From 5ef293448d653db7bff65bf3ddd53cec8481263f Mon Sep 17 00:00:00 2001 From: clerie Date: Tue, 20 Jun 2023 18:58:55 +0200 Subject: [PATCH] hosts/aluminium: add fieldpoc --- flake.lock | 65 +++++++++++++++++-- flake.nix | 1 + hosts/aluminium/configuration.nix | 2 + hosts/aluminium/fieldpoc.nix | 32 +++++++++ .../secrets/fieldpoc-ommpassword.age | 10 +++ .../aluminium/secrets/fieldpoc-sipsecret.age | 11 ++++ lib/flake-helper.nix | 3 +- 7 files changed, 119 insertions(+), 5 deletions(-) create mode 100644 hosts/aluminium/fieldpoc.nix create mode 100644 hosts/aluminium/secrets/fieldpoc-ommpassword.age create mode 100644 hosts/aluminium/secrets/fieldpoc-sipsecret.age diff --git a/flake.lock b/flake.lock index 0bf0e37..a792ba0 100644 --- a/flake.lock +++ b/flake.lock @@ -84,6 +84,25 @@ "type": "github" } }, + "fieldpoc": { + "inputs": { + "mitel-ommclient2": "mitel-ommclient2", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1687119570, + "narHash": "sha256-tZ6hctUdlZzsdg4WA4Fv7C5bNGnotYp0QT+s3rvlIKw=", + "ref": "refs/heads/main", + "rev": "cc43776e6dd7eb94962e9f23b8e8282d34597a75", + "revCount": 39, + "type": "git", + "url": "https://git.clerie.de/clerie/fieldpoc.git" + }, + "original": { + "type": "git", + "url": "https://git.clerie.de/clerie/fieldpoc.git" + } + }, "flake-utils": { "locked": { "lastModified": 1667395993, @@ -99,6 +118,27 @@ "type": "github" } }, + "mitel-ommclient2": { + "inputs": { + "nixpkgs": [ + "fieldpoc", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1687019250, + "narHash": "sha256-cN9ZuQ/1irnoYg013v1ZDn15MHcFXhxILGhRNDGd794=", + "ref": "refs/heads/main", + "rev": "a11629f543a8b43451cecc46600a78cbb6af015a", + "revCount": 70, + "type": "git", + "url": "https://git.clerie.de/clerie/mitel_ommclient2.git" + }, + "original": { + "type": "git", + "url": "https://git.clerie.de/clerie/mitel_ommclient2.git" + } + }, "nixos-exporter": { "inputs": { "nixpkgs": [ @@ -121,11 +161,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1681557730, - "narHash": "sha256-j2E3639kS3Qop2jQPyqWCdenZNaqIdxfoTvAHnGuAGI=", + "lastModified": 1665732960, + "narHash": "sha256-WBZ+uSHKFyjvd0w4inbm0cNExYTn8lpYFcHEes8tmec=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "85b081528b937df4bfcaee80c3541b58f397df8b", + "rev": "4428e23312933a196724da2df7ab78eb5e67a88e", "type": "github" }, "original": { @@ -167,13 +207,30 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1681557730, + "narHash": "sha256-j2E3639kS3Qop2jQPyqWCdenZNaqIdxfoTvAHnGuAGI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "85b081528b937df4bfcaee80c3541b58f397df8b", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", "chaosevents": "chaosevents", "fernglas": "fernglas", + "fieldpoc": "fieldpoc", "nixos-exporter": "nixos-exporter", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "nixpkgs-krypton": "nixpkgs-krypton", "nixpkgs-schule": "nixpkgs-schule", "solid-xmpp-alarm": "solid-xmpp-alarm" diff --git a/flake.nix b/flake.nix index da34f32..86a2394 100644 --- a/flake.nix +++ b/flake.nix @@ -15,6 +15,7 @@ url = "github:wobcom/fernglas"; inputs.nixpkgs.follows = "nixpkgs"; }; + fieldpoc.url = "git+https://git.clerie.de/clerie/fieldpoc.git"; nixos-exporter = { url = "git+https://git.clerie.de/clerie/nixos-exporter.git"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/hosts/aluminium/configuration.nix b/hosts/aluminium/configuration.nix index 55cd5b0..de97df3 100644 --- a/hosts/aluminium/configuration.nix +++ b/hosts/aluminium/configuration.nix @@ -4,6 +4,8 @@ imports = [ ./hardware-configuration.nix + + ./fieldpoc.nix ]; boot.kernelParams = [ "console=ttyS0,115200n8" ]; diff --git a/hosts/aluminium/fieldpoc.nix b/hosts/aluminium/fieldpoc.nix new file mode 100644 index 0000000..3e93039 --- /dev/null +++ b/hosts/aluminium/fieldpoc.