aboutsummaryrefslogtreecommitdiff
path: root/nixos/modules
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules')
-rw-r--r--nixos/modules/bcg.nix167
-rw-r--r--nixos/modules/default.nix1
-rw-r--r--nixos/modules/desktop.nix1
-rw-r--r--nixos/modules/develop.nix3
-rw-r--r--nixos/modules/router.nix10
-rw-r--r--nixos/modules/switch.nix6
-rw-r--r--nixos/modules/wifi-adm.nix36
-rw-r--r--nixos/modules/wifi-spt.nix16
-rw-r--r--nixos/modules/wireguad.nix66
9 files changed, 51 insertions, 255 deletions
diff --git a/nixos/modules/bcg.nix b/nixos/modules/bcg.nix
deleted file mode 100644
index 3146c15..0000000
--- a/nixos/modules/bcg.nix
+++ /dev/null
@@ -1,167 +0,0 @@
-{
- config,
- lib,
- pkgs,
- ...
-}:
-with lib; let
- cfg = config.services.bcg;
- configFile = (pkgs.formats.yaml {}).generate "bcg.conf.yaml" (
- filterAttrsRecursive (_: v: v != null) {
- inherit (cfg) device name mqtt;
- retain_node_messages = cfg.retainNodeMessages;
- qos_node_messages = cfg.qosNodeMessages;
- base_topic_prefix = cfg.baseTopicPrefix;
- automatic_remove_kit_from_names = cfg.automaticRemoveKitFromNames;
- automatic_rename_kit_nodes = cfg.automaticRenameKitNodes;
- automatic_rename_generic_nodes = cfg.automaticRenameGenericNodes;
- automatic_rename_nodes = cfg.automaticRenameNodes;
- }
- );
-in {
- options = {
- services.bcg = {
- enable = mkEnableOption "BigClown gateway";
- package = mkPackageOption pkgs ["python3Packages" "bcg"] {};
- environmentFiles = mkOption {
- type = types.listOf types.path;
- default = [];
- example = ["/run/keys/bcg.env"];
- description = ''
- File to load as environment file. Environment variables from this file
- will be interpolated into the config file using envsubst with this
- syntax: `$ENVIRONMENT` or `''${VARIABLE}`.
- This is useful to avoid putting secrets into the nix store.
- '';
- };
- verbose = mkOption {
- type = types.enum ["CRITICAL" "ERROR" "WARNING" "INFO" "DEBUG"];
- default = "WARNING";
- description = "Verbosity level.";
- };
- device = mkOption {
- type = types.str;
- description = "Device name to configure gateway to use.";
- };
- name = mkOption {
- type = with types; nullOr str;
- default = null;
- description = ''
- Name for the device.
-
- Supported variables:
- * `{ip}` IP address
- * `{id}` The ID of the connected usb-dongle or core-module
-
- `null` can be used for automatic detection from gateway firmware.
- '';
- };
- mqtt = {
- host = mkOption {
- type = types.str;
- default = "127.0.0.1";
- description = "Host where MQTT server is running.";
- };
- port = mkOption {
- type = types.port;
- default = 1883;
- description = "Port of MQTT server.";
- };
- username = mkOption {
- type = with types; nullOr str;
- default = null;
- description = "MQTT server access username.";
- };
- password = mkOption {
- type = with types; nullOr str;
- default = null;
- description = "MQTT server access password.";
- };
- cafile = mkOption {
- type = with types; nullOr str;
- default = null;
- description = "Certificate Authority file for MQTT server access.";
- };
- certfile = mkOption {
- type = with types; nullOr str;
- default = null;
- description = "Certificate file for MQTT server access.";
- };
- keyfile = mkOption {
- type = with types; nullOr str;
- default = null;
- description = "Key file for MQTT server access.";
- };
- };
- retainNodeMessages = mkOption {
- type = types.bool;
- default = false;
- description = "Specify that node messages should be retaied in MQTT broker.";
- };
- qosNodeMessages = mkOption {
- type = types.int;
- default = 1;
- description = "Set the guarantee of MQTT message delivery.";
- };
- baseTopicPrefix = mkOption {
- type = types.str;
- default = "";
- description = "Topic prefix added to all MQTT messages.";
- };
- automaticRemoveKitFromNames = mkOption {
