profiles/router: Migrate configuration to profile

configuration/router: All hosts using this config don't do BGP and OSPF
2025-05-08 16:17:26 +02:00 · 2025-05-08 15:55:59 +02:00
7 changed files with 31 additions and 31 deletions
--- a/configuration/router/default.nix
+++ b/configuration/router/default.nix
@@ -1,27 +0,0 @@
-{ pkgs, ... }:
-
-{
-  environment.systemPackages = with pkgs; [
-    wireguard-tools
-    tcpdump
-  ];
-
-  boot.kernel.sysctl = {
-    "net.ipv4.ip_forward" = true;
-    "net.ipv6.conf.all.forwarding" = true;
-  };
-
-  networking.firewall.checkReversePath = false;
-
-  networking.firewall.allowedTCPPorts = [
-    # Open Firewall for BGP
-    179
-  ];
-
-  networking.firewall.extraCommands = ''
-    # Open fireall for OSPF
-    ip46tables -A nixos-fw -p ospfigp -j nixos-fw-accept
-    # Open firewall for GRE
-    ip46tables -A nixos-fw -p gre -j nixos-fw-accept
-  '';
-}
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -4,7 +4,6 @@
  imports =
    [
      ./hardware-configuration.nix
-      ../../configuration/router

      ./dns.nix
      ./mdns.nix
@@ -23,6 +22,7 @@
    ];

  profiles.clerie.common-networking.enable = false;
+  profiles.clerie.router.enable = true;

  boot.kernelParams = [ "console=ttyS0,115200n8" ];

--- a/hosts/gatekeeper/configuration.nix
+++ b/hosts/gatekeeper/configuration.nix
@@ -4,10 +4,10 @@
  imports =
    [
      ./hardware-configuration.nix
-      ../../configuration/router
    ];

  profiles.clerie.hetzner-cloud.enable = true;
+  profiles.clerie.router.enable = true;

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/sda";
--- a/hosts/nonat/configuration.nix
+++ b/hosts/nonat/configuration.nix
@@ -4,10 +4,10 @@
  imports =
    [
      ./hardware-configuration.nix
-      ../../configuration/router
    ];

  profiles.clerie.mercury-vm.enable = true;
+  profiles.clerie.router.enable = true;

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/vda";
--- a/hosts/porter/configuration.nix
+++ b/hosts/porter/configuration.nix
@@ -4,10 +4,10 @@
  imports =
    [
      ./hardware-configuration.nix
-      ../../configuration/router
    ];

  profiles.clerie.netcup.enable = true;
+  profiles.clerie.router.enable = true;

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/sda";
--- a/profiles/default.nix
+++ b/profiles/default.nix
@@ -14,6 +14,7 @@
    ./mercury-vm
    ./netcup
    ./network-fallback-dhcp
+    ./router
    ./ruby-vm
    ./serial-console
    ./wg-clerie
--- a/profiles/router/default.nix
+++ b/profiles/router/default.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+  options.profiles.clerie.router = {
+    enable = mkEnableOption "Basic router setup";
+  };
+
+  config = mkIf config.profiles.clerie.router.enable {
+
+    environment.systemPackages = with pkgs; [
+      wireguard-tools
+      tcpdump
+    ];
+  
+    boot.kernel.sysctl = {
+      "net.ipv4.ip_forward" = true;
+      "net.ipv6.conf.all.forwarding" = true;
+    };
+  
+    networking.firewall.checkReversePath = false;
+
+  };
+}
Author	SHA1	Message	Date
clerie	ced991b911	profiles/router: Migrate configuration to profile	2025-05-08 16:17:26 +02:00
clerie	fa1220dcf8	configuration/router: All hosts using this config don't do BGP and OSPF	2025-05-08 15:55:59 +02:00