diff options
Diffstat (limited to 'os/kay/modules/network/ppp/default.nix')
| -rw-r--r-- | os/kay/modules/network/ppp/default.nix | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/os/kay/modules/network/ppp/default.nix b/os/kay/modules/network/ppp/default.nix new file mode 100644 index 0000000..43059b6 --- /dev/null +++ b/os/kay/modules/network/ppp/default.nix @@ -0,0 +1,74 @@ +{ config, pkgs, ... }: + +let + inetVlan = 1003; + wanInterface = "enp3s0"; + nameServer = [ + "1.0.0.1" + "1.1.1.1" + ]; +in +{ + sops.secrets = { + "ppp/chap-secrets".sopsFile = ./secrets.yaml; + "ppp/pap-secrets".sopsFile = ./secrets.yaml; + "ppp/username".sopsFile = ./secrets.yaml; + }; + + networking = { + tempAddresses = "disabled"; + vlans.wan = { + id = inetVlan; + interface = wanInterface; + }; + }; + + services = { + dnsmasq = { + enable = true; + settings = { + server = nameServer; + bind-interfaces = true; + }; + }; + + pppd = { + enable = true; + + config = '' + plugin pppoe.so + debug + + nic-wan + defaultroute + ipv6 ::1337, + noauth + + persist + lcp-echo-adaptive + lcp-echo-interval 1 + lcp-echo-failure 5 + ''; + + script."01-ipv6-ra" = { + type = "ip-up"; + runtimeInputs = [ pkgs.procps ]; + + text = '' + sysctl net.ipv6.conf.ppp0.accept_ra=2 + ''; + }; + + peers.keralavision = { + enable = true; + autostart = true; + configFile = config.sops.secrets."ppp/username".path; + }; + + secret = { + chap = config.sops.secrets."ppp/chap-secrets".path; + pap = config.sops.secrets."ppp/pap-secrets".path; + }; + }; + }; +} |