diff options
Diffstat (limited to 'hosts/kay')
| -rw-r--r-- | hosts/kay/modules/network.nix | 43 | ||||
| -rw-r--r-- | hosts/kay/modules/router.nix | 6 | ||||
| -rw-r--r-- | hosts/kay/modules/wireguard.nix | 4 | 
3 files changed, 27 insertions, 26 deletions
| diff --git a/hosts/kay/modules/network.nix b/hosts/kay/modules/network.nix index 12788c6..95832d8 100644 --- a/hosts/kay/modules/network.nix +++ b/hosts/kay/modules/network.nix @@ -3,14 +3,11 @@  let    inetVlan = 722;    wanInterface = "enp4s0"; -  domain = config.userdata.domain;    nameServer = "1.0.0.1"; +  domain = config.userdata.domain;  in  { -  imports = [ -    ./wireguard.nix -    ./router.nix -  ]; +  imports = [ ./router.nix ];    sops.secrets = {      "ppp/chap-secrets" = {}; @@ -20,7 +17,6 @@ in    };    networking = { -    enableIPv6 = false;      vlans.wan = {        id = inetVlan;        interface = wanInterface; @@ -33,34 +29,37 @@ in        settings.server = [ nameServer ];      };      pppd = { -      secret = { -        chap = config.sops.secrets."ppp/chap-secrets".path; -        pap = config.sops.secrets."ppp/pap-secrets".path; -      };        enable = true;        config = ''          plugin pppoe.so          nic-wan          defaultroute +        persist +        mtu 1380          noauth +        noipv6        ''; -      script."01-ddns" = { -      runtimeInputs = with pkgs; [ curl coreutils ]; -      text = '' -        wan_ip="$4" -        api_key="$(cat ${config.sops.secrets."misc/namecheap.com".path})" -        auth_url="https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password=''${api_key}&ip=" - -        until curl --silent "$auth_url$wan_ip"; do -            sleep 5 -        done -      ''; -      };        peers.bsnl = {          enable = true;          autostart = true;          configFile = config.sops.secrets."ppp/username".path;        }; +      secret = { +        chap = config.sops.secrets."ppp/chap-secrets".path; +        pap = config.sops.secrets."ppp/pap-secrets".path; +      }; +      script."01-ddns" = { +        runtimeInputs = with pkgs; [ curl coreutils ]; +        text = '' +          wan_ip="$4" +          api_key="$(cat ${config.sops.secrets."misc/namecheap.com".path})" +          auth_url="https://dynamicdns.park-your-domain.com/update?host=@&domain=${domain}&password=''${api_key}&ip=" + +          until curl --silent "$auth_url$wan_ip"; do +              sleep 5 +          done +        ''; +      };      };    };  } diff --git a/hosts/kay/modules/router.nix b/hosts/kay/modules/router.nix index cf748ce..cc9aaae 100644 --- a/hosts/kay/modules/router.nix +++ b/hosts/kay/modules/router.nix @@ -1,15 +1,17 @@  { ... }:  let -  lanInterface = "enp4s0"; +  lanInterface = "enp0s20u1";    wanInterface = "ppp0";    subnet = "10.0.0.0";    prefix = 24;    host = "10.0.0.1";    leaseRangeStart = "10.0.0.100"; -  leaseRangeEnd = "10.0.0.240"; +  leaseRangeEnd = "10.0.0.254";  in  { +  imports = [ ./wireguard.nix ]; +    networking = {      nat = {        enable = true; diff --git a/hosts/kay/modules/wireguard.nix b/hosts/kay/modules/wireguard.nix index efafdcb..af489ca 100644 --- a/hosts/kay/modules/wireguard.nix +++ b/hosts/kay/modules/wireguard.nix @@ -26,7 +26,7 @@ in      wireguard.interfaces.${wgInterface} = {        ips = [ "10.0.1.1/${toString prefix}" ];        listenPort = port; -      mtu = 1380; # 1460 (ppp0) - 80 +      mtu = 1300; # 1380 (ppp0) - 80        privateKeyFile = config.sops.secrets."misc/wireguard".path;        peers = [ @@ -34,7 +34,7 @@ in            publicKey = "IcMpAs/D0u8O/AcDBPC7pFUYSeFQXQpTqHpGOeVpjS8=";            allowedIPs = [ "10.0.1.2/32" ];          } -        { # veu +        { # vex            publicKey = "bJ9aqGYD2Jh4MtWIL7q3XxVHFuUdwGJwO8p7H3nNPj8=";            allowedIPs = [ "10.0.1.3/32" ];          } | 
