hosts/carbon: Migrate to DTAG DSL

2024-07-14 00:06:41 +02:00
parent 9ddc82b507
commit d09e80e88e
3 changed files with 59 additions and 27 deletions
--- a/hosts/carbon/ppp.nix
+++ b/hosts/carbon/ppp.nix
@@ -0,0 +1,51 @@
+{ config, pkgs, utils, ... }:
+
+{
+
+  services.pppd = {
+    enable = true;
+    peers.dtagdsl = {
+      config = ''
+        plugin pppoe.so net-dsl
+        user "''${PPPD_DTAGDSL_USERNAME}"
+        ifname ppp-dtagdsl
+        persist
+        maxfail 0
+        holdoff 5
+        noipdefault
+        lcp-echo-interval 20
+        lcp-echo-failure 3
+        mtu 14592
+        hide-password
+        defaultroute
+        +ipv6
+        debug
+      '';
+    };
+  };
+
+  environment.etc."ppp/peers/dtagdsl".enable = false;
+
+  systemd.services."pppd-dtagdsl".serviceConfig = {
+    EnvironmentFile = config.sops.secrets.pppd-dtagdsl-username.path;
+    ExecStartPre = [
+      "+${utils.systemdUtils.lib.makeJobScript "pppd-dtagdsl-pre-start" ''
+        mkdir -p /etc/ppp/peers
+
+        # Created files only readable by root
+        umask u=rw,g=,o=
+
+        # Copy config and substitute username
+        rm -f /etc/ppp/peers/dtagdsl
+        ${pkgs.envsubst}/bin/envsubst -i "${config.environment.etc."ppp/peers/dtagdsl".source}" > /etc/ppp/peers/dtagdsl
+
+        # Copy login secrets
+        rm -f /etc/ppp/pap-secrets
+        cat ${config.sops.secrets.pppd-dtagdsl-secrets.path} > /etc/ppp/pap-secrets
+        rm -f /etc/ppp/chap-secrets
+        cat ${config.sops.secrets.pppd-dtagdsl-secrets.path} > /etc/ppp/chap-secrets
+      ''}"
+    ];
+  };
+
+}