From c33c1ce3fbf90476dbaad44fe99e12eda1fd3f72 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 3 Jan 2018 04:24:01 +0100 Subject: ma hdl-dump: init --- makefu/5pkgs/hdl-dump/default.nix | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 makefu/5pkgs/hdl-dump/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/hdl-dump/default.nix b/makefu/5pkgs/hdl-dump/default.nix new file mode 100644 index 000000000..bd454223a --- /dev/null +++ b/makefu/5pkgs/hdl-dump/default.nix @@ -0,0 +1,33 @@ +{ stdenv, lib, pkgs, fetchurl,fetchFromGitHub, upx, wine }: +stdenv.mkDerivation rec { + pname = "hdl-dump"; + version = "75df8d7"; + name = "${pname}-${version}"; + + src = fetchFromGitHub { + owner = "AKuHAK"; + repo = "hdl-dump"; + rev = version; + sha256 = "10jjr6p5yn0c182x17m7q68jmf8gizcny7wjxw7z5yh0fv5s48z4"; + }; + + buildInputs = [ upx wine ]; + + makeFlags = [ "RELEASE=yes" ]; + + # uses wine, currently broken + #postBuild = '' + # make -C gui + #''; + + installPhase = '' + mkdir -p $out/bin + cp hdl_dump $out/bin + ''; + + meta = { + homepage = https://github.com/AKuHAK/hdl-dump ; + description = "copy isos to psx hdd"; + license = lib.licenses.gpl2; + }; +} -- cgit v1.2.3 From e6d56100ae923e9c00ec190e7cfb90594dc768a9 Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 3 Jan 2018 04:50:08 +0100 Subject: ma pkgs.opl-utils: init at 2017-10-17 --- makefu/5pkgs/opl-utils/default.nix | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 makefu/5pkgs/opl-utils/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/opl-utils/default.nix b/makefu/5pkgs/opl-utils/default.nix new file mode 100644 index 000000000..f4430f333 --- /dev/null +++ b/makefu/5pkgs/opl-utils/default.nix @@ -0,0 +1,27 @@ +{ stdenv, lib, pkgs, fetchFromGitHub }: +stdenv.mkDerivation rec { + pname = "opl-utils"; + version = "881c0d2"; + name = "${pname}-${version}"; + + src = fetchFromGitHub { + owner = "ifcaro"; + repo = "open-ps2-loader"; + rev = version; + sha256 = "1c2hgbyp5hymyq60mrk7g0m3gi00wqx165pdwwwb740q0qig07d1"; + }; + + + preBuild = "cd pc/"; + + installPhase = '' + mkdir -p $out/bin + cp */bin/* $out/bin + ''; + + meta = { + homepage = https://github.com/ifcaro/Open-PS2-Loader; + description = "open-ps2-loader utils (opl2iso,iso2opl,genvmc)"; + license = lib.licenses.afl3; + }; +} -- cgit v1.2.3 From f56733184ef40fb6841b903f6e8761b03640cceb Mon Sep 17 00:00:00 2001 From: makefu Date: Wed, 3 Jan 2018 14:41:33 +0100 Subject: ma tools: add console tools --- makefu/2configs/tools/all.nix | 1 + makefu/2configs/tools/consoles.nix | 7 +++++++ 2 files changed, 8 insertions(+) create mode 100644 makefu/2configs/tools/consoles.nix (limited to 'makefu') diff --git a/makefu/2configs/tools/all.nix b/makefu/2configs/tools/all.nix index 1ac22e34c..2bb438f16 100644 --- a/makefu/2configs/tools/all.nix +++ b/makefu/2configs/tools/all.nix @@ -1,6 +1,7 @@ { imports = [ ./android-pentest.nix + ./consoles.nix ./core.nix ./core-gui.nix ./dev.nix diff --git a/makefu/2configs/tools/consoles.nix b/makefu/2configs/tools/consoles.nix new file mode 100644 index 000000000..76eb0044c --- /dev/null +++ b/makefu/2configs/tools/consoles.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }: +{ + users.users.makefu.packages = with pkgs; [ + opl-utils + hdl-dump + ]; +} -- cgit v1.2.3 From 6ad170e7621668fdcf03aab37d1f9843e446d2da Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 00:20:47 +0100 Subject: ma source: fix FUCKWIT --- makefu/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/source.nix b/makefu/source.nix index fde1d9680..ccdc7b9f0 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,7 +13,7 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "3874de4"; # unstable @ 2017-12-08 + ref = "475bec2"; # unstable @ 2017-08-04 # + do_sqlite3 ruby: 55a952be5b5 in -- cgit v1.2.3 From 8028debcf5fa1f79b2cdd288fef8477e87fd9787 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 00:53:04 +0100 Subject: ma tools: add nix-repl --- makefu/2configs/tools/dev.