{ config, pkgs, lib, ... }: { imports = [ ./hardware-configuration.nix ../../configuration/router ./dns.nix ./net-dsl.nix ./net-gastnetz.nix ./net-heimnetz.nix ./net-voip.nix ./ppp.nix ]; boot.kernelParams = [ "console=ttyS0,115200n8" ]; boot.loader.grub.enable = true; boot.loader.grub.device = "/dev/sda"; boot.loader.grub.extraConfig = " serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1 terminal_input serial terminal_output serial "; networking.useDHCP = false; # Network ## LTE-Uplink networking.vlans."enp1s0.102" = { id = 102; interface = "enp1s0"; }; networking.nat = { enableIPv6 = true; enable = true; externalInterface = "ppp-dtagdsl"; internalIPv6s = [ "fd00:152:152::/48" "fd00:3214:9453:4920::/64"]; internalIPs = [ "10.152.0.0/16" "192.168.32.0/24" ]; }; services.radvd.enable = true; services.kea.dhcp4 = { enable = true; settings = { interfaces-config = { service-sockets-max-retries = 15; service-sockets-retry-wait-time = 2000; }; lease-database = { name = "/var/lib/kea/dhcp4.leases"; persist = true; type = "memfile"; }; }; }; clerie.firewall.enable = true; clerie.firewall.extraForwardMangleCommands = '' ip46tables -t mangle -A forward-mangle -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1416 ''; clerie.monitoring = { enable = true; id = "104"; pubkey = "sro9DUSMtVr5xV2o3GTgg+0vmLj+bRc8fN+3pIr6+HY="; blackbox = true; }; system.stateVersion = "21.03"; }