diff --git a/flake.nix b/flake.nix index bff1ede..3b87f80 100644 --- a/flake.nix +++ b/flake.nix @@ -72,7 +72,12 @@ porter = { name = "porter"; }; storage-2 = { name = "storage-2"; }; web-2 = { name = "web-2"; }; - zinc = { name = "zinc"; }; + zinc = { + name = "zinc"; + modules = [ + nixos-hardware.nixosModules.common-cpu-intel + ]; + }; # nixfiles-auto-install: add new host above _iso = { name = "_iso"; }; }; diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix index 63c168c..ede7072 100644 --- a/hosts/carbon/configuration.nix +++ b/hosts/carbon/configuration.nix @@ -264,7 +264,7 @@ ip46tables -A forward-filter -o enp1s0.202 -j DROP ''; clerie.firewall.extraForwardMangleCommands = '' - ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 + ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1416 ''; services.pppd = { @@ -280,7 +280,7 @@ noipdefault lcp-echo-interval 20 lcp-echo-failure 3 - mtu 1492 + mtu 1456 hide-password defaultroute +ipv6 diff --git a/hosts/zinc/configuration.nix b/hosts/zinc/configuration.nix index 84e354f..d4c222b 100644 --- a/hosts/zinc/configuration.nix +++ b/hosts/zinc/configuration.nix @@ -8,6 +8,7 @@ ../../configuration/desktop ./initrd.nix + ./programs.nix ]; # Use the systemd-boot EFI boot loader. diff --git a/hosts/zinc/initrd.nix b/hosts/zinc/initrd.nix index fa69543..45c2803 100644 --- a/hosts/zinc/initrd.nix +++ b/hosts/zinc/initrd.nix @@ -1,6 +1,31 @@ -{ config, ... }: +{ config, pkgs, lib, ... }: -{ +with lib; + +let + + configure_network = pkgs.writeScriptBin "configure-network" '' + ifdisplay="" + while true; do + ifdisplay_new=$(ipconfig -t 10 all) + ipconfig_status=$? + + # Only show network config if something changes + if [[ "$ifdisplay" != "$ifdisplay_new" ]]; then + ifdisplay=$ifdisplay_new + echo + echo "$ifdisplay" + echo + fi + + # Wait a little before checking again + if [[ $ipconfig_status == 0 ]]; then + sleep 5 + fi + done + ''; + +in { boot.initrd.network.enable = true; boot.initrd.network.ssh = { @@ -12,11 +37,30 @@ "/var/src/secrets/initrd/ssh_host_ed25519_key" ]; }; + + boot.initrd.extraFiles."/root/.ash_history".source = pkgs.writeText ".ash_history" '' + cryptsetup-askpass + ''; + boot.initrd.kernelModules = [ "igc" # integrated rj45 network interface "cdc_ether" # external 5G modem via usb ]; - boot.kernelParams = [ "ip=dhcp" ]; + + boot.initrd.extraUtilsCommands = '' + copy_bin_and_libs ${configure_network}/bin/configure-network + ''; + + boot.initrd.network.postCommands = mkBefore '' + configure-network & + ''; + + boot.initrd.postMountCommands = mkBefore '' + pkill -x configure-network + + # Override the previously set interfaces with the ones that really exist + ifaces=$(ip -o link show | grep "link/ether" | cut -d: -f2 | xargs -n 1) + ''; boot.initrd.network.wireguard = { enable = true; diff --git a/hosts/zinc/programs.nix b/hosts/zinc/programs.nix new file mode 100644 index 0000000..5143028 --- /dev/null +++ b/hosts/zinc/programs.nix @@ -0,0 +1,12 @@ +{ pkgs, ... }: + +{ + + users.users.clerie.packages = with pkgs; [ + firefox + + blender + cura + ]; + +} diff --git a/modules/wireguard-initrd/default.nix b/modules/wireguard-initrd/default.nix index 61fc797..628b640 100644 --- a/modules/wireguard-initrd/default.nix +++ b/modules/wireguard-initrd/default.nix @@ -41,6 +41,7 @@ in boot.initrd.network.postCommands = '' ip link add dev "wg-initrd" type wireguard + ip link set "wg-initrd" mtu 1280 ${concatMapStringsSep "\n" (ip: '' ip address add "${ip}" dev "wg-initrd"