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'makefu') diff --git a/makefu/2configs/tools/dev.nix b/makefu/2configs/tools/dev.nix index 04a65df26..b652241bd 100644 --- a/makefu/2configs/tools/dev.nix +++ b/makefu/2configs/tools/dev.nix @@ -21,6 +21,9 @@ gen-oath-safe cdrtools stockholm + # nix related + nix-repl + nix-index # git-related tig ]; -- cgit v1.2.3 From 6dc4485a559020829a0b4d20ebba31bf366d066c Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 00:53:39 +0100 Subject: ma tools: add bin2iso to consoles --- makefu/2configs/tools/consoles.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'makefu') diff --git a/makefu/2configs/tools/consoles.nix b/makefu/2configs/tools/consoles.nix index 76eb0044c..543215adf 100644 --- a/makefu/2configs/tools/consoles.nix +++ b/makefu/2configs/tools/consoles.nix @@ -3,5 +3,6 @@ users.users.makefu.packages = with pkgs; [ opl-utils hdl-dump + bin2iso ]; } -- cgit v1.2.3 From f6f01faa3ace57ed29af2b953bab34924b70abfc Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 01:25:07 +0100 Subject: ma 2/default: use linuxPkackages_latest by default --- makefu/2configs/default.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'makefu') diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix index 25f9f63bf..0a89d2023 100644 --- a/makefu/2configs/default.nix +++ b/makefu/2configs/default.nix @@ -11,6 +11,9 @@ with import ; ./vim.nix ./binary-cache/nixos.nix ]; + + boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; + programs.command-not-found.enable = false; nixpkgs.config.allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "unrar-" pkg.name); krebs = { -- cgit v1.2.3 From ba42be899d0af94f5a3a1c9a71451c76d4666eb4 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 02:14:36 +0100 Subject: ma pkgs.cue2pops: init --- makefu/2configs/tools/consoles.nix | 1 + makefu/5pkgs/cue2pops/default.nix | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+) create mode 100644 makefu/5pkgs/cue2pops/default.nix (limited to 'makefu') diff --git a/makefu/2configs/tools/consoles.nix b/makefu/2configs/tools/consoles.nix index 543215adf..7090804d4 100644 --- a/makefu/2configs/tools/consoles.nix +++ b/makefu/2configs/tools/consoles.nix @@ -4,5 +4,6 @@ opl-utils hdl-dump bin2iso + cue2pops ]; } diff --git a/makefu/5pkgs/cue2pops/default.nix b/makefu/5pkgs/cue2pops/default.nix new file mode 100644 index 000000000..218ae8307 --- /dev/null +++ b/makefu/5pkgs/cue2pops/default.nix @@ -0,0 +1,24 @@ +{ stdenv, lib, pkgs, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "cue2pops"; + version = "2"; + name = "${pname}-${version}"; + + src = fetchFromGitHub { + owner = "makefu"; + repo = "cue2pops-linux"; + rev = "541863a"; + sha256 = "05w84726g3k33rz0wwb9v77g7xh4cnhy9sxlpilf775nli9bynrk"; + }; + + installPhase = '' + install -Dm755 $pname $out/bin/$pname + ''; + + meta = { + homepage = http://users.eastlink.ca/~doiron/bin2iso/ ; + description = "converts bin+cue to iso"; + license = lib.licenses.gpl3; + }; +} -- cgit v1.2.3 From e02e7053aaabc883ae4a6aa23886b6ee92cebb79 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 18:36:47 +0100 Subject: ma source: cherry-pick latest kernel bump --- makefu/source.