summaryrefslogtreecommitdiffstats
path: root/lass/2configs/gg23.nix
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2023-09-09 19:42:08 +0200
committermakefu <github@syntax-fehler.de>2023-09-09 19:42:08 +0200
commit29d72c898d674d2c18fc0f4a76b5e623de0c3dfe (patch)
treefc4b0695c986a1cda6f1fbbbcbe716e203c54fa3 /lass/2configs/gg23.nix
parente157ffa72856e4378aa23b096b2efff233f3cb3d (diff)
parent083229d0211096daec08673f743ccc45b1d8a0ac (diff)
Merge remote-tracking branch 'lass/master'
Diffstat (limited to 'lass/2configs/gg23.nix')
-rw-r--r--lass/2configs/gg23.nix85
1 files changed, 0 insertions, 85 deletions
diff --git a/lass/2configs/gg23.nix b/lass/2configs/gg23.nix
deleted file mode 100644
index b35b0cb85..000000000
--- a/lass/2configs/gg23.nix
+++ /dev/null
@@ -1,85 +0,0 @@
-{ config, pkgs, ... }:
-with import <stockholm/lib>;
-
-{
- # ipv6 from vodafone is really really flaky
- boot.kernel.sysctl."net.ipv6.conf.et0.disable_ipv6" = 1;
- systemd.network.networks."50-et0" = {
- matchConfig.Name = "et0";
- DHCP = "ipv4";
- # dhcpV4Config.UseDNS = false;
- # dhcpV6Config.UseDNS = false;
- linkConfig = {
- RequiredForOnline = "routable";
- };
- networkConfig = {
- LinkLocalAddressing = "no";
- };
- # dhcpV6Config = {
- # PrefixDelegationHint = "::/60";
- # };
- # networkConfig = {
- # IPv6AcceptRA = true;
- # };
- # ipv6PrefixDelegationConfig = {
- # Managed = true;
- # };
- };
- boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
- systemd.network.networks."50-int0" = {
- name = "int0";
- address = [
- "10.42.0.1/24"
- ];
- networkConfig = {
- # IPForward = "yes";
- # IPMasquerade = "both";
- ConfigureWithoutCarrier = true;
- DHCPServer = "yes";
- # IPv6SendRA = "yes";
- # DHCPPrefixDelegation = "yes";
- };
- };
- networking.networkmanager.unmanaged = [ "int0" ];
- krebs.iptables.tables.filter.INPUT.rules = [
- { predicate = "-i int0"; target = "ACCEPT"; }
- ];
- krebs.iptables.tables.filter.FORWARD.rules = [
- { predicate = "-i int0"; target = "ACCEPT"; }
- { predicate = "-o int0"; target = "ACCEPT"; }
- { predicate = "-p ipv6-icmp"; target = "ACCEPT"; v4 = false; }
- ];
- krebs.iptables.tables.nat.PREROUTING.rules = mkBefore [
- { v6 = false; predicate = "-s 10.42.0.0/24"; target = "ACCEPT"; }
- ];
- krebs.iptables.tables.nat.POSTROUTING.rules = [
- { v6 = false; predicate = "-s 10.42.0.0/24"; target = "MASQUERADE"; }
- ];
-
- networking.domain = "gg23";
-
- networking.useHostResolvConf = false;
- services.resolved.extraConfig = ''
- DNSStubListener=no
- '';
- services.dnsmasq = {
- enable = true;
- resolveLocalQueries = false;
-
- extraConfig = ''
- local=/gg23/
- domain=gg23
- expand-hosts
- listen-address=10.42.0.1
- interface=int0
- '';
- };
-
- environment.systemPackages = [
- (pkgs.writers.writeDashBin "restart_router" ''
- ${pkgs.mosquitto}/bin/mosquitto_pub -h localhost -t 'cmnd/router/POWER' -u gg23 -P gg23-mqtt -m OFF
- sleep 2
- ${pkgs.mosquitto}/bin/mosquitto_pub -h localhost -t 'cmnd/router/POWER' -u gg23 -P gg23-mqtt -m ON
- '')
- ];
-}