Update from master 2024-02-08T02:03+00:00

2024-02-08 03:03:02 +01:00 · 2024-02-08 03:03:02 +01:00 · acaddbfec4
commit acaddbfec4
parent a2b942e440 204303beee
6 changed files with 69 additions and 6 deletions
--- a/flake.nix
+++ b/flake.nix
@ -72,7 +72,12 @@
      porter = { name = "porter"; };
      storage-2 = { name = "storage-2"; };
      web-2 = { name = "web-2"; };
-      zinc = { name = "zinc"; };
+      zinc = {
+        name = "zinc";
+        modules = [
+          nixos-hardware.nixosModules.common-cpu-intel
+        ];
+      };
      # nixfiles-auto-install: add new host above
      _iso = { name = "_iso"; };
    };
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@ -264,7 +264,7 @@
    ip46tables -A forward-filter -o enp1s0.202 -j DROP
  '';
  clerie.firewall.extraForwardMangleCommands = ''
-    ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1452
+    ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1416
  '';

  services.pppd = {
@ -280,7 +280,7 @@
        noipdefault
        lcp-echo-interval 20
        lcp-echo-failure 3
-        mtu 1492
+        mtu 1456
        hide-password
        defaultroute
        +ipv6
--- a/hosts/zinc/configuration.nix
+++ b/hosts/zinc/configuration.nix
@ -8,6 +8,7 @@
      ../../configuration/desktop

      ./initrd.nix
+      ./programs.nix
    ];

  # Use the systemd-boot EFI boot loader.
--- a/hosts/zinc/initrd.nix
+++ b/hosts/zinc/initrd.nix
@ -1,6 +1,31 @@
-{ config, ... }:
+{ config, pkgs, lib, ... }:

-{
+with lib;
+
+let
+
+  configure_network = pkgs.writeScriptBin "configure-network" ''
+    ifdisplay=""
+    while true; do
+      ifdisplay_new=$(ipconfig -t 10 all)
+      ipconfig_status=$?
+
+      # Only show network config if something changes
+      if [[ "$ifdisplay" != "$ifdisplay_new" ]]; then
+        ifdisplay=$ifdisplay_new
+        echo
+        echo "$ifdisplay"
+        echo
+      fi
+
+      # Wait a little before checking again
+      if [[ $ipconfig_status == 0 ]]; then
+        sleep 5
+      fi
+    done
+  '';
+
+in {

  boot.initrd.network.enable = true;
  boot.initrd.network.ssh = {
@ -12,11 +37,30 @@
      "/var/src/secrets/initrd/ssh_host_ed25519_key"
    ];
  };
+
+  boot.initrd.extraFiles."/root/.ash_history".source = pkgs.writeText ".ash_history" ''
+    cryptsetup-askpass
+  '';
+
  boot.initrd.kernelModules = [
    "igc" # integrated rj45 network interface
    "cdc_ether" # external 5G modem via usb
  ];
-  boot.kernelParams = [ "ip=dhcp" ];
+
+  boot.initrd.extraUtilsCommands = ''
+    copy_bin_and_libs ${configure_network}/bin/configure-network
+  '';
+
+  boot.initrd.network.postCommands = mkBefore ''
+    configure-network &
+  '';
+
+  boot.initrd.postMountCommands = mkBefore ''
+    pkill -x configure-network
+
+    # Override the previously set interfaces with the ones that really exist
+    ifaces=$(ip -o link show | grep "link/ether" | cut -d: -f2 | xargs -n 1)
+  '';

  boot.initrd.network.wireguard = {
    enable = true;
--- a/hosts/zinc/programs.nix
+++ b/hosts/zinc/programs.nix
@ -0,0 +1,12 @@
+{ pkgs, ... }:
+
+{
+
+  users.users.clerie.packages = with pkgs; [
+    firefox
+
+    blender
+    cura
+  ];
+
+}
--- a/modules/wireguard-initrd/default.nix
+++ b/modules/wireguard-initrd/default.nix
@ -41,6 +41,7 @@ in

    boot.initrd.network.postCommands = ''
      ip link add dev "wg-initrd" type wireguard
+      ip link set "wg-initrd" mtu 1280

      ${concatMapStringsSep "\n" (ip: ''
        ip address add "${ip}" dev "wg-initrd"