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/source.nix b/makefu/source.nix index ccdc7b9f0..822b1e7c0 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,8 +13,9 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "475bec2"; # unstable @ 2017-08-04 + ref = "d37e53e"; # unstable @ 2017-12-08 # + do_sqlite3 ruby: 55a952be5b5 + # + kernel bump: 1e129a3f993 in evalSource (toString _file) [ -- cgit v1.2.3 From 9f77a71c7b72e3aa32042d5876cc08b00c5ed9bf Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 18:48:46 +0100 Subject: ma pkgs.mobility: temp remove exfat-nofuse --- makefu/2configs/tools/mobility.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/2configs/tools/mobility.nix b/makefu/2configs/tools/mobility.nix index 1993a5212..f2676f11c 100644 --- a/makefu/2configs/tools/mobility.nix +++ b/makefu/2configs/tools/mobility.nix @@ -5,5 +5,5 @@ mosh ]; - boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; + # boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ]; } -- cgit v1.2.3 From 77d53e841b7eaed58925571c2bdeb51cdc5e82a3 Mon Sep 17 00:00:00 2001 From: makefu Date: Thu, 4 Jan 2018 23:18:32 +0100 Subject: ma source: retry to bump nixpkgs --- makefu/source.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/source.nix b/makefu/source.nix index 822b1e7c0..6b305b641 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,9 +13,8 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "d37e53e"; # unstable @ 2017-12-08 + ref = "26ed774"; # nixpkgs-unstable @ 2018-01-04 # + do_sqlite3 ruby: 55a952be5b5 - # + kernel bump: 1e129a3f993 in evalSource (toString _file) [ -- cgit v1.2.3 From 3ad5283dfbf1733e06b16d4439c4f14268680240 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 5 Jan 2018 11:12:47 +0100 Subject: ma pkgs.bin2iso: init --- makefu/5pkgs/bin2iso/default.nix | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 makefu/5pkgs/bin2iso/default.nix (limited to 'makefu') diff --git a/makefu/5pkgs/bin2iso/default.nix b/makefu/5pkgs/bin2iso/default.nix new file mode 100644 index 000000000..31d05fab3 --- /dev/null +++ b/makefu/5pkgs/bin2iso/default.nix @@ -0,0 +1,28 @@ +{ stdenv, lib, pkgs, fetchurl }: +stdenv.mkDerivation rec { + pname = "bin2iso"; + version = "1.9b"; + _dlver = builtins.replaceStrings ["."] [""] version; + name = "${pname}-${version}"; + + src = fetchurl { + url = "http://users.eastlink.ca/~doiron/${pname}/linux/${pname}${_dlver}_linux.c"; + sha256 = "0gg4hbzlm83nnbccy79dnxbwpn7lxl3fb87ka36mlclikvknm2hy"; + }; + + unpackPhase = "true"; + + buildPhase ='' + gcc -Wall -o $pname $src + ''; + + installPhase = '' + install -Dm755 $pname $out/bin/$pname + ''; + + meta = { + homepage = http://users.eastlink.ca/~doiron/bin2iso/ ; + description = "converts bin+cue to iso"; + license = lib.licenses.gpl3; + }; +} -- cgit v1.2.3 From 801f2f0926d665fb2a3c2fd9184706a2235fe960 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 5 Jan 2018 11:52:07 +0100 Subject: ma source: back to stable --- makefu/source.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/source.nix b/makefu/source.nix index 6b305b641..647803fd7 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,7 +13,7 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "26ed774"; # nixpkgs-unstable @ 2018-01-04 + ref = "3e8d708"; # nixos-17.09 @ 2018-01-05 # + do_sqlite3 ruby: 55a952be5b5 in -- cgit v1.2.3 From 90b5b135d30d969c69e73261ed0ca663bc166495 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 5 Jan 2018 21:38:48 +0100 Subject: ma source: cherry-pick signal-desktop from unstable --- makefu/source.