4ea518e296
expose modulesPath to ease out-of-tree configuration.nix
2024-03-20 18:58:44 +00:00
9d6e50cbbc
extract extneder example to a "profile"
...
this is a bit of an experiment to reduce the copy-paste in
examples by turning them into "application" modules.
planning to follow up with another module for "wifi router"
2024-02-27 23:13:12 +00:00
Raito Bezarius
985f982435
examples/nwa50ax-ap: support bridge between lan and ethernet
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
3ec29dc1b9
examples/nwa50ax-ap: ensure mtdutils is available for further flashing
...
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
Raito Bezarius
cdafff2095
examples/nwa50ax-ap: init
...
This is a quite comprehensive example using maximally the hardware
available to reach nice performance.
In the future, I will even add RADIUS examples.
Signed-off-by: Raito Bezarius <masterancpp@gmail.com>
2024-02-19 02:48:50 +01:00
175db9f604
tail -F for rotuer
2024-02-16 18:30:24 +00:00
a654577ac2
improve port-forwarding comment
2024-02-12 21:05:01 +00:00
ae4856ea7c
improve firewall comment
2024-02-12 13:56:56 +00:00
11287a8436
allow lan dns queries (ipv6)
2024-02-11 23:32:46 +00:00
57aece0709
rotuer: don't forward queries for local domain
2024-02-11 23:32:46 +00:00
c1d285a220
rotuer: network debugging tools
2024-02-11 23:32:46 +00:00
1206d02200
rotuer-secrets: remove root_password, add wifi ssid and domainName
...
this is step one towards getting rid of rotuer-secrets completely and
turning rotuer into a "profile" module that can be less hackily
customised for other people's networks
2024-02-11 15:56:14 +00:00
7c196bf9b4
rotuer: make 5GHz wifi faster
...
VHT doesn't work unless HT is enabled, apparently
2024-02-11 15:38:19 +00:00
aca3e11631
firewall: make ipv4 work
2024-02-08 23:15:48 +00:00
87f6a31a06
improve firewall log format
2024-02-08 17:21:26 +00:00
a9ea01428e
firewall: don't drop in conntrack rule
...
as there are other rules following that might want to accept
2024-02-08 17:20:39 +00:00
92b0bec038
rotuer: add schnapps and the rest of the lan interfaces
2024-02-07 23:48:10 +00:00
efb29c5901
demo-firewall: add some rules for ipv4
2024-02-07 23:47:09 +00:00
29e61be26c
rotuer: get lan rfc1918 prefix from secrets
2024-02-07 23:46:16 +00:00
49ec4a2961
installation instructions for Turris Omnia
...
feels like a milestone, or at least a big step towards one
2024-02-04 18:20:04 +00:00
02cf2c6b80
add ssh keys in recovry image
2024-02-04 18:10:58 +00:00
ef707de8b1
add extlinux in recovery example
...
this needlessly bloats the TFTP image, which is a shame, but is
needed for installing onto usb stick
2024-02-02 19:51:41 +00:00
84ce618213
recovery: grow fs to partition size before starting sshd
...
sshd expects there to be space in /persist/secrets that it can
use to write host keys, but when we make ext4fs images we don't
put any free space in them
2024-01-28 11:30:19 +00:00
dd8ec18881
restore boot.tftp.freeSpaceBytes
2024-01-26 22:46:36 +00:00
1730cf07b1
bug workaround
...
If we set squashfs rootfsType, the image doesn't rebuild when
the kernel config is changed. Need to figure out why
2024-01-26 22:46:36 +00:00
de51bfe13d
default root device in recovery to sda1
...
It will probably work fine for USB-stick boot (except in the case
where there is > 1 usb device plugged in, so maybe don't do that)
It doesn't matter for TFTP boot because boot.scr overrides the root=
param anyway
2024-01-26 22:46:36 +00:00
b09723345c
don't put all of util-linux in recovery
...
it adds ~ 5MB to the image size
2024-01-26 22:46:36 +00:00
c219350d7c
add usb storage for turris omnia
...
ideally we would make this a module instead of compiling in
directly
2024-01-26 22:46:36 +00:00
c1101d3af5
make extlinux work with liminix-rebuild
...
add /boot to the systemConfiguration closure
2024-01-08 18:58:07 +00:00
228c0a1668
pass rootOptions config as rootflags= kernel cmdline opt
2024-01-08 18:54:49 +00:00
3c941b4ce2
partial btrfs support
...
doesn't actually know how to make the filesystem, just
kernel config and accept it as a valid option
2024-01-07 16:43:43 +00:00
243295aab8
recovery config for turris omnia
2024-01-07 14:58:46 +00:00
55fa9992d4
WIP
2023-12-13 21:54:15 +00:00
5eeb277564
move output module imports example -> device
...
