1 files changed, 72 insertions, 0 deletions

diff --git a/os/kay/modules/network/default.nix b/os/kay/modules/network/default.nix
new file mode 100644
index 0000000..56371c7
--- /dev/null
+++ b/os/kay/modules/network/default.nix
@@ -0,0 +1,72 @@
+{ config, ... }:
+
+let
+  inetVlan = 1003;
+  wanInterface = "enp3s0";
+  nameServer = [
+    "1.0.0.1"
+    "1.1.1.1"
+  ];
+in
+{
+  imports = [
+    ./router.nix
+    ./hurricane.nix
+    ./wireguard.nix
+    ./headscale.nix
+  ];
+
+  sops.secrets = {
+    "ppp/chap-secrets" = { };
+    "ppp/pap-secrets" = { };
+    "ppp/username" = { };
+  };
+
+  networking = {
+    tempAddresses = "disabled";
+    vlans.wan = {
+      id = inetVlan;
+      interface = wanInterface;
+    };
+  };
+
+  services = {
+    dnsmasq = {
+      enable = true;
+      settings = {
+        server = nameServer;
+        bind-interfaces = true;
+      };
+    };
+
+    pppd = {
+      enable = true;
+
+      config = ''
+        plugin pppoe.so
+        debug
+
+        nic-wan
+        defaultroute
+        ipv6 ::1,
+        noauth
+
+        persist
+        lcp-echo-adaptive
+        lcp-echo-interval 1
+        lcp-echo-failure 5
+      '';
+
+      peers.keralavision = {
+        enable = true;
+        autostart = true;
+        configFile = config.sops.secrets."ppp/username".path;
+      };
+
+      secret = {
+        chap = config.sops.secrets."ppp/chap-secrets".path;
+        pap = config.sops.secrets."ppp/pap-secrets".path;
+      };
+    };
+  };
+}