diff --git a/hosts/astatine/configuration.nix b/hosts/astatine/configuration.nix index 742b73f..a269063 100644 --- a/hosts/astatine/configuration.nix +++ b/hosts/astatine/configuration.nix @@ -5,6 +5,7 @@ [ ./hardware-configuration.nix + ./ppp.nix ./users.nix ]; @@ -26,7 +27,7 @@ networking.hostName = "astatine"; - networking.firewall.enable = false; + #networking.firewall.enable = false; services.wg-clerie = { enable = true; diff --git a/hosts/astatine/ppp.nix b/hosts/astatine/ppp.nix new file mode 100644 index 0000000..f936b4d --- /dev/null +++ b/hosts/astatine/ppp.nix @@ -0,0 +1,96 @@ +{ pkgs, ... }: + +{ + # Make space for VLAN header in containing ethernet segment + networking.interfaces."enp1s0".mtu = 1518; + + ## DSL-Uplink + networking.vlans."enp1s0.7" = { + id = 7; + interface = "enp1s0"; + }; + + services.pppd = { + enable = true; + peers.lns-test = { + config = '' + plugin pppoe.so enp1s0.7 + user "criese#regiotest@bsa-vdsl" + ifname ppp-lns-test + persist + maxfail 0 + holdoff 5 + noipdefault + lcp-echo-interval 20 + lcp-echo-failure 3 + mtu 1492 + hide-password + nodefaultroute + +ipv6 + debug + ''; + }; + }; + + /* + networking.interfaces.lo.useDHCP = true; + networking.interfaces.ppp-lns-test.useDHCP = true; + + networking.dhcpcd = { + enable = true; + extraConfig = '' + interface ppp-lns-test + ipv6rs + ia_pd 0 lo/0 + ''; + };*/ + + /* + environment.etc."ppp/ip-up" = { + text = '' + #! ${pkgs.runtimeShell} -e + + ${pkgs.iproute2}/bin/ip route flush table 20001 || true + ${pkgs.iproute2}/bin/ip route add default dev ppp-lns-test table 20001 + ''; + mode = "555"; + }; + environment.etc."ppp/ip-down" = { + text = '' + #! ${pkgs.runtimeShell} -e + + ${pkgs.iproute2}/bin/ip route flush table 20001 || true + ''; + mode = "555"; + }; + environment.etc."ppp/ipv6-up" = { + text = '' + #! ${pkgs.runtimeShell} -e + + ${pkgs.iproute2}/bin/ip -6 route flush table 20001 || true + ${pkgs.iproute2}/bin/ip -6 route add default dev ppp-lns-test table 20001 + ''; + mode = "555"; + }; + environment.etc."ppp/ipv6-down" = { + text = '' + #! ${pkgs.runtimeShell} -e + + ${pkgs.iproute2}/bin/ip -6 route flush table 20001 || true + ''; + mode = "555"; + }; + + petabyte.policyrouting = { + enable = true; + rules = [ + { rule = "oif ppp-lns-test lookup 20001"; prio = 19000; } + { rule = "oif ppp-lns-test unreachable"; prio = 19001; } + #{ rule = "lookup main"; prio = 21000; } + #{ rule = "lookup 20001"; prio = 21001; } + #{ rule = "unreachable"; prio = 22000; } + ]; + }; + */ + +}