The outputs available are a characteristic of the device, not
the example.
2023-12-10 16:38:53 +00:00
c81e7c4d35
move all output modules to subdirectory, trash standard.nix
...
standard.nix isn't, is the essence here. Not all devices
support flashimage as it is currently defined - some
have diskimage, some have neither
2023-12-10 15:23:12 +00:00
e2ea145ce5
wip
2023-11-26 22:43:56 +00:00
27ce61ae4e
add bootable config for Turris Omnia
2023-11-24 23:29:12 +00:00
a0bd250963
switch from getty to root shell on console
...
this just makes things marginally simpler
2023-11-21 23:09:48 +00:00
a896c4e31c
rename wlan services for devices with > 1 radio
...
let's standardise on having 2.4GHz radio be "wlan", and
5GHz as "wlan5"
2023-10-07 22:28:57 +01:00
3c483ebd9a
set PARTITION_ADVANCED only in ramdisk module
2023-09-30 21:29:12 +01:00
c59a228955
this is the dhcp6c service we want
2023-09-26 16:43:03 +01:00
1673a71831
WIP third example
2023-09-24 23:11:28 +01:00
56261f77b0
add example with real hardware
2023-09-17 17:03:56 +01:00
bb280c6d97
rename qemu example
2023-09-17 17:03:56 +01:00
0f31afee2b
hellonet: set password for root
...
otherwise incoming ssh gets a bit fraught
2023-09-17 17:03:56 +01:00
98c63e7498
hellonet: don't run ntp
...
it's a bit pointless when there's no connectivity to
any ntp server
2023-09-17 17:03:56 +01:00
c6faf88dd1
doc WIP: build "hello net" example
2023-09-17 17:03:56 +01:00
f7b30939b5
remove service-state when service exits
2023-09-13 22:49:00 +01:00
92e107d77c
update acquire-delegated-prefix to use svc.events
2023-09-13 17:49:57 +01:00
fa040a194c
acquire-wan-address remove boundness checking
...
if we're unbound then the script will be called with
empty ADDRESSES and so the usual case will handle this fine
by removing all the previosuly set addresses
2023-09-13 13:17:58 +01:00
3bdb7754d3
replace var/each with accumulate
2023-09-12 20:55:08 +01:00
8f97c5bf3c
anoia service :events method behaves as iterator
2023-09-12 20:46:52 +01:00
7904c6bfe9
anoia users now need lfs
...
... and we need to figure out how to do transitive
dependencies, because this is not a great experience
2023-09-12 18:46:04 +01:00
0a737c62cd
convert acquire-wan-address to writeFennel
...
this means we can get rid of the inelegant environent variable
check at the bottom of the file
2023-09-12 17:51:00 +01:00
d49cbbb8ed
test for acquire-wan-address
2023-09-11 00:07:49 +01:00
7683ed69de
acquire-wan-address uses parsed addresses from odhcp
2023-09-11 00:07:11 +01:00
91e957ced7
static leases for rotuer
2023-09-04 23:07:13 +01:00
a24c2a23a0
whitespace
2023-09-04 22:06:15 +01:00
9e52faa0b6
remove unused imports
2023-09-04 22:05:42 +01:00
3bdc986dd7
extract "mount filesystem" to module
2023-09-04 21:17:52 +01:00
83092b7b73
add watchdog service
2023-09-02 17:28:40 +01:00
6805e0090d
working down the TODOs
2023-09-01 17:57:22 +01:00
7ad848cb77
add service to enable packet forwarding
...
might be worth looking into adding RA config to this
2023-09-01 17:34:47 +01:00
ef666c34cd
use ssh service in examples
2023-09-01 17:32:53 +01:00
d7336679c4
arhcive use ssh service instead of hand-rolling
2023-08-31 23:59:48 +01:00
535eb70bb9
convert all route defns to module-based-service
2023-08-31 23:52:59 +01:00
51ad051443
delete unneeded services.default
2023-08-31 23:52:03 +01:00
3609d8d5ee
implement route as module-based-service
2023-08-31 23:24:23 +01:00
e577caa15f
extneder: use bridge module
2023-08-31 18:29:45 +01:00
333327be75
make a module for vlan
...
