diff --git a/flake.nix b/flake.nix
index bff1ede..3b87f80 100644
--- a/flake.nix
+++ b/flake.nix
@@ -72,7 +72,12 @@
porter = { name = "porter"; };
storage-2 = { name = "storage-2"; };
web-2 = { name = "web-2"; };
- zinc = { name = "zinc"; };
+ zinc = {
+ name = "zinc";
+ modules = [
+ nixos-hardware.nixosModules.common-cpu-intel
+ ];
+ };
# nixfiles-auto-install: add new host above
_iso = { name = "_iso"; };
};
diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index 63c168c..ede7072 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -264,7 +264,7 @@
ip46tables -A forward-filter -o enp1s0.202 -j DROP
'';
clerie.firewall.extraForwardMangleCommands = ''
- ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452
+ ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1416
'';
services.pppd = {
@@ -280,7 +280,7 @@
noipdefault
lcp-echo-interval 20
lcp-echo-failure 3
- mtu 1492
+ mtu 1456
hide-password
defaultroute
+ipv6
diff --git a/hosts/zinc/configuration.nix b/hosts/zinc/configuration.nix
index 84e354f..d4c222b 100644
--- a/hosts/zinc/configuration.nix
+++ b/hosts/zinc/configuration.nix
@@ -8,6 +8,7 @@
../../configuration/desktop
./initrd.nix
+ ./programs.nix
];
# Use the systemd-boot EFI boot loader.
diff --git a/hosts/zinc/initrd.nix b/hosts/zinc/initrd.nix
index fa69543..45c2803 100644
--- a/hosts/zinc/initrd.nix
+++ b/hosts/zinc/initrd.nix
@@ -1,6 +1,31 @@
-{ config, ... }:
+{ config, pkgs, lib, ... }:
-{
+with lib;
+
+let
+
+ configure_network = pkgs.writeScriptBin "configure-network" ''
+ ifdisplay=""
+ while true; do
+ ifdisplay_new=$(ipconfig -t 10 all)
+ ipconfig_status=$?
+
+ # Only show network config if something changes
+ if [[ "$ifdisplay" != "$ifdisplay_new" ]]; then
+ ifdisplay=$ifdisplay_new
+ echo
+ echo "$ifdisplay"
+ echo
+ fi
+
+ # Wait a little before checking again
+ if [[ $ipconfig_status == 0 ]]; then
+ sleep 5
+ fi
+ done
+ '';
+
+in {
boot.initrd.network.enable = true;
boot.initrd.network.ssh = {
@@ -12,11 +37,30 @@
"/var/src/secrets/initrd/ssh_host_ed25519_key"
];
};
+
+ boot.initrd.extraFiles."/root/.ash_history".source = pkgs.writeText ".ash_history" ''
+ cryptsetup-askpass
+ '';
+
boot.initrd.kernelModules = [
"igc" # integrated rj45 network interface
"cdc_ether" # external 5G modem via usb
];
- boot.kernelParams = [ "ip=dhcp" ];
+
+ boot.initrd.extraUtilsCommands = ''
+ copy_bin_and_libs ${configure_network}/bin/configure-network
+ '';
+
+ boot.initrd.network.postCommands = mkBefore ''
+ configure-network &
+ '';
+
+ boot.initrd.postMountCommands = mkBefore ''
+ pkill -x configure-network
+
+ # Override the previously set interfaces with the ones that really exist
+ ifaces=$(ip -o link show | grep "link/ether" | cut -d: -f2 | xargs -n 1)
+ '';
boot.initrd.network.wireguard = {
enable = true;
diff --git a/hosts/zinc/programs.nix b/hosts/zinc/programs.nix
new file mode 100644
index 0000000..5143028
--- /dev/null
+++ b/hosts/zinc/programs.nix
@@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+
+ users.users.clerie.packages = with pkgs; [
+ firefox
+
+ blender
+ cura
+ ];
+
+}
diff --git a/modules/wireguard-initrd/default.nix b/modules/wireguard-initrd/default.nix
index 61fc797..628b640 100644
--- a/modules/wireguard-initrd/default.nix
+++ b/modules/wireguard-initrd/default.nix
@@ -41,6 +41,7 @@ in
boot.initrd.network.postCommands = ''
ip link add dev "wg-initrd" type wireguard
+ ip link set "wg-initrd" mtu 1280
${concatMapStringsSep "\n" (ip: ''
ip address add "${ip}" dev "wg-initrd"