
||||
dev=bmx_prime /linklayer 0 \
|
||||
dev=${meshInterface} /linklayer 1
|
||||
after = [ "systemd-networkd.service" ];
|
||||
wantedBy = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${bmxd}/sbin/bmxd \
|
||||
--rt_table_offset=${toString rt_table} \
|
||||
--no_fork 1 \
|
||||
--throw-rules 0 \
|
||||
--prio-rules 0 \
|
||||
dev=bmx_prime /linklayer 0 \
|
||||
dev=${meshInterface} /linklayer 1
|
||||
'';
|
||||
Restart = "always";
|
||||
};
|
||||
Restart = "always";
|
||||
};
|
||||
};
|
||||
|
||||
# Re-register periodically
|
||||
systemd.services.ddmesh-register-node = {
|
||||
script = ''
|
||||
${pkgs.curl}/bin/curl \
|
||||
|
@ -149,6 +153,8 @@ in {
|
|||
wantedBy = [ "timers.target" ];
|
||||
timerConfig.OnCalendar = "daily";
|
||||
};
|
||||
|
||||
# Refresh sysinfo.json
|
||||
systemd.services.sysinfo-json = {
|
||||
script = ''
|
||||
${sysinfo-json}/bin/bmxddump.sh
|
||||
|
@ -161,6 +167,7 @@ in {
|
|||
timerConfig.OnCalendar = "minutely";
|
||||
};
|
||||
|
||||
# Advertise Freifunk routes to ZW core
|
||||
services.bird2 = {
|
||||
enable = true;
|
||||
config = ''
|
||||
|
@ -209,6 +216,7 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
# HTTP Reverse Proxy to provide services into Freifunk
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
recommendedOptimisation = true;
|
||||
|
|
Loading…
Reference in New Issue