Acked-by: Daniel Barlow <<dan@telent.net>>
2023-08-30 23:26:44 +01:00
aecbe08f08
add o+x permission on service-state directories
...
this is needed for resolvconf, which writes resolv.conf as
an output and wants to make it world-readable
2023-08-28 22:02:28 +01:00
ff2d3e1a63
TODO comments
2023-08-28 22:02:28 +01:00
8688d47c65
rotuer: create resolv.conf
2023-08-28 22:02:28 +01:00
e86daf9bbc
default value for services.default
...
as a default default target, start all the services
2023-08-28 22:02:28 +01:00
23ccfec5fb
update examples so they build again
2023-08-28 22:02:28 +01:00
31f0213b6f
convert network link/address to module-based-service
...
... and make bridge use it.
We also had to convert bridge back into a pair of services.
Downstreams want to depend on the bridge it self being configured
even if not necessarily all the members are up. e.g. don't want
to break ssh on lan if there's a misconfigured wlan device
2023-08-28 22:02:28 +01:00
540a1dfd76
remove interface.device
...
build-time uses can mostly be replaced with interface.name
for runtime uses, switch to $(output ${interface} name)
2023-08-28 22:02:28 +01:00
6f92f8fa8b
merge bridge services into one
2023-08-16 23:29:53 +01:00
3ea40f95dc
convert pppoe to serviceDefn
2023-08-10 22:53:45 +01:00
2942c465b9
add ssh module
2023-08-10 22:53:21 +01:00
2414dd4b55
convert ntp to serviceDefn
2023-08-05 14:16:54 +01:00
93e04bb834
convert bridge service to serviceDefn
2023-08-05 14:10:14 +01:00
f82501d278
update hostapd to "build" syntax
2023-08-05 12:21:18 +01:00
90c1d59aca
convert firewall service to new serviceDefn
...
this is a bit kludgey with dependencies, need to
come back and look at that
2023-08-05 12:07:35 +01:00
fbb2c04132
move module-based-service parameter types into service
...
This is in preparation for writing something that extracts them
into documentation.
user configurations now call config.system.service.foo.build { ...params }
instead of config.system.service.foo
the parameter type definitions themselves now move into the
config stanza of the module referencing the service
new helper function liminix.callService
The only service moved so far is dnsmasq
2023-08-04 20:39:29 +01:00
9994c161d4
DRY up wireless config
2023-07-22 23:37:01 +01:00
bf1d9beec1
add first version of ntp module
2023-07-22 23:25:25 +01:00
4396afa97b
inline excessive lets
2023-07-20 12:05:36 +01:00
9b70fd62f6
extract bridge to module-based services
2023-07-20 12:02:09 +01:00
86e73317ee
alias config.system.service
2023-07-20 11:28:45 +01:00
648ea5613b
use module-based-service for hostapd
2023-07-16 17:51:50 +01:00
1117f98afc
remove redundant let
2023-07-16 17:51:50 +01:00
d7f3e05063
turn nftables firewall into a service-providing module
2023-07-16 17:51:50 +01:00
669af24247
make a module for dnsmasq
2023-07-14 23:18:21 +01:00
c13defc891
rename modules/ppp.nix -> modules/ppp/default.nix
2023-07-14 21:08:33 +01:00
69e6eb5a89
accept attr args to pppoe service, and typecheck them
...
We use (abuse, arguably) the nixos module system for typechecking. Un
the plus side, it gives us documentation of the options and their
expected types. On the downside, the error message doesn't tell us
the file in which the error was encountered.
(This is subject to change, if I can find a better way)
2023-07-14 16:53:36 +01:00
9441f48819
new ppp module, used by rotuer
...
The objective here is that services which depend on global config
(e.g. kernel config or busybox options or static paths in the
filesystem) now live under config.system.service, and are added
to that collection by the module that defines the necessary state.
This is a first step: the services will be configured by a typechecked
attr set instead of the arbitrary arguments that
pkgs.liminix.networking.pppoe accepts
2023-07-13 19:44:14 +01:00
2e50368bd2
rename config.outputs to config.system.outputs
...
New rules: everything under "config" that isn't actually configuration
(e.g. build products) will in future live in config.system. This is
the first step.
2023-07-13 19:24:59 +01:00
7c06f30675
set ipv6 wan address to that provided by dhcpv6
2023-07-08 23:08:25 +01:00
0c41e9305c
extract service output watcher to fennel module
2023-07-08 23:08:24 +01:00