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/source.nix b/makefu/source.nix index 647803fd7..c22c82f32 100644 --- a/makefu/source.nix +++ b/makefu/source.nix @@ -13,8 +13,9 @@ let then "buildbot" else "makefu"; _file = + "/makefu/1systems/${name}/source.nix"; - ref = "3e8d708"; # nixos-17.09 @ 2018-01-05 + ref = "0f19bee"; # nixos-17.09 @ 2018-01-05 # + do_sqlite3 ruby: 55a952be5b5 + # + signal: 0f19beef3 in evalSource (toString _file) [ -- cgit v1.2.3 From 7f8ec648b8a26221c4ff030ec6242b9f08ba5f6c Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 5 Jan 2018 23:12:22 +0100 Subject: ma pkgs.gen-oath-safe: remove warning, add yubikey-manager --- makefu/5pkgs/gen-oath-safe/default.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'makefu') diff --git a/makefu/5pkgs/gen-oath-safe/default.nix b/makefu/5pkgs/gen-oath-safe/default.nix index 344dc1a02..bad4b08a8 100644 --- a/makefu/5pkgs/gen-oath-safe/default.nix +++ b/makefu/5pkgs/gen-oath-safe/default.nix @@ -1,7 +1,6 @@ { coreutils, makeWrapper, openssl, libcaca, qrencode, fetchFromGitHub, yubikey-manager, python, stdenv, ... }: -builtins.trace "Warning: HTOP mode of gen-oath-safe is currently broken" - stdenv.mkDerivation { +stdenv.mkDerivation { name = "gen-oath-safe-2017-06-30"; src = fetchFromGitHub { owner = "mcepl"; @@ -24,7 +23,7 @@ builtins.trace "Warning: HTOP mode of gen-oath-safe is currently broken" coreutils openssl qrencode - #yubikey-manager + yubikey-manager libcaca python ]; -- cgit v1.2.3 From 7b39418eb059a80b365beba867613ea0e378c189 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 6 Jan 2018 20:50:37 +0100 Subject: ma filepimp.r: add nofail to disks --- makefu/1systems/filepimp/config.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/1systems/filepimp/config.nix b/makefu/1systems/filepimp/config.nix index e9058ec85..30ba61a9b 100644 --- a/makefu/1systems/filepimp/config.nix +++ b/makefu/1systems/filepimp/config.nix @@ -71,7 +71,10 @@ in { '') allDisks); fileSystems = let xfsmount = name: dev: - { "/media/${name}" = { device = dev; fsType = "xfs"; }; }; + { "/media/${name}" = { + device = dev; fsType = "xfs"; + options = [ "nofail" ]; + }; }; in # (xfsmount "j0" (part1 jDisk0)) // (xfsmount "j1" (part1 jDisk1)) // -- cgit v1.2.3 From 72d8ea37cc19a0d09dedef55d540c6b06ebcdbd1 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 6 Jan 2018 20:51:32 +0100 Subject: ma gum.r: add vbob to wireguard --- makefu/1systems/gum/config.nix | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 1fe0b62f9..6e5f3c2d4 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -108,16 +108,35 @@ in { # }; #} { # wireguard server - networking.firewall.allowedUDPPorts = [ 51820 ]; + + # TODO: networking.nat + + # boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + # conf.all.proxy_arp =1 + networking.firewall = { + allowedUDPPorts = [ 51820 ]; + extraCommands = '' + iptables -t nat -A POSTROUTING -s 10.244.0.0/24 -o ${ext-if} -j MASQUERADE + ''; + }; + networking.wireguard.interfaces.wg0 = { ips = [ "10.244.0.1/24" ]; + listenPort = 51820; privateKeyFile = (toString ) + "/wireguard.key"; allowedIPsAsRoutes = true; - peers = [{ - # allowedIPs = [ "0.0.0.0/0" "::/0" ]; + peers = [ + { + # x allowedIPs = [ "10.244.0.2/32" ]; publicKey = "fe5smvKVy5GAn7EV4w4tav6mqIAKhGWQotm7dRuRt1g="; - }]; + } + { + # vbob + allowedIPs = [ "10.244.0.3/32" ]; + publicKey = "Lju7EsCu1OWXhkhdNR7c/uiN60nr0TUPHQ+s8ULPQTw="; + } + ]; }; } -- cgit v1.2.3 From 9cf88110a69b7f3902d29e9f252a0b40d2bc5f9f Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 6 Jan 2018 20:51:58 +0100 Subject: ma omo.r: add nofail to disk --- makefu/1systems/omo/config.