From 00bf3446f1e2d7825ac67455b7782247bb34e2dd Mon Sep 17 00:00:00 2001 From: Daniel Barlow Date: Mon, 18 Mar 2024 20:58:34 +0000 Subject: [PATCH] add pppoe to gateway profile --- examples/rotuer.nix | 32 +++++++++++++++----------------- modules/profiles/gateway.nix | 25 +++++++++++++++++-------- 2 files changed, 32 insertions(+), 25 deletions(-) diff --git a/examples/rotuer.nix b/examples/rotuer.nix index 1e30282..b3f41df 100644 --- a/examples/rotuer.nix +++ b/examples/rotuer.nix @@ -52,6 +52,13 @@ in rec { family = "inet"; address ="${secrets.lan.prefix}.1"; prefixLength = 24; }; }; + wan = { + interface = config.hardware.networkInterfaces.wan; + username = secrets.l2tp.name; + password = secrets.l2tp.password; + dhcp6.enable = true; + }; + wireless.networks = { telent = { interface = config.hardware.networkInterfaces.wlan; @@ -104,23 +111,14 @@ in rec { domain = secrets.domainName; }; - services.wan = svc.pppoe.build { - interface = config.hardware.networkInterfaces.wan; - ppp-options = [ - "debug" "+ipv6" "noauth" - "name" secrets.l2tp.name - "password" secrets.l2tp.password - ]; - }; - services.resolvconf = oneshot rec { - dependencies = [ services.wan ]; + dependencies = [ config.services.wan ]; name = "resolvconf"; up = '' . ${serviceFns} ( in_outputs ${name} - echo "nameserver $(output ${services.wan} ns1)" > resolv.conf - echo "nameserver $(output ${services.wan} ns2)" >> resolv.conf + echo "nameserver $(output ${config.services.wan} ns1)" > resolv.conf + echo "nameserver $(output ${config.services.wan} ns2)" >> resolv.conf chmod 0444 resolv.conf ) ''; @@ -135,15 +133,15 @@ in rec { }; services.defaultroute4 = svc.network.route.build { - via = "$(output ${services.wan} address)"; + via = "$(output ${config.services.wan} address)"; target = "default"; - dependencies = [ services.wan ]; + dependencies = [ config.services.wan ]; }; services.defaultroute6 = svc.network.route.build { - via = "$(output ${services.wan} ipv6-peer-address)"; + via = "$(output ${config.services.wan} ipv6-peer-address)"; target = "default"; - interface = services.wan; + interface = config.services.wan; }; services.firewall = svc.firewall.build { @@ -156,7 +154,7 @@ in rec { services.dhcp6c = let client = svc.dhcp6c.client.build { - interface = services.wan; + interface = config.services.wan; }; in bundle { name = "dhcp6c"; diff --git a/modules/profiles/gateway.nix b/modules/profiles/gateway.nix index ce134d2..686f07d 100644 --- a/modules/profiles/gateway.nix +++ b/modules/profiles/gateway.nix @@ -36,6 +36,13 @@ in { type = types.attrs; }; }; + wan = { + interface = mkOption { type = liminix.lib.types.interface; }; + username = mkOption { type = types.str; }; + password = mkOption { type = types.str; }; + dhcp6.enable = mkOption { type = types.bool; }; + }; + wireless = mkOption { type = types.attrsOf types.anything; }; @@ -64,6 +71,16 @@ in { primary = config.services.int; members = cfg.lan.interfaces; }; + + services.wan = svc.pppoe.build { + interface = config.hardware.networkInterfaces.wan; + ppp-options = [ + "debug" "+ipv6" "noauth" + "name" cfg.wan.username + "password" cfg.wan.password + ]; + }; + }; # services.dns = @@ -87,14 +104,6 @@ in { # domain = secrets.domainName; # }; -# services.wan = svc.pppoe.build { -# interface = config.hardware.networkInterfaces.wan; -# ppp-options = [ -# "debug" "+ipv6" "noauth" -# "name" secrets.l2tp.name -# "password" secrets.l2tp.password -# ]; -# }; # services.resolvconf = oneshot rec { # dependencies = [ services.wan ];