network/nix/pkgs/openwrt/default.nix

{ self, nixpkgs, system, openwrt-imagebuilder }:

let
  inherit (self.lib) config;
  pkgs = nixpkgs.legacyPackages.${system};
  uciConfig = hostName: import ./uci-config.nix { inherit self pkgs hostName; };
in  
{
  sshScript = hostName: ''
    #! ${pkgs.runtimeShell} -e

    ${if config.site.hosts.${hostName}.firstboot
      then ''
        ssh-keygen -R 192.168.1.1
        ssh root@192.168.1.1 \
          "ash -e -x" <<__SSH__
      '' else ''
        ssh root@${config.site.net.mgmt.hosts4.${hostName}} \
          "ash -e -x" <<__SSH__
        ${uciConfig hostName}
        __SSH__

        echo "Base configuration done \\o/"
        echo "Later run: ap_install_collectd.sh ${config.site.net.mgmt.hosts4.${hostName}}"
      ''}
  '';

  buildImage = hostName:
    let
      inherit (config.site.hosts.${hostName}) model;
      matches = (openwrt-imagebuilder.lib.profiles {
        inherit pkgs;
      }).identifyProfiles model;
      fallbackProfile =
        if model == "dir-615-d"
        then (openwrt-imagebuilder.lib.profiles {
          inherit pkgs;
          release = "19.07.10";
        }).identifyProfile model
        else if builtins.match "tl-wr.*" model != null
        then {
          release = "18.06.9";
          packagesArch = "mips_24kc";
          target = "ar71xx";
          variant = "tiny";
          profile = model;
          sha256 = "109a2557gwmgib7r500qn9ygd8j4r4cv5jl5rpn9vczsm4ilkc1z";
          feedsSha256 = {
            base = "0xklqsk6d5d6bai0ry2hzfjr4sycf6241ihv8v1lmmf9r7d47cr1";
            packages = "05g048saibh304ndnlczyq92b1c67c3cqvbhdamw1xqbsp6jzifp";
          };
        }
        else null;
      build = args:
        openwrt-imagebuilder.lib.build (args // {
          extraImageName = "zw-${hostName}";
          packages = [
            # remove unused default .ipk
            "-dnsmasq" "-ppp" "-ppp-mod-pppoe" "-odhcp6c" "-odhcpd-ipv6only"
            # debugging
            "tcpdump"
            # monitoring
            "collectd" "collectd-mod-interface" "collectd-mod-load"
            "collectd-mod-cpu" "collectd-mod-iwinfo" "collectd-mod-network"
          ];
          disabledServices = [ "dnsmasq" "uhttpd" ];
          files = pkgs.runCommandNoCC "image-files" {} ''
            mkdir -p $out/etc/uci-defaults
            cat > $out/etc/uci-defaults/99-zentralwerk <<EOF
            ${uciConfig hostName}
            EOF
          '';
        });
    in
      if matches == [] && fallbackProfile != null
      then build fallbackProfile
      else if matches == []
      then builtins.trace "${hostName} (${model}) not supported by OpenWRT"
        null
      else if builtins.length matches == 1
      then build (builtins.elemAt matches 0)
      else builtins.trace "${hostName} (${model}) has multiple models!" (
        build (builtins.elemAt matches 0)
      );

}