openwrt-images: add uci-config
This commit is contained in:
parent
8acc5bcb59
commit
1854ec5819
|
@ -77,68 +77,17 @@ let
|
||||||
'') (builtins.attrValues rootfs-packages)}
|
'') (builtins.attrValues rootfs-packages)}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
openwrt = import ./openwrt { inherit self nixpkgs system openwrt-imagebuilder; };
|
||||||
|
|
||||||
openwrt-images = builtins.foldl' (images: hostName:
|
openwrt-images = builtins.foldl' (images: hostName:
|
||||||
let
|
let
|
||||||
inherit (config.site.hosts.${hostName}) model;
|
image = openwrt.buildImage hostName;
|
||||||
matches = (openwrt-imagebuilder.lib.profiles {
|
|
||||||
inherit pkgs;
|
|
||||||
}).identifyProfiles model;
|
|
||||||
fallbackProfile =
|
|
||||||
if model == "dir-615-d"
|
|
||||||
then (openwrt-imagebuilder.lib.profiles {
|
|
||||||
inherit pkgs;
|
|
||||||
release = "19.07.10";
|
|
||||||
}).identifyProfile model
|
|
||||||
else if builtins.match "tl-wr.*" model != null
|
|
||||||
then {
|
|
||||||
release = "18.06.9";
|
|
||||||
packagesArch = "mips_24kc";
|
|
||||||
target = "ar71xx";
|
|
||||||
variant = "tiny";
|
|
||||||
profile = model;
|
|
||||||
sha256 = "109a2557gwmgib7r500qn9ygd8j4r4cv5jl5rpn9vczsm4ilkc1z";
|
|
||||||
feedsSha256 = {
|
|
||||||
base = "0xklqsk6d5d6bai0ry2hzfjr4sycf6241ihv8v1lmmf9r7d47cr1";
|
|
||||||
packages = "05g048saibh304ndnlczyq92b1c67c3cqvbhdamw1xqbsp6jzifp";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
else null;
|
|
||||||
build = args:
|
|
||||||
openwrt-imagebuilder.lib.build (args // {
|
|
||||||
extraImageName = "zw-${hostName}";
|
|
||||||
packages = [
|
|
||||||
# remove unused default .ipk
|
|
||||||
"-dnsmasq" "-ppp" "-ppp-mod-pppoe" "-odhcp6c" "-odhcpd-ipv6only"
|
|
||||||
# debugging
|
|
||||||
"tcpdump"
|
|
||||||
# monitoring
|
|
||||||
"collectd" "collectd-mod-interface" "collectd-mod-load"
|
|
||||||
"collectd-mod-cpu" "collectd-mod-iwinfo" "collectd-mod-network"
|
|
||||||
];
|
|
||||||
disabledServices = [ "dnsmasq" "uhttpd" ];
|
|
||||||
# TODO: files
|
|
||||||
});
|
|
||||||
in
|
in
|
||||||
if matches == [] && fallbackProfile != null
|
if image != null
|
||||||
then images // {
|
then images // {
|
||||||
"${hostName}-image" = build fallbackProfile;
|
"${hostName}-image" = image;
|
||||||
}
|
}
|
||||||
else if matches == []
|
else images
|
||||||
then builtins.trace "${hostName} (${model}) not supported by OpenWRT"
|
|
||||||
images
|
|
||||||
else if builtins.length matches == 1
|
|
||||||
then
|
|
||||||
images // {
|
|
||||||
"${hostName}-image" = build (
|
|
||||||
builtins.elemAt matches 0
|
|
||||||
);
|
|
||||||
}
|
|
||||||
else builtins.trace "${hostName} (${model}) has multiple models!"
