7e2b0068e6
nixfmt-rfc-style
...
There is nothing in this commit except for the changes made by
nix-shell -p nixfmt-rfc-style --run "nixfmt ."
If this has mucked up your open branches then sorry about that. You
can probably nixfmt them to match before merging
2025-02-10 21:55:08 +00:00
2f9b0f12f9
switch uid
2025-01-05 12:57:51 +00:00
2e513eb4a7
example sni proxy using nginx
2024-12-29 23:34:15 +00:00
1347937345
rename file
2024-12-23 10:31:22 +00:00
7351e143c5
remove redundant sourcing of ${serviceFns}
...
this is done by the oneshot and longrun functions
2024-08-28 21:28:27 +01:00
fe7b092075
(untested) http basic auth for outboard secrets
2024-08-28 20:53:59 +01:00
c7164a6f4a
sshd can use outputRef for authorized_keys
2024-08-25 16:35:50 +01:00
1b4106e2a3
ssh-keys service, draft
2024-08-25 15:09:31 +01:00
9c30b6f882
change output references from attrset to lambda
...
this is so that we can distinguish a ref from a literal parameter that
might be a attrset
2024-08-23 22:25:57 +01:00
869a508c0a
add authorizedKeys option to ssh service
...
this has no apparent use as it stands, but opens the door to
having the keys managed by an external secrets service
2024-08-23 20:35:07 +01:00
daede666cb
in router-with-l2tp use secrets for ppp username/password
2024-08-21 00:17:53 +01:00
e2c883356c
add secrets-subscriber service, make hostapd use it
2024-08-15 23:00:41 +01:00
d79a941504
new package watch-outputs and example of its use
2024-08-14 22:58:17 +01:00
4fb8253e57
first pass at outboard secrets
...
- a module to fetch them with http(s)
- a service using templating to consume them
- update an example to use it
needs service restarts
needs other services to use the template mechanism
needs tidying up
2024-08-12 22:57:21 +01:00
2480fdef5b
set up nginx on bordervm for testing outboard secrets
2024-08-10 23:05:50 +01:00
9767078878
add the example used in the video
2024-08-08 19:24:58 +01:00
384835c89d
admin doc: updte round-robin, explain health check
2024-08-06 14:14:52 +01:00
c4d00e062a
add health check service and example that uses it
2024-07-30 22:37:43 +01:00
e1ae986cf6
convert l2tp example to use gateway profile
2024-07-23 09:31:34 +01:00
bce0c7ffb6
rename services.dhcpc in l2tp example
...
it's only used to get the address of the l2tp server, not for
name lookups in general
2024-07-23 09:31:34 +01:00
7f9cae9d5c
generalise profile.gateway.wan so not just pppoe
2024-07-23 09:31:34 +01:00
3012c91b47
executive decision: rotuer example should build on gl-ar750
2024-07-23 09:31:34 +01:00
1edf20c08f
fix whitespace
2024-07-23 09:31:34 +01:00
7195cb10ce
add structured config for common pppoe options
2024-07-23 09:31:34 +01:00
3899daee56
create a module for round-robin
2024-07-15 22:37:37 +01:00
75e9f8210c
remove the fixpoint we didn't need
2024-07-15 18:54:04 +01:00
73ae7788b9
rename wwan-related modules/services
...
we only currently support huawei e3372/cdc ncm so let's make that
explicit in the naming
2024-07-14 11:53:45 +01:00
941479b144
use round-robin failiover in l2tp example
2024-07-08 22:01:54 +01:00
8f0ab5be40
enable tail -F
2024-07-08 21:37:07 +01:00
3df1ec76ff
cleanup whitespace and commas
...
* [] is now [ ]
* {} is now { }
* commas in arglists go at end of line not beginning
In short, I ran the whole thing through nixfmt-rfc-style but only
accepted about 30% of its changes. I might grow accustomed to more
of it over time
2024-06-30 17:16:28 +01:00
e94bf62ec1
remove dead code (run deadnix)
2024-06-29 22:59:27 +01:00
d4d8093f97
working l2tp-over-wwan stick example
2024-06-20 10:15:54 +01:00
adc84108ad
Revert "wwan gets address from ppp ipcp not dhcp"
...
This reverts commit be13ab23ca
2024-06-15 15:04:33 +01:00
be13ab23ca
wwan gets address from ppp ipcp not dhcp
2024-06-12 12:51:07 +01:00
898958fa10
make a serviceDefn for wwan
2024-05-22 18:54:49 +01:00
71aeb27b2f
add hacky wwan service with hardcoding all over
2024-05-22 18:54:49 +01:00
530b4080c9
create cdc-ncm module
2024-05-22 18:54:49 +01:00
3a56798eb5
l2tp set default route via tunnel
2024-05-22 18:54:49 +01:00
73225a70b2
add rudimentary l2tp service module
2024-05-22 18:54:49 +01:00
b4068da9fe
tftp addresses
2024-05-22 18:45:35 +01:00
8b69dcc209
pass entire config fragment to levitate, not just services
...
to make it useful we need to be able to set packages, passwords, ssh
keys etc
2024-04-29 20:07:01 +01:00
9b3a3b9ff7
add levitate to arhcive
...
this is largely untested
2024-04-28 21:38:13 +01:00
7d08497bcb
arhcive remove coldplug fudge
2024-04-28 21:37:30 +01:00
adf62d4483
arhcive: make it work when disk is attached before boot
...
This is a bit of a kludge (a lot of a kludge) but it will
get it running whilt I work on something better
2024-04-17 18:49:30 +01:00
00076c7b81
mount service: use uevent-watch
2024-04-17 12:59:13 +01:00
721e7499f3
arhcive: use usb module instead of harcoded kconfig
2024-04-17 12:53:43 +01:00
1a314e55b7
firewall module: provide default rules and merge extraRules
...
a firewall with no configuration will get a relatively sane ruleset. a
firewall with `extraRules` will get them deep merged into the default
rules. Specifying `rules` will override the defaults
2024-03-21 12:00:34 +00:00
9263b21faa
create gateway profile by extracting from rotuer example
2024-03-21 10:04:42 +00:00
0a820a702a
extneder: delete nftables kernel config
...
don't need nftables on a bridge. (do we? hope not)
2024-03-20 19:05:31 +00:00
4ea518e296
expose modulesPath to ease out-of-tree configuration.nix
2024-03-20 18:58:44 +00:00