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'makefu') diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix index aaecebadc..ce3ffbcf3 100644 --- a/makefu/1systems/omo/config.nix +++ b/makefu/1systems/omo/config.nix @@ -143,7 +143,10 @@ in { ]; fileSystems = let cryptMount = name: - { "/media/${name}" = { device = "/dev/mapper/${name}"; fsType = "xfs"; };}; + { "/media/${name}" = { + device = "/dev/mapper/${name}"; fsType = "xfs"; + options = [ "nofail" ]; + };}; in cryptMount "crypt0" // cryptMount "crypt1" // cryptMount "crypt2" -- cgit v1.2.3 From de01eae264ee72f1bddb42ae0a33defc66486f4f Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 6 Jan 2018 20:53:33 +0100 Subject: ma vbob.r: add default routing through wireguard --- makefu/1systems/vbob/config.nix | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index f318c0e61..7552c6982 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -7,7 +7,8 @@ { imports = [ ]; - boot.loader.grub.device = "/dev/vda"; + boot.loader.grub.device = "/dev/sda"; + virtualisation.virtualbox.guest.enable = true; } # { # imports = [ @@ -49,6 +50,33 @@ # environment + (let + gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr; + Gateway = "10.0.2.2"; + in { + networking.localCommands = '' + ip route add ${gum-ip} via ${Gateway} + ''; + systemd.network.networks.enp0s3.routes = [{ + inherit Gateway; # TODO + Destination = gum-ip; + }]; + networking.wireguard.interfaces.wg0 = { + ips = [ "10.244.0.3/24" ]; + privateKeyFile = (toString ) + "/wireguard.key"; + allowedIPsAsRoutes = true; + # explicit route via eth0 to gum + peers = [ + { + # gum + endpoint = "${gum-ip}:51820"; + # allowedIPs = [ "10.244.0.0/24" ]; + allowedIPs = [ "0.0.0.0/0" ]; + publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; + } + ]; + }; + }) ]; networking.extraHosts = import (toString ); @@ -90,5 +118,5 @@ 8010 ]; - + systemd.services."serial-getty@ttyS0".enable = true; } -- cgit v1.2.3 From 149aad4cb79de44e095b82ffdf7fa65cc95c2f93 Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 6 Jan 2018 21:07:46 +0100 Subject: ma vbob.r: remove explicit route via systemd does not work --- makefu/1systems/vbob/config.nix | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index 7552c6982..d4b80c90e 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -57,10 +57,7 @@ networking.localCommands = '' ip route add ${gum-ip} via ${Gateway} ''; - systemd.network.networks.enp0s3.routes = [{ - inherit Gateway; # TODO - Destination = gum-ip; - }]; + networking.wireguard.interfaces.wg0 = { ips = [ "10.244.0.3/24" ]; privateKeyFile = (toString ) + "/wireguard.key"; -- cgit v1.2.3 From 17883f68dd0ddcb9813add65559bcc95009148fc Mon Sep 17 00:00:00 2001 From: makefu Date: Sat, 6 Jan 2018 23:44:03 +0100 Subject: ma vbob.r: set route after network online --- makefu/1systems/vbob/config.nix | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'makefu') diff --git a/makefu/1systems/vbob/config.nix b/makefu/1systems/vbob/config.nix index d4b80c90e..ffd9deaee 100644 --- a/makefu/1systems/vbob/config.nix +++ b/makefu/1systems/vbob/config.nix @@ -52,24 +52,21 @@ (let gum-ip = config.krebs.hosts.gum.nets.internet.ip4.addr; - Gateway = "10.0.2.2"; + gateway = "10.0.2.2"; in { - networking.localCommands = '' - ip route add ${gum-ip} via ${Gateway} - ''; - + # make sure the route to gum gets added after the network is online + systemd.services.wireguard-wg0.after = [ "network-online.target" ]; networking.wireguard.interfaces.wg0 = { ips = [ "10.244.0.3/24" ]; privateKeyFile = (toString ) + "/wireguard.key"; - allowedIPsAsRoutes = true; # explicit route via eth0 to gum + preSetup = ["${pkgs.iproute}/bin/ip route add ${gum-ip} via ${gateway}"]; peers = [ - { - # gum + { # gum endpoint = "${gum-ip}:51820"; - # allowedIPs = [ "10.244.0.0/24" ]; - allowedIPs = [ "0.0.0.0/0" ]; + allowedIPs = [ "0.0.0.0/0" "10.244.0.0/24" ]; publicKey = "yAKvxTvcEVdn+MeKsmptZkR3XSEue+wSyLxwcjBYxxo="; + persistentKeepalive = 25; } ]; }; -- cgit v1.2.3