diff options
author | makefu <github@syntax-fehler.de> | 2023-09-09 19:42:08 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2023-09-09 19:42:08 +0200 |
commit | 29d72c898d674d2c18fc0f4a76b5e623de0c3dfe (patch) | |
tree | fc4b0695c986a1cda6f1fbbbcbe716e203c54fa3 /lass/2configs/gg23.nix | |
parent | e157ffa72856e4378aa23b096b2efff233f3cb3d (diff) | |
parent | 083229d0211096daec08673f743ccc45b1d8a0ac (diff) |
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/2configs/gg23.nix')
-rw-r--r-- | lass/2configs/gg23.nix | 85 |
1 files changed, 0 insertions, 85 deletions
diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix deleted file mode 100644 index b35b0cb85..000000000 --- a/lass/2configs/gg23.nix +++ /dev/null @@ -1,85 +0,0 @@ -{ config, pkgs, ... }: -with import <stockholm/lib>; - -{ - # ipv6 from vodafone is really really flaky - boot.kernel.sysctl."net.ipv6.conf.et0.disable_ipv6" = 1; - systemd.network.networks."50-et0" = { - matchConfig.Name = "et0"; - DHCP = "ipv4"; - # dhcpV4Config.UseDNS = false; - # dhcpV6Config.UseDNS = false; - linkConfig = { - RequiredForOnline = "routable"; - }; - networkConfig = { - LinkLocalAddressing = "no"; - }; - # dhcpV6Config = { - # PrefixDelegationHint = "::/60"; - # }; - # networkConfig = { - # IPv6AcceptRA = true; - # }; - # ipv6PrefixDelegationConfig = { - # Managed = true; - # }; - }; - boot.kernel.sysctl."net.ipv4.ip_forward" = 1; - systemd.network.networks."50-int0" = { - name = "int0"; - address = [ - "10.42.0.1/24" - ]; - networkConfig = { - # IPForward = "yes"; - # IPMasquerade = "both"; - ConfigureWithoutCarrier = true; - DHCPServer = "yes"; - # IPv6SendRA = "yes"; - # DHCPPrefixDelegation = "yes"; - }; - }; - networking.networkmanager.unmanaged = [ "int0" ]; - krebs.iptables.tables.filter.INPUT.rules = [ - { predicate = "-i int0"; target = "ACCEPT"; } - ]; - krebs.iptables.tables.filter.FORWARD.rules = [ - { predicate = "-i int0"; target = "ACCEPT"; } - { predicate = "-o int0"; target = "ACCEPT"; } - { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; } - ]; - krebs.iptables.tables.nat.PREROUTING.rules = mkBefore [ - { v6 = false; predicate = "-s 10.42.0.0/24"; target = "ACCEPT"; } - ]; - krebs.iptables.tables.nat.POSTROUTING.rules = [ - { v6 = false; predicate = "-s 10.42.0.0/24"; target = "MASQUERADE"; } - ]; - - networking.domain = "gg23"; - - networking.useHostResolvConf = false; - services.resolved.extraConfig = '' - DNSStubListener=no - ''; - services.dnsmasq = { - enable = true; - resolveLocalQueries = false; - - extraConfig = '' - local=/gg23/ - domain=gg23 - expand-hosts - listen-address=10.42.0.1 - interface=int0 - ''; - }; - - environment.systemPackages = [ - (pkgs.writers.writeDashBin "restart_router" '' - ${pkgs.mosquitto}/bin/mosquitto_pub -h localhost -t 'cmnd/router/POWER' -u gg23 -P gg23-mqtt -m OFF - sleep 2 - ${pkgs.mosquitto}/bin/mosquitto_pub -h localhost -t 'cmnd/router/POWER' -u gg23 -P gg23-mqtt -m ON - '') - ]; -} |