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: + +{ + + networking.interfaces.enp3s0.ipv4.addresses = [ { address = "10.42.132.1"; prefixLength = 24; } ]; + networking.firewall.trustedInterfaces = [ "enp3s0" ]; + + services.fieldpoc = { + enable = true; + ommIp = "10.42.132.2"; + ommUser = "omm"; + ommPasswordPath = config.age.secrets.fieldpoc-ommpassword.path; + sipsecretPath = config.age.secrets.fieldpoc-sipsecret.path; + dhcp = { + enable = true; + interface = "enp3s0"; + subnet = "10.42.132.0/24"; + pool = "10.42.132.200 - 10.42.132.250"; + router = "10.42.132.1"; + dnsServers = "10.42.10.8"; + omm = "10.42.132.2"; + reservations = [ + { + name = "omm"; + macAddress = "00:30:42:1b:8c:7c"; + ipAddress = "10.42.132.2"; + } + ]; + }; + }; + +} diff --git a/hosts/aluminium/secrets/fieldpoc-ommpassword.age b/hosts/aluminium/secrets/fieldpoc-ommpassword.age new file mode 100644 index 0000000..aa6e00e --- /dev/null +++ b/hosts/aluminium/secrets/fieldpoc-ommpassword.age @@ -0,0 +1,10 @@ +age-encryption.org/v1 +-> ssh-ed25519 HwR33w dvnkhXiz/AAZa3xT6RDx8OIQnBihgUiBddXtVB85JTA +NqFXVizLIgp08r41jP1myZ/sfOcHYRk7qvPrRjH0KUA +-> ssh-ed25519 GUpvaA X5Nhz0ppW4smw1cVZ0xPwcgcCREpcF4OHIjgwelm6Eo +N3rA06TZIEOgXGROcTUHlGSN4jpisGbMXX3WnHoIKek +-> }zICz2Kn-grease ;yh +NSFTNcxuAeDoIHy7HqGJn6FD7t3admS1EiIlVuPvcY0X8lqUKACMAym8GcCd2vrQ +VF1NK0BsKgW1j6uUFASqBn5/us2Nx6/mwxdaX4QBGINlkas+/zN53bM +--- e+nEDx4JO9clhnhTKZLeTuUdfRSHNJS+kY2UA46j8CM +H>9㱡(Plk?Cڏ,x}W?a* \ No newline at end of file diff --git a/hosts/aluminium/secrets/fieldpoc-sipsecret.age b/hosts/aluminium/secrets/fieldpoc-sipsecret.age new file mode 100644 index 0000000..317cfe9 --- /dev/null +++ b/hosts/aluminium/secrets/fieldpoc-sipsecret.age @@ -0,0 +1,11 @@ +age-encryption.org/v1 +-> ssh-ed25519 HwR33w IXd1561I7Ia8Vr1nlqcMCMN9xF0LXlpXPJUIW102UBI +KFpKJdE6ge2yE+kp1pYcHnmn3th0m0X2iETZ8rFze48 +-> ssh-ed25519 GUpvaA VyC2gxp7m7uz9ba1qmjQ05Cbi1ZXpkCU9ydwpYMAlyw +LC3flGQhaBdl8LeJnG5HbEBXcmEbDarWqZ/XFGhUAoI +-> _7e:/rX-grease ~R' V +KlOMxJRircN7onkmcF3Omw8Nseg0kgx9CsqdRsWV9jVV8+aY/4SFRC2cllIDOIQa +71hNmC6LqcOW +--- zr22gxWcsyuMcUg3gXiIUPvbsV/dE2hRvWD+e6i1B98 +1("Sb/Q<*nI$IgfX݆ + \ No newline at end of file diff --git a/lib/flake-helper.nix b/lib/flake-helper.nix index da781d8..8c21ba6 100644 --- a/lib/flake-helper.nix +++ b/lib/flake-helper.nix @@ -1,4 +1,4 @@ -{ self, nixpkgs, agenix, chaosevents, fernglas, nixos-exporter, solid-xmpp-alarm, ... }@inputs: +{ self, nixpkgs, agenix, chaosevents, fernglas, fieldpoc, nixos-exporter, solid-xmpp-alarm, ... }@inputs: rec { generateNixosSystem = { @@ -36,6 +36,7 @@ rec { }) agenix.nixosModules.default fernglas.nixosModules.default + fieldpoc.nixosModules.default nixos-exporter.nixosModules.default solid-xmpp-alarm.nixosModules.solid-xmpp-alarm (../hosts + "/${name}/configuration.nix")