2024-07-14 00:06:41 +02:00
|
|
|
{ config, pkgs, utils, ... }:
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
services.pppd = {
|
|
|
|
enable = true;
|
|
|
|
peers.dtagdsl = {
|
|
|
|
config = ''
|
|
|
|
plugin pppoe.so net-dsl
|
|
|
|
user "''${PPPD_DTAGDSL_USERNAME}"
|
|
|
|
ifname ppp-dtagdsl
|
|
|
|
persist
|
|
|
|
maxfail 0
|
|
|
|
holdoff 5
|
|
|
|
noipdefault
|
|
|
|
lcp-echo-interval 20
|
|
|
|
lcp-echo-failure 3
|
2024-08-13 12:46:02 +02:00
|
|
|
mtu 1492
|
2024-07-14 00:06:41 +02:00
|
|
|
hide-password
|
|
|
|
defaultroute
|
|
|
|
+ipv6
|
|
|
|
debug
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
environment.etc."ppp/peers/dtagdsl".enable = false;
|
|
|
|
|
2024-07-14 00:14:14 +02:00
|
|
|
systemd.services."pppd-dtagdsl".serviceConfig = let
|
|
|
|
preStart = ''
|
|
|
|
mkdir -p /etc/ppp/peers
|
|
|
|
|
|
|
|
# Created files only readable by root
|
|
|
|
umask u=rw,g=,o=
|
|
|
|
|
|
|
|
# Copy config and substitute username
|
|
|
|
rm -f /etc/ppp/peers/dtagdsl
|
|
|
|
${pkgs.envsubst}/bin/envsubst -i "${config.environment.etc."ppp/peers/dtagdsl".source}" > /etc/ppp/peers/dtagdsl
|
|
|
|
|
|
|
|
# Copy login secrets
|
|
|
|
rm -f /etc/ppp/pap-secrets
|
|
|
|
cat ${config.sops.secrets.pppd-dtagdsl-secrets.path} > /etc/ppp/pap-secrets
|
|
|
|
rm -f /etc/ppp/chap-secrets
|
|
|
|
cat ${config.sops.secrets.pppd-dtagdsl-secrets.path} > /etc/ppp/chap-secrets
|
|
|
|
'';
|
|
|
|
|
|
|
|
preStartFile = utils.systemdUtils.lib.makeJobScript "pppd-dtagdsl-pre-start" preStart;
|
|
|
|
in {
|
2024-07-14 00:06:41 +02:00
|
|
|
EnvironmentFile = config.sops.secrets.pppd-dtagdsl-username.path;
|
|
|
|
ExecStartPre = [
|
2024-07-14 00:14:14 +02:00
|
|
|
# "+" marks script to be executed without priviledge restrictions
|
|
|
|
"+${preStartFile}"
|
2024-07-14 00:06:41 +02:00
|
|
|
];
|
|
|
|
};
|
|
|
|
|
2024-07-14 00:51:49 +02:00
|
|
|
clerie.firewall.extraForwardMangleCommands = ''
|
|
|
|
ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1416
|
|
|
|
'';
|
|
|
|
|
2024-08-15 19:21:29 +02:00
|
|
|
networking.interfaces.net-heimnetz.useDHCP = true;
|
|
|
|
networking.interfaces.ppp-dtagdsl.useDHCP = true;
|
|
|
|
|
|
|
|
networking.dhcpcd = {
|
|
|
|
enable = true;
|
|
|
|
allowInterfaces = [
|
|
|
|
"net-heimnetz"
|
|
|
|
"ppp-dtagdsl"
|
|
|
|
];
|
|
|
|
wait = "ipv6";
|
|
|
|
extraConfig = ''
|
|
|
|
ipv6only
|
|
|
|
noipv6rs
|
|
|
|
interface ppp-dtagdsl
|
|
|
|
ipv6rs
|
|
|
|
ia_pd 1/::/56 net-heimnetz/201/64
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
2024-07-14 00:06:41 +02:00
|
|
|
}
|