From 7f6bfafbcf7ae5333cf82db65c8029081a636402 Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 7 Feb 2024 12:25:52 +0100 Subject: [PATCH 1/7] hosts/carbon: Set correct MTU --- hosts/carbon/configuration.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix index 63c168c..ede7072 100644 --- a/hosts/carbon/configuration.nix +++ b/hosts/carbon/configuration.nix @@ -264,7 +264,7 @@ ip46tables -A forward-filter -o enp1s0.202 -j DROP ''; clerie.firewall.extraForwardMangleCommands = '' - ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452 + ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1416 ''; services.pppd = { @@ -280,7 +280,7 @@ noipdefault lcp-echo-interval 20 lcp-echo-failure 3 - mtu 1492 + mtu 1456 hide-password defaultroute +ipv6 From 022fabb0f74a5f5636bd136df9a370f4c82f2db3 Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 7 Feb 2024 17:35:28 +0100 Subject: [PATCH 2/7] hosts/zinc: Add programs --- hosts/zinc/configuration.nix | 1 + hosts/zinc/programs.nix | 11 +++++++++++ 2 files changed, 12 insertions(+) create mode 100644 hosts/zinc/programs.nix diff --git a/hosts/zinc/configuration.nix b/hosts/zinc/configuration.nix index 84e354f..d4c222b 100644 --- a/hosts/zinc/configuration.nix +++ b/hosts/zinc/configuration.nix @@ -8,6 +8,7 @@ ../../configuration/desktop ./initrd.nix + ./programs.nix ]; # Use the systemd-boot EFI boot loader. diff --git a/hosts/zinc/programs.nix b/hosts/zinc/programs.nix new file mode 100644 index 0000000..136636a --- /dev/null +++ b/hosts/zinc/programs.nix @@ -0,0 +1,11 @@ +{ ... }: + +{ + + users.users.clerie.packages = with pkgs; [ + firefox + + blender + ]; + +} From bdb78d60c106817fb30e46888a79eedae4e4a1c1 Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 7 Feb 2024 17:36:00 +0100 Subject: [PATCH 3/7] hosts/zinc: add cura slicer --- hosts/zinc/programs.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/hosts/zinc/programs.nix b/hosts/zinc/programs.nix index 136636a..5143028 100644 --- a/hosts/zinc/programs.nix +++ b/hosts/zinc/programs.nix @@ -1,4 +1,4 @@ -{ ... }: +{ pkgs, ... }: { @@ -6,6 +6,7 @@ firefox blender + cura ]; } From e0049c72ea7b26a2df4db6a7dccfd599f238c639 Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 7 Feb 2024 17:36:30 +0100 Subject: [PATCH 4/7] host/zinc: enable intel optimisations --- flake.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index bff1ede..3b87f80 100644 --- a/flake.nix +++ b/flake.nix @@ -72,7 +72,12 @@ porter = { name = "porter"; }; storage-2 = { name = "storage-2"; }; web-2 = { name = "web-2"; }; - zinc = { name = "zinc"; }; + zinc = { + name = "zinc"; + modules = [ + nixos-hardware.nixosModules.common-cpu-intel + ]; + }; # nixfiles-auto-install: add new host above _iso = { name = "_iso"; }; }; From fe7ccf245bb7899c26e7d9b252958574b3bebfa6 Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 7 Feb 2024 18:41:09 +0100 Subject: [PATCH 5/7] modules/wireguard-initrd: default to mtu of 1280 --- modules/wireguard-initrd/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/wireguard-initrd/default.nix b/modules/wireguard-initrd/default.nix index 61fc797..628b640 100644 --- a/modules/wireguard-initrd/default.nix +++ b/modules/wireguard-initrd/default.nix @@ -41,6 +41,7 @@ in boot.initrd.network.postCommands = '' ip link add dev "wg-initrd" type wireguard + ip link set "wg-initrd" mtu 1280 ${concatMapStringsSep "\n" (ip: '' ip address add "${ip}" dev "wg-initrd" From bfdfc7ee68e4dd951e138538ecf3a1490c18ac1a Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 7 Feb 2024 18:42:30 +0100 Subject: [PATCH 6/7] hosts/zinc: custom network setup in initrd --- hosts/zinc/initrd.nix | 45 ++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 42 insertions(+), 3 deletions(-) diff --git a/hosts/zinc/initrd.nix b/hosts/zinc/initrd.nix index fa69543..bd00129 100644 --- a/hosts/zinc/initrd.nix +++ b/hosts/zinc/initrd.nix @@ -1,6 +1,31 @@ -{ config, ... }: +{ config, pkgs, lib, ... }: -{ +with lib; + +let + + configure_network = pkgs.writeScriptBin "configure-network" '' + ifdisplay="" + while true; do + ifdisplay_new=$(ipconfig -t 10 all) + ipconfig_status=$? + + # Only show network config if something changes + if [[ "$ifdisplay" != "$ifdisplay_new" ]]; then + ifdisplay=$ifdisplay_new + echo + echo "$ifdisplay" + echo + fi + + # Wait a little before checking again + if [[ $ipconfig_status == 0 ]]; then + sleep 5 + fi + done + ''; + +in { boot.initrd.network.enable = true; boot.initrd.network.ssh = { @@ -16,7 +41,21 @@ "igc" # integrated rj45 network interface "cdc_ether" # external 5G modem via usb ]; - boot.kernelParams = [ "ip=dhcp" ]; + + boot.initrd.extraUtilsCommands = '' + copy_bin_and_libs ${configure_network}/bin/configure-network + ''; + + boot.initrd.network.postCommands = mkBefore '' + configure-network & + ''; + + boot.initrd.postMountCommands = mkBefore '' + pkill -x configure-network + + # Override the previously set interfaces with the ones that really exist + ifaces=$(ip -o link show | grep "link/ether" | cut -d: -f2 | xargs -n 1) + ''; boot.initrd.network.wireguard = { enable = true; From 204303beeed720cac04923bb6a76935616ba0b1d Mon Sep 17 00:00:00 2001 From: clerie Date: Wed, 7 Feb 2024 18:52:09 +0100 Subject: [PATCH 7/7] hosts/zinc: add cryptsetup-askpass to .ash_history for faster access --- hosts/zinc/initrd.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hosts/zinc/initrd.nix b/hosts/zinc/initrd.nix index bd00129..45c2803 100644 --- a/hosts/zinc/initrd.nix +++ b/hosts/zinc/initrd.nix @@ -37,6 +37,11 @@ in { "/var/src/secrets/initrd/ssh_host_ed25519_key" ]; }; + + boot.initrd.extraFiles."/root/.ash_history".source = pkgs.writeText ".ash_history" '' + cryptsetup-askpass + ''; + boot.initrd.kernelModules = [ "igc" # integrated rj45 network interface "cdc_ether" # external 5G modem via usb