|
|
||||||
images // {
|
|
||||||
"${hostName}-image" = build (
|
|
||||||
builtins.elemAt matches 0
|
|
||||||
);
|
|
||||||
}
|
|
||||||
) {} (
|
) {} (
|
||||||
builtins.attrNames (
|
builtins.attrNames (
|
||||||
nixpkgs.lib.filterAttrs (_: { role, ... }: role == "ap")
|
nixpkgs.lib.filterAttrs (_: { role, ... }: role == "ap")
|
||||||
|
@ -147,7 +96,7 @@ let
|
||||||
);
|
);
|
||||||
|
|
||||||
device-templates = import ./device-templates.nix {
|
device-templates = import ./device-templates.nix {
|
||||||
inherit self nixpkgs system;
|
inherit self nixpkgs system openwrt;
|
||||||
};
|
};
|
||||||
|
|
||||||
dns-slaves = import ./dns-slaves.nix {
|
dns-slaves = import ./dns-slaves.nix {
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ self, nixpkgs, system }:
|
{ self, nixpkgs, system, openwrt }:
|
||||||
with nixpkgs.lib;
|
with nixpkgs.lib;
|
||||||
let
|
let
|
||||||
pkgs = nixpkgs.legacyPackages.${system};
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
|
@ -12,7 +12,7 @@ let
|
||||||
inherit self hostName config hostConfig pkgs;
|
inherit self hostName config hostConfig pkgs;
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
ap = import ./ap.nix args;
|
ap = openwrt.sshScript hostName;
|
||||||
switch = import (./switches + "/${model}.nix")
|
switch = import (./switches + "/${model}.nix")
|
||||||
(args //
|
(args //
|
||||||
import ./switches/shared.nix args
|
import ./switches/shared.nix args
|
||||||
|
|
|
@ -0,0 +1,86 @@
|
||||||
|
{ self, nixpkgs, system, openwrt-imagebuilder }:
|
||||||
|
|
||||||
|
let
|
||||||
|
inherit (self.lib) config;
|
||||||
|
pkgs = nixpkgs.legacyPackages.${system};
|
||||||
|
uciConfig = hostName: import ./uci-config.nix { inherit self pkgs hostName; };
|
||||||
|
in
|
||||||
|
{
|
||||||
|
sshScript = hostName: ''
|
||||||
|
#! ${pkgs.runtimeShell} -e
|
||||||
|
|
||||||
|
${if config.site.hosts.${hostName}.firstboot
|
||||||
|
then ''
|
||||||
|
ssh-keygen -R 192.168.1.1
|
||||||
|
ssh root@192.168.1.1 \
|
||||||
|
"ash -e -x" <<__SSH__
|
||||||
|
'' else ''
|
||||||
|
ssh root@${config.site.net.mgmt.hosts4.${hostName}} \
|
||||||
|
"ash -e -x" <<__SSH__
|
||||||
|
${uciConfig hostName}
|
||||||
|
__SSH__
|
||||||
|
|
||||||
|
echo "Base configuration done \\o/"
|
||||||
|
echo "Later run: ap_install_collectd.sh ${config.site.net.mgmt.hosts4.${hostName}}"
|
||||||
|
''}
|
||||||
|
'';
|
||||||
|
|
||||||
|
buildImage = hostName:
|
||||||
|
let
|
||||||
|
inherit (config.site.hosts.${hostName}) model;
|
||||||
|
matches = (openwrt-imagebuilder.lib.profiles {
|
||||||
|
inherit pkgs;
|
||||||
|
}).identifyProfiles model;
|
||||||
|
fallbackProfile =
|
||||||
|
if model == "dir-615-d"
|
||||||
|
then (openwrt-imagebuilder.lib.profiles {
|
||||||
|
inherit pkgs;
|
||||||
|
release = "19.07.10";
|
||||||
|
}).identifyProfile model
|
||||||
|
else if builtins.match "tl-wr.*" model != null
|
||||||
|
then {
|
||||||
|
release = "18.06.9";
|
||||||
|
packagesArch = "mips_24kc";
|
||||||
|
target = "ar71xx";
|
||||||
|
variant = "tiny";
|
||||||
|
profile = model;
|
||||||
|
sha256 = "109a2557gwmgib7r500qn9ygd8j4r4cv5jl5rpn9vczsm4ilkc1z";
|
||||||
|
feedsSha256 = {
|
||||||
|
base = "0xklqsk6d5d6bai0ry2hzfjr4sycf6241ihv8v1lmmf9r7d47cr1";
|
||||||
|
packages = "05g048saibh304ndnlczyq92b1c67c3cqvbhdamw1xqbsp6jzifp";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
else null;
|
||||||
|
build = args:
|
||||||
|
openwrt-imagebuilder.lib.build (args // {
|
||||||
|
extraImageName = "zw-${hostName}";
|
||||||
|
packages = [
|
||||||
|
# remove unused default .ipk
|
||||||
|
"-dnsmasq" "-ppp" "-ppp-mod-pppoe" "-odhcp6c" "-odhcpd-ipv6only"
|
||||||
|
# debugging
|
||||||
|
"tcpdump"
|
||||||
|
# monitoring
|
||||||
|
"collectd" "collectd-mod-interface" "collectd-mod-load"
|
||||||
|
"collectd-mod-cpu" "collectd-mod-iwinfo" "collectd-mod-network"
|
||||||
|
];
|
||||||
|
disabledServices = [ "dnsmasq" "uhttpd" ];
|
||||||
|
files = pkgs.runCommandNoCC "image-files" {} ''
|
||||||
|
mkdir -p $out/etc/uci-defaults
|
||||||
|
cat > $out/etc/uci-defaults/99-zentralwerk <<EOF
|
||||||
|
${uciConfig hostName}
|
||||||
|
EOF
|
||||||
|
'';
|
||||||
|
});
|
||||||
|
in
|
||||||
|
if matches == [] && fallbackProfile != null
|
||||||
|
then build fallbackProfile
|
||||||
|
else if matches == []
|
||||||
|
then builtins.trace "${hostName} (${model}) not supported by OpenWRT"
|
||||||
|
null
|
||||||
|
else if builtins.length matches == 1
|
||||||
|
then build (builtins.elemAt matches 0)
|
||||||
|
else builtins.trace "${hostName} (${model}) has multiple models!" (
|
||||||
|
build (builtins.elemAt matches 0)
|
||||||
|
);
|
||||||
|
|
||||||
|
}
|
|
@ -1,7 +1,10 @@
|
||||||
{ self, pkgs, hostName, config, hostConfig, ... }:
|
{ self, pkgs, hostName }:
|
||||||
with pkgs;
|
with pkgs;
|
||||||
with lib;
|
with lib;
|
||||||
let
|
let
|
||||||
|
inherit (self.lib) config;
|
||||||
|
hostConfig = config.site.hosts.${hostName};
|
||||||
|
|
||||||
ports = self.lib.getOpenwrtPorts hostConfig.model;
|
ports = self.lib.getOpenwrtPorts hostConfig.model;
|
||||||
|
|
||||||
uciDeleteAll = key: ''
|
uciDeleteAll = key: ''
|
||||||
|
@ -26,7 +29,7 @@ let
|
||||||
then port.index
|
then port.index
|
||||||
else if port ? interface
|
else if port ? interface
|
||||||
then port.interface
|
then port.interface
|
||||||
else "How to identify port ${lib.generators.toPretty {} port}?";
|
else "How to identify port ${generators.toPretty {} port}?";
|
||||||
in result // {
|
in result // {
|
||||||
"${key}" = port;
|
"${key}" = port;
|
||||||
}
|
}
|
||||||
|
@ -38,7 +41,7 @@ let
|
||||||
then portByIndex.${index}.port
|
then portByIndex.${index}.port
|
||||||
else if portByIndex.${index} ? interface
|
else if portByIndex.${index} ? interface
|
||||||
then portByIndex.${index}.interface
|
then portByIndex.${index}.interface
|
||||||
else throw "${hostName}: What is port ${lib.generators.toPretty {} portByIndex.${index}.port}?"
|
else throw "${hostName}: What is port ${generators.toPretty {} portByIndex.${index}.port}?"
|
||||||
}"
|
}"
|
||||||
) (
|
) (
|
||||||
builtins.sort builtins.lessThan (
|
builtins.sort builtins.lessThan (
|
||||||
|
@ -118,7 +121,7 @@ let
|
||||||
else []
|
else []
|
||||||
) (builtins.attrValues openwrtModel.ports)
|
) (builtins.attrValues openwrtModel.ports)
|
||||||
++
|
++
|
||||||
lib.optionals (hostConfig.interfaces ? ${port} && vlan != null) [ "${port}.${toString vlan}" ]
|
optionals (hostConfig.interfaces ? ${port} && vlan != null) [ "${port}.${toString vlan}" ]
|
||||||
) ports
|
) ports
|
||||||
) (
|
) (
|
||||||
builtins.attrValues (
|
builtins.attrValues (
|
||||||
|
@ -129,19 +132,8 @@ let
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
in ''
|
in
|
||||||
#! ${pkgs.runtimeShell} -e
|
''
|
||||||
|
|
||||||
${if hostConfig.firstboot
|
|
||||||
then ''
|
|
||||||
ssh-keygen -R 192.168.1.1
|
|
||||||
ssh root@192.168.1.1 \
|
|
||||||
"ash -e -x" <<__SSH__
|
|
||||||
'' else ''
|
|
||||||
ssh root@${config.site.net.mgmt.hosts4.${hostName}} \
|
|
||||||
"ash -e -x" <<__SSH__
|
|
||||||
''}
|
|
||||||
|
|
||||||
# Set root password
|
# Set root password
|
||||||
echo -e '${hostConfig.password}\n${hostConfig.password}' | passwd
|
echo -e '${hostConfig.password}\n${hostConfig.password}' | passwd
|
||||||
|
|
||||||
|
@ -186,11 +178,11 @@ in ''
|
||||||
uci set network.mgmt=interface
|
uci set network.mgmt=interface
|
||||||
uci set network.mgmt.ifname='${
|
uci set network.mgmt.ifname='${
|
||||||
if builtins.length (networkInterfaces "mgmt") > 0
|
if builtins.length (networkInterfaces "mgmt") > 0
|
||||||
then lib.concatStringsSep " " (networkInterfaces "mgmt")
|
then concatStringsSep " " (networkInterfaces "mgmt")
|
||||||
else throw "${hostName}: No interface for mgmt"
|
else throw "${hostName}: No interface for mgmt"
|
||||||
}'
|
}'
|
||||||
uci set network.mgmt.proto=static
|
uci set network.mgmt.proto=static
|
||||||
${lib.optionalString (hostConfig.interfaces.mgmt.type == "bridge") ''
|
${optionalString (hostConfig.interfaces.mgmt.type == "bridge") ''
|
||||||
uci set network.mgmt.type=bridge
|
uci set network.mgmt.type=bridge
|
||||||
''}
|
''}
|
||||||
uci set network.mgmt.ipaddr=${config.site.net.mgmt.hosts4.${hostName}}
|
uci set network.mgmt.ipaddr=${config.site.net.mgmt.hosts4.${hostName}}
|
||||||
|
@ -205,7 +197,7 @@ in ''
|
||||||
uci -q delete network.globals.ula_prefix || true
|
uci -q delete network.globals.ula_prefix || true
|
||||||
# delete unused networks
|
# delete unused networks
|
||||||
${concatMapStrings (net:
|
${concatMapStrings (net:
|
||||||
lib.optionalString (! hostConfig.interfaces ? ${net}) ''
|
optionalString (! hostConfig.interfaces ? ${net}) ''
|
||||||
uci -q delete network.${net} || true
|
uci -q delete network.${net} || true
|
||||||
''
|
''
|
||||||
) ([ "lan" "wan" "wan6" ] ++ builtins.attrNames config.site.net)}
|
) ([ "lan" "wan" "wan6" ] ++ builtins.attrNames config.site.net)}
|
||||||
|
@ -216,22 +208,22 @@ in ''
|
||||||
iface = hostConfig.interfaces.${net};
|
iface = hostConfig.interfaces.${net};
|
||||||
in optionalString (net != "mgmt" && builtins.elem iface.type ["bridge" "phys"]) ''
|
in optionalString (net != "mgmt" && builtins.elem iface.type ["bridge" "phys"]) ''
|
||||||
uci set network.${net}=interface
|
uci set network.${net}=interface
|
||||||
${lib.optionalString (iface.type == "bridge") ''
|
${optionalString (iface.type == "bridge") ''
|
||||||
uci set network.${net}.type=bridge
|
uci set network.${net}.type=bridge
|
||||||
''}
|
''}
|
||||||
uci set network.${net}.proto=static
|
uci set network.${net}.proto=static
|
||||||
uci set network.${net}.ifname='${concatStringsSep " " (networkInterfaces net)}'
|
uci set network.${net}.ifname='${concatStringsSep " " (networkInterfaces net)}'
|
||||||
${lib.optionalString (config.site.net.${net}.mtu != null) ''
|
${optionalString (config.site.net.${net}.mtu != null) ''
|
||||||
uci set network.${net}.mtu=${toString config.site.net.${net}.mtu}
|
uci set network.${net}.mtu=${toString config.site.net.${net}.mtu}
|
||||||
''}
|
''}
|
||||||
|
|
||||||
|
|
||||||
${lib.optionalString (config.site.net.${net}.hosts4 ? ${hostName}) ''
|
${optionalString (config.site.net.${net}.hosts4 ? ${hostName}) ''
|
||||||
# address in net
|
# address in net
|
||||||
uci set network.${net}.ipaddr=${config.site.net.${net}.hosts4.${hostName}}
|
uci set network.${net}.ipaddr=${config.site.net.${net}.hosts4.${hostName}}
|
||||||
uci set network.${net}.netmask=${self.lib.netmasks.${toString config.site.net.${net}.subnet4Len}}
|
uci set network.${net}.netmask=${self.lib.netmasks.${toString config.site.net.${net}.subnet4Len}}
|
||||||
''}
|
''}
|
||||||
${lib.concatMapStrings (hosts6: lib.optionalString (hosts6 ? ${hostName}) ''
|
${concatMapStrings (hosts6: optionalString (hosts6 ? ${hostName}) ''
|
||||||
uci set network.${net}.ip6addr=${hosts6.${hostName}}/64
|
uci set network.${net}.ip6addr=${hosts6.${hostName}}/64
|
||||||
'') (builtins.attrValues config.site.net.${net}.hosts6)}
|
'') (builtins.attrValues config.site.net.${net}.hosts6)}
|
||||||
'') (builtins.attrNames hostConfig.interfaces)
|
'') (builtins.attrNames hostConfig.interfaces)
|
||||||
|
@ -298,7 +290,7 @@ in ''
|
||||||
|
|
||||||
uci commit
|
uci commit
|
||||||
|
|
||||||
${lib.optionalString hostConfig.wifiOnLink.enable ''
|
${optionalString hostConfig.wifiOnLink.enable ''
|
||||||
# Cronjob that makes sure WiFi is only visible when server with all
|
# Cronjob that makes sure WiFi is only visible when server with all
|
||||||
# the gateways is reachable
|
# the gateways is reachable
|
||||||
cat >/etc/crontabs/root <<__CRON__
|
cat >/etc/crontabs/root <<__CRON__
|
||||||
|
@ -338,10 +330,4 @@ in ''
|
||||||
rm -f /etc/rc.d/*\$svc
|
rm -f /etc/rc.d/*\$svc
|
||||||
/etc/init.d/\$svc stop || true
|
/etc/init.d/\$svc stop || true
|
||||||
done
|
done
|
||||||
|
|
||||||
${lib.optionalString hostConfig.firstboot "reboot"}
|
|
||||||
__SSH__
|
|
||||||
|
|
||||||
echo "Base configuration done \\o/"
|
|
||||||
echo "Later run: ap_install_collectd.sh ${config.site.net.mgmt.hosts4.${hostName}}"
|
|
||||||
''
|
''
|
Loading…
Reference in New Issue