- type = types.bool;
- default = true;
- description = "Automatically remove kits.";
- };
- automaticRenameKitNodes = mkOption {
- type = types.bool;
- default = true;
- description = "Automatically rename kit's nodes.";
- };
- automaticRenameGenericNodes = mkOption {
- type = types.bool;
- default = true;
- description = "Automatically rename generic nodes.";
- };
- automaticRenameNodes = mkOption {
- type = types.bool;
- default = true;
- description = "Automatically rename all nodes.";
- };
- rename = mkOption {
- type = with types; attrsOf str;
- default = {};
- description = "Rename nodes to different name.";
- };
- };
- };
-
- config = mkIf cfg.enable {
- environment.systemPackages = with pkgs; [
- python3Packages.bcg
- python3Packages.bch
- ];
-
- systemd.services.bcg = let
- envConfig = cfg.environmentFiles != [];
- finalConfig =
- if envConfig
- then "$RUNTIME_DIRECTORY/bcg.config.yaml"
- else configFile;
- in {
- description = "BigClown Gateway";
- wantedBy = ["multi-user.target"];
- wants = ["network-online.target"] ++ lib.optional config.services.mosquitto.enable "mosquitto.service";
- after = ["network-online.target"];
- preStart = ''
- umask 077
- ${pkgs.envsubst}/bin/envsubst -i "${configFile}" -o "${finalConfig}"
- '';
- serviceConfig = {
- EnvironmentFile = cfg.environmentFiles;
- ExecStart = "${cfg.package}/bin/bcg -c ${finalConfig} -v ${cfg.verbose}";
- RuntimeDirectory = "bcg";
- };
- };
- };
-}
diff --git a/nixos/modules/default.nix b/nixos/modules/default.nix
index 6bc0d70..d45cb0a 100644
--- a/nixos/modules/default.nix
+++ b/nixos/modules/default.nix
@@ -17,6 +17,5 @@ in
// {
default = {
imports = attrValues modules ++ default_modules;
- disabledModules = ["services/misc/bcg.nix"];
};
}
diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix
index 0c8f287..2b19b93 100644
--- a/nixos/modules/desktop.nix
+++ b/nixos/modules/desktop.nix
@@ -81,7 +81,6 @@ in {
exts.pass-otp
#exts.pass-audit
]))
- nextcloud-client
chromium
ferdium
diff --git a/nixos/modules/develop.nix b/nixos/modules/develop.nix
index a18c7ac..2a20527 100644
--- a/nixos/modules/develop.nix
+++ b/nixos/modules/develop.nix
@@ -61,6 +61,8 @@ in {
# C
clang-tools
+ massif-visualizer
+ qcachegrind
# Python
(python3.withPackages (pypkgs:
@@ -75,6 +77,7 @@ in {
mypy
scipy
+ statsmodels
sympy
pygraphviz
diff --git a/nixos/modules/router.nix b/nixos/modules/router.nix
index c8b1283..a658515 100644
--- a/nixos/modules/router.nix
+++ b/nixos/modules/router.nix
@@ -98,8 +98,8 @@ in {
matchConfig.Name = "brlan";
networkConfig.VLAN = ["home" "guest"];
bridgeVLANs = [
- {bridgeVLANConfig.VLAN = 1;}
- {bridgeVLANConfig.VLAN = 2;}
+ {VLAN = 1;}
+ {VLAN = 2;}
];
};
"home" = {
@@ -121,10 +121,8 @@ in {
};
dhcpServerStaticLeases =
mapAttrsToList (n: v: {
- dhcpServerStaticLeaseConfig = {
- MACAddress = n;
- Address = v;
- };
+ MACAddress = n;
+ Address = v;
})
cnf.staticLeases;
dhcpPrefixDelegationConfig = {
diff --git a/nixos/modules/switch.nix b/nixos/modules/switch.nix
index 37ac687..e74102a 100644
--- a/nixos/modules/switch.nix
+++ b/nixos/modules/switch.nix
@@ -42,10 +42,8 @@ in {
matchConfig.Name = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- PVID = 1;
- EgressUntagged = 1;
- };
+ PVID = 1;
+ EgressUntagged = 1;
}
];
networkConfig = {
diff --git a/nixos/modules/wifi-adm.nix b/nixos/modules/wifi-adm.nix
index 40210e7..1db730c 100644
--- a/nixos/modules/wifi-adm.nix
+++ b/nixos/modules/wifi-adm.nix
@@ -117,10 +117,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 1;
- PVID = 1;
- };
+ EgressUntagged = 1;
+ PVID = 1;
}
];
};
@@ -129,10 +127,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 2;
- PVID = 2;
- };
+ EgressUntagged = 2;
+ PVID = 2;
}
];
};
