summaryrefslogtreecommitdiff
path: root/hosts/vidhar/network/dsl.nix
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/vidhar/network/dsl.nix')
-rw-r--r--hosts/vidhar/network/dsl.nix217
1 files changed, 217 insertions, 0 deletions
diff --git a/hosts/vidhar/network/dsl.nix b/hosts/vidhar/network/dsl.nix
new file mode 100644
index 00000000..4f781422
--- /dev/null
+++ b/hosts/vidhar/network/dsl.nix
@@ -0,0 +1,217 @@
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6 pppInterface = config.networking.pppInterface;
7in {
8 options = {
9 networking.pppInterface = mkOption {
10 type = types.str;
11 default = "dsl";
12 };
13 };
14
15 config = {
16 networking.vlans = {
17 telekom = {
18 id = 7;
19 interface = "eno2";
20 };
21 };
22
23 services.pppd = {
24 enable = true;
25 peers.telekom.config = ''
26 nodefaultroute
27 ifname ${pppInterface}
28 lcp-echo-failure 1
29 lcp-echo-interval 1
30 maxfail 0
31 mtu 1492
32 mru 1492
33 plugin rp-pppoe.so
34 name telekom
35 user 002576900250551137425220#0001@t-online.de
36 telekom
37 debug
38 '';
39 };
40 systemd.services."pppd-telekom" = {
41 stopIfChanged = true;
42
43 serviceConfig = lib.mkForce {
44 Type = "notify";
45 PIDFile = "/run/pppd/${pppInterface}.pid";
46 ExecStart = "${lib.getBin pkgs.ppp}/sbin/pppd call telekom up_sdnotify nolog +ipv6";
47 Restart = "always";
48 RestartSec = 5;
49
50 RuntimeDirectory = "pppd";
51 RuntimeDirectoryPreserve = true;
52 };
53 };
54 sops.secrets."pap-secrets" = {
55 format = "binary";
56 sopsFile = ./pap-secrets;
57 path = "/etc/ppp/pap-secrets";
58 };
59
60 environment.etc = {
61 "ppp/ip-up" = {
62 text = ''
63 #!${pkgs.runtimeShell}
64 ${pkgs.iproute}/bin/ip route add default via "$5" dev "${pppInterface}" metric 512
65 '';
66 mode = "0555";
67 };
68 };
69
70 systemd.network.networks.${pppInterface} = {
71 matchConfig = {
72 Name = pppInterface;
73 };
74 dns = [ "::1" "127.0.0.1" ];
75 domains = [ "~." ];
76 networkConfig = {
77 LinkLocalAddressing = "no";
78 DNSSEC = true;
79 };
80 };
81
82 services.corerad = {
83 enable = true;
84 settings = {
85 interfaces = [
86 { name = pppInterface;
87 monitor = true;
88 verbose = true;
89 }
90 { name = "lan";
91 advertise = true;
92 verbose = true;
93 prefix = [{ prefix = "::/64"; }];
94 route = [{ prefix = "::/0"; }];
95 rdnss = [{ servers = ["::"]; }];
96 dnssl = [{ domain_names = ["yggdrasil"]; }];
97 }
98 ];
99
100 debug = {
101 address = "localhost:9430";
102 prometheus = true;
103 };
104 };
105 };
106 services.ndppd = {
107 enable = true;
108 proxies = {
109 ${pppInterface} = {
110 router = true;
111 rules.lan = {
112 method = "iface";
113 interface = "lan";
114 network = "::/0";
115 };
116 };
117 };
118 };
119 boot.kernel.sysctl = {
120 "net.ipv6.conf.all.forwarding" = true;
121 "net.ipv6.conf.default.forwarding" = true;
122 "net.ipv4.conf.all.forwarding" = true;
123 "net.ipv4.conf.default.forwarding" = true;
124
125 "net.core.rmem_max" = "4194304";
126 "net.core.wmem_max" = "4194304";
127 };
128 systemd.services."pppd-telekom" = {
129 bindsTo = [ "sys-subsystem-net-devices-telekom.device" ];
130 after = [ "sys-subsystem-net-devices-telekom.device" ];
131 };
132 systemd.services."dhcpcd-${pppInterface}" = {
133 wantedBy = [ "multi-user.target" "network-online.target" "pppd-telekom.service" ];
134 bindsTo = [ "pppd-telekom.service" "sys-subsystem-net-devices-${pppInterface}.device" ];
135 after = [ "pppd-telekom.service" "sys-subsystem-net-devices-${pppInterface}.device" ];
136 wants = [ "network.target" ];
137 before = [ "network-online.target" ];
138
139 path = with pkgs; [ dhcpcd nettools openresolv ];
140 unitConfig.ConditionCapability = "CAP_NET_ADMIN";
141
142 stopIfChanged = true;
143
144 preStart = ''
145 i=0
146
147 while [[ -z "$(${pkgs.iproute2}/bin/ip -6 addr show dev ${pppInterface} scope link)" ]]; do
148 ${pkgs.coreutils}/bin/sleep 0.1
149 i=$((i + 1))
150 if [[ "$i" -ge 10 ]]; then
151 exit 1
152 fi
153 done
154 '';
155
156 serviceConfig = let
157 dhcpcdConf = pkgs.writeText "dhcpcd.conf" ''
158 duid
159 vendorclassid
160 ipv6only
161
162 nooption domain_name_servers, domain_name, domain_search
163 option classless_static_routes
164 option interface_mtu
165
166 option host_name
167 option rapid_commit
168 require dhcp_server_identifier
169 slaac private
170
171 nohook resolv.conf
172 ipv6ra_autoconf
173 iaid 1195061668
174 ipv6rs # enable routing solicitation for WAN adapter
175 ia_pd 1 lan/0/64/0 # request a PD and assign it to the LAN
176
177 reboot 0
178
179 waitip 6
180 '';
181 in {
182 Type = "forking";
183 PIDFile = "/var/run/dhcpcd/${pppInterface}.pid";
184 RuntimeDirectory = "dhcpcd";
185 ExecStart = "@${pkgs.dhcpcd}/sbin/dhcpcd dhcpcd -q --config ${dhcpcdConf} ${pppInterface}";
186 ExecReload = "${pkgs.dhcpcd}/sbin/dhcpcd --rebind ${pppInterface}";
187 Restart = "always";
188 RestartSec = "5";
189 };
190 };
191 systemd.services.ndppd = {
192 wantedBy = [ "dhcpcd-${pppInterface}.service" ];
193 bindsTo = [ "dhcpcd-${pppInterface}.service" ];
194 after = [ "dhcpcd-${pppInterface}.service" ];
195
196 serviceConfig = {
197 Restart = "always";
198 RestartSec = "5";
199 };
200 };
201 systemd.services.corerad = {
202 wantedBy = [ "dhcpcd-${pppInterface}.service" ];
203 bindsTo = [ "dhcpcd-${pppInterface}.service" ];
204 after = [ "dhcpcd-${pppInterface}.service" ];
205
206 serviceConfig = {
207 Restart = lib.mkForce "always";
208 RestartSec = "5";
209 };
210 };
211 users.users.dhcpcd = {
212 isSystemUser = true;
213 group = "dhcpcd";
214 };
215 users.groups.dhcpcd = {};
216 };
217}