diff options
author | Dominique Martinet @ odin <asmadeus@codewreck.org> | 2020-09-03 14:22:16 +0200 |
---|---|---|
committer | Dominique Martinet @ odin <asmadeus@codewreck.org> | 2020-09-03 15:57:22 +0200 |
commit | aad9145963a6a9c554db40ebb3e719dbf4a468d2 (patch) | |
tree | 5799cf8c79b14bc22ec25161c8b30da6c2543ac0 | |
parent | 762101aa2713ee0f37e9c336026267cb302f0b24 (diff) |
odin: switch from server-router to client
-rw-r--r-- | machines/odin/network.nix | 61 | ||||
-rw-r--r-- | profiles/wireguard.nix | 2 |
2 files changed, 7 insertions, 56 deletions
diff --git a/machines/odin/network.nix b/machines/odin/network.nix index 15483c8..a7a4f7b 100644 --- a/machines/odin/network.nix +++ b/machines/odin/network.nix @@ -1,14 +1,12 @@ { config, lib, pkgs, ... }: -let - wpa_passphrase = lib.removeSuffix "\n" (lib.readFile "/etc/nixos/secrets/wpa_passphrase"); -in { +{ networking.hostId = "a91c1c49"; networking.hostName = "odin.codewreck.org"; networking.networkmanager = { enable = true; - unmanaged = [ "interface-name:wlp1s0_ap" "interface-name:wlp1s0" "interface-name:ppp0" "interface-name:wg0" ]; + unmanaged = [ "interface-name:wg0" ]; }; services.dnsmasq.enable = true; @@ -23,14 +21,7 @@ in { dhcp-host=52:54:00:ff:38:4e,f0,10.17.42.100 address=/f0/10.17.42.100 - dhcp-range=2001:910:1115::, ra-names - enable-ra - - # workaround: android doesn't like link-local RDNSS advertisement? - dhcp-option=option6:dns-server,[2001:910:1115::2] - - # DNS from ppp - resolv-file=/etc/ppp/resolv.conf + resolv-file=/var/run/NetworkManager/resolv.conf ''; services.dnsmasq.resolveLocalQueries = false; networking.nameservers = [ "127.0.0.1" ]; @@ -61,49 +52,9 @@ in { networking.nat = { enable = true; internalInterfaces = ["ve-+" "br0" ]; - externalInterface = "ppp0"; - }; - - services.hostapd = { - enable = true; - interface = "wlp1s0"; - ssid = "Foo"; - hwMode = "g"; - channel = 9; - wpa = false; # done in extraconfig - extraConfig = '' - country_code=FR - #max_num_sta=4 - - #ime_enabled=1 - ieee80211n=1 - ieee80211d=1 - wmm_enabled=1 - ht_capab=[HT40+][SHORT-GI-20][SHORT-GI-40][DSSS_CCK-40] - - wpa=2 - auth_algs=1 - - rsn_pairwise=CCMP - wpa_key_mgmt=WPA-PSK - wpa_passphrase=${wpa_passphrase} - - bridge=br0 - ''; - }; - - systemd.services.pppd = { - description = "pppd client"; - path = [ pkgs.ppp ]; - after = [ "network.target" ]; - serviceConfig = { - Type = "simple"; - ExecStart = "${pkgs.ppp}/bin/pppd"; - Restart = "always"; - RestartSec = "5s"; - StartLimitInterval = "0"; - }; - wantedBy = [ "default.target" ]; + externalInterface = "wlp1s0"; }; + # firmware for iwlwifi + hardware.enableRedistributableFirmware = true; } diff --git a/profiles/wireguard.nix b/profiles/wireguard.nix index 370abf7..84d73a7 100644 --- a/profiles/wireguard.nix +++ b/profiles/wireguard.nix @@ -11,9 +11,9 @@ odin = { ip = "fd13:537e:dbbf:1210::2"; allowedIPs = [ "fd13:537e:dbbf:1211::/64" "10.17.42.0/24" ]; - endpoint = "gaia.codewreck.org"; listenPort = 51432; publicKey = "7YALjkbDv6iId1VHJu4uTgVAj41VvAoQfaiVChJdZQ8="; + keepalive = 55; }; fenrir = { ip = "fd13:537e:dbbf:1210::3"; |