@@ -141,10 +137,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 2;
- PVID = 2;
- };
+ EgressUntagged = 2;
+ PVID = 2;
}
];
};
@@ -153,10 +147,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 1;
- PVID = 1;
- };
+ EgressUntagged = 1;
+ PVID = 1;
}
];
};
@@ -165,10 +157,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 2;
- PVID = 2;
- };
+ EgressUntagged = 2;
+ PVID = 2;
}
];
};
@@ -177,10 +167,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 2;
- PVID = 2;
- };
+ EgressUntagged = 2;
+ PVID = 2;
}
];
};
diff --git a/nixos/modules/wifi-spt.nix b/nixos/modules/wifi-spt.nix
index 669439d..2ecc3a3 100644
--- a/nixos/modules/wifi-spt.nix
+++ b/nixos/modules/wifi-spt.nix
@@ -130,10 +130,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 1;
- PVID = 1;
- };
+ EgressUntagged = 1;
+ PVID = 1;
}
];
};
@@ -142,10 +140,8 @@ in {
# networkConfig.Bridge = "brlan";
# bridgeVLANs = [
# {
- # bridgeVLANConfig = {
# EgressUntagged = 2;
# PVID = 2;
- # };
# }
# ];
#};
@@ -159,10 +155,8 @@ in {
networkConfig.Bridge = "brlan";
bridgeVLANs = [
{
- bridgeVLANConfig = {
- EgressUntagged = 1;
- PVID = 1;
- };
+ EgressUntagged = 1;
+ PVID = 1;
}
];
};
@@ -171,10 +165,8 @@ in {
# networkConfig.Bridge = "brlan";
# bridgeVLANs = [
# {
- # bridgeVLANConfig = {
# EgressUntagged = 2;
# PVID = 2;
- # };
# }
# ];
#};
diff --git a/nixos/modules/wireguad.nix b/nixos/modules/wireguad.nix
index eb25a6e..69e1ccd 100644
--- a/nixos/modules/wireguad.nix
+++ b/nixos/modules/wireguad.nix
@@ -29,27 +29,21 @@ in {
};
wireguardPeers =
[
- {
- wireguardPeerConfig =
- {
- Endpoint = "cynerd.cz:51820";
- AllowedIPs = ["0.0.0.0/0"];
- PublicKey = config.secrets.wireguardPubs.lipwig;
- }
- // (optionalAttrs (!is_endpoint) {PersistentKeepalive = 25;});
- }
- {
- wireguardPeerConfig =
- {
- Endpoint = "spt.cynerd.cz:51820";
- AllowedIPs = [
- "${config.cynerd.hosts.wg.spt-omnia}/32"
- "10.8.2.0/24"
- ];
- PublicKey = config.secrets.wireguardPubs.spt-omnia;
- }
- // (optionalAttrs (!is_endpoint) {PersistentKeepalive = 25;});
- }
+ ({
+ Endpoint = "cynerd.cz:51820";
+ AllowedIPs = ["0.0.0.0/0"];
+ PublicKey = config.secrets.wireguardPubs.lipwig;
+ }
+ // (optionalAttrs (!is_endpoint) {PersistentKeepalive = 25;}))
+ ({
+ Endpoint = "spt.cynerd.cz:51820";
+ AllowedIPs = [
+ "${config.cynerd.hosts.wg.spt-omnia}/32"
+ "10.8.2.0/24"
+ ];
+ PublicKey = config.secrets.wireguardPubs.spt-omnia;
+ }
+ // (optionalAttrs (!is_endpoint) {PersistentKeepalive = 25;}))
#{
# wireguardPeerConfig =
# {
@@ -64,10 +58,8 @@ in {
#}
]
++ (optionals is_endpoint (mapAttrsToList (n: v: {
- wireguardPeerConfig = {
- AllowedIPs = "${config.cynerd.hosts.wg."${n}"}/32";
- PublicKey = v;
- };
+ AllowedIPs = "${config.cynerd.hosts.wg."${n}"}/32";
+ PublicKey = v;
}) (filterAttrs (n: _: all (v: v != n) endpoints) config.secrets.wireguardPubs)));
};
networks."wg" = {
@@ -82,27 +74,21 @@ in {
routes =
(optional (hostName != "lipwig") {
# OpenVPN network
- routeConfig = {
- Gateway = config.cynerd.hosts.wg.lipwig;
- Destination = "10.8.0.0/24";
- Metric = 2048;
- };
+ Gateway = config.cynerd.hosts.wg.lipwig;
+ Destination = "10.8.0.0/24";
+ Metric = 2048;
})
++ (optional (hostName != "spt-omnia") {
# SPT network
- routeConfig = {
- Gateway = config.cynerd.hosts.wg.spt-omnia;
- Destination = "10.8.2.0/24";
- Metric = 2048;
- };
+ Gateway = config.cynerd.hosts.wg.spt-omnia;
+ Destination = "10.8.2.0/24";
+ Metric = 2048;
})
++ (optional (hostName != "adm-omnia" && hostName != "lipwig") {
# Adamkovi network
- routeConfig = {
- Gateway = config.cynerd.hosts.wg.adm-omnia;
- Destination = "10.8.3.0/24";
- Metric = 2048;
- };
+ Gateway = config.cynerd.hosts.wg.adm-omnia;
+ Destination = "10.8.3.0/24";
+ Metric = 2048;
});
};
};
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 14:26:34 +0000