diff --git a/common.nix b/common.nix index d34e31e..a8274b0 100644 --- a/common.nix +++ b/common.nix @@ -1,10 +1,4 @@ -{ - lib, - pkgs, - config, - self, - ... -}: +{ lib, pkgs, config, self, ... }: { networking = { wireless = { diff --git a/flake.nix b/flake.nix index f238a69..92d00f0 100644 --- a/flake.nix +++ b/flake.nix @@ -46,12 +46,5 @@ inputs@{ self, nixpkgs, ... }: { nixosConfigurations = import ./systems.nix { inherit self inputs nixpkgs; }; - packages = nixpkgs.lib.attrsets.genAttrs nixpkgs.lib.systems.flakeExposed ( - system: - import ./mikrotik.nix { - inherit system inputs; - pkgs = nixpkgs.legacyPackages.${system}; - } - ); }; } diff --git a/mikrotik.nix b/mikrotik.nix deleted file mode 100644 index 6897b45..0000000 --- a/mikrotik.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ - mikrotik-config ? ./router.nix, - pkgs, - inputