Compare commits
7 Commits
master
...
nixos-23.0
Author | SHA1 | Date |
---|---|---|
Astro | f076089053 | |
Astro | d7ef05fa64 | |
Astro | f55cb13ecf | |
Astro | 1caffb4f0f | |
Astro | 7cf95cd2f0 | |
Astro | 2ee8f7a5cc | |
Astro | bb7460ff83 |
|
@ -280,7 +280,7 @@
|
|||
ap9.wifi."platform/qca953x_wmac".ssids."Herzzbuehne".psk = "encrypted";
|
||||
};
|
||||
|
||||
site.dyndnsKey = "SECRET";
|
||||
site.dyndnsKey = "oYmxXCIa0nArp0679L6v+y/UfnhripOudLv+R5Cop8I=";
|
||||
|
||||
site.vpn.wireguard = {
|
||||
privateKey = "wPNXY4ED3Jz3Kz0KOmvfQOou6/wHrgqSsykaMYrtb28=";
|
||||
|
|
22
flake.lock
22
flake.lock
|
@ -2,16 +2,16 @@
|
|||
"nodes": {
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1681490924,
|
||||
"narHash": "sha256-6WrkhmG0pI09VqeYWRLxEgNlVeWdnM5at6vm0w4prBk=",
|
||||
"lastModified": 1685912674,
|
||||
"narHash": "sha256-9iRV7ZxZO13MXEBZvWTak9OTddkit66qbbDtroqV4X4=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "781df3d2de37ace250ba3c2731606c0b6bee465b",
|
||||
"rev": "18388d019974e90a035bdb938a8a3ca3c0408db9",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "release-22.11",
|
||||
"ref": "release-23.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -19,11 +19,11 @@
|
|||
"openwrt": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1681412046,
|
||||
"narHash": "sha256-mW4B/9GVminuxC0EM6WeQ9soqBy2k8INjhpT+mrnIow=",
|
||||
"lastModified": 1685795498,
|
||||
"narHash": "sha256-DZS2L/646UDQjXKVYL5wuqoYXQ1cc/9M7fy5lXQ5/Gw=",
|
||||
"ref": "openwrt-22.03",
|
||||
"rev": "9af29da281213108cd861ed77b0416bf6eda0aaf",
|
||||
"revCount": 54587,
|
||||
"rev": "171b51519206b5e66ebd01d322f41d790976ce87",
|
||||
"revCount": 54629,
|
||||
"type": "git",
|
||||
"url": "https://git.openwrt.org/openwrt/openwrt.git"
|
||||
},
|
||||
|
@ -40,11 +40,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1681468707,
|
||||
"narHash": "sha256-aD+74KowPjyxWP+bIqmZZaIHe5WxEhoXOSF+qOOCwPg=",
|
||||
"lastModified": 1685874260,
|
||||
"narHash": "sha256-rem5LdqVtunLJZ+lXvwAJCMFucJmT+kaXoTOIbGelXg=",
|
||||
"owner": "astro",
|
||||
"repo": "nix-openwrt-imagebuilder",
|
||||
"rev": "b3d1f398472452ea288ce2d8dbf20d6115bf1c64",
|
||||
"rev": "b5901ec9361152f1f588445d1b3f06239ea4b86c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
description = "Zentralwerk network";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/release-22.11";
|
||||
nixpkgs.url = "github:NixOS/nixpkgs/release-23.05";
|
||||
openwrt = {
|
||||
url = "git+https://git.openwrt.org/openwrt/openwrt.git?ref=openwrt-22.03";
|
||||
flake = false;
|
||||
|
|
|
@ -6,18 +6,11 @@
|
|||
(modulesPath + "/virtualisation/lxc-container.nix")
|
||||
];
|
||||
|
||||
boot = {
|
||||
isContainer = true;
|
||||
loader = {
|
||||
initScript.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc."machine-id".text =
|
||||
builtins.substring 0 8 (
|
||||
builtins.hashString "sha256" config.networking.hostName
|
||||
);
|
||||
|
||||
|
||||
nix = {
|
||||
settings = {
|
||||
sandbox = false;
|
||||
|
|
|
@ -26,7 +26,7 @@ in lib.mkIf (pppoeInterfaces != {}) {
|
|||
enable = true;
|
||||
autostart = true;
|
||||
config = ''
|
||||
plugin rp-pppoe.so
|
||||
plugin pppoe.so
|
||||
nic-${upstream.link}
|
||||
ifname ${ifName}
|
||||
# Login settings. (PAP)
|
||||
|
@ -39,11 +39,11 @@ in lib.mkIf (pppoeInterfaces != {}) {
|
|||
maxfail 0
|
||||
# Seconds between reconnection attempts
|
||||
holdoff 1
|
||||
|
||||
|
||||
# LCP settings.
|
||||
lcp-echo-interval 5
|
||||
lcp-echo-failure 6
|
||||
|
||||
|
||||
# PPPoE compliant settings.
|
||||
noaccomp
|
||||
default-asyncmap
|
||||
|
|
|
@ -7,9 +7,9 @@
|
|||
# Prevents automatic creation of interface bond0 by the kernel
|
||||
"bonding.max_bonds=0"
|
||||
];
|
||||
boot.tmpOnTmpfs = true;
|
||||
boot.tmp.useTmpfs = true;
|
||||
# Includes wireguard
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
boot.kernelPackages = pkgs.zfsUnstable.latestCompatibleLinuxPackages;
|
||||
# Keep building
|
||||
boot.zfs.enableUnstable = true;
|
||||
|
||||
|
@ -35,8 +35,8 @@
|
|||
};
|
||||
|
||||
documentation = {
|
||||
enable = false;
|
||||
nixos.enable = false;
|
||||
enable = lib.mkForce false;
|
||||
nixos.enable = lib.mkForce false;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
ipmitool
|
||||
];
|
||||
services.openssh.enable = true;
|
||||
services.openssh.permitRootLogin = "prohibit-password";
|
||||
services.openssh.settings.PermitRootLogin = "prohibit-password";
|
||||
|
||||
# additional config for bare metal
|
||||
services.collectd = {
|
||||
|
|
|
@ -14,6 +14,10 @@ let
|
|||
shortenNetName = name:
|
||||
if builtins.match "priv(.*)" name != null
|
||||
then "p" + builtins.substring 4 9 name
|
||||
else if name == "coloradio"
|
||||
then "cr"
|
||||
else if name == "coloradio-gw"
|
||||
then "cr-gw"
|
||||
else name;
|
||||
|
||||
checkIfname = ifname: let
|
||||
|
@ -248,6 +252,8 @@ in
|
|||
Restart = "always";
|
||||
RestartSec = "1s";
|
||||
};
|
||||
# Prevent restart on host nixos-rebuild switch
|
||||
restartIfChanged = false;
|
||||
};
|
||||
|
||||
# Starts all the containers after boot
|
||||
|
|
Loading…
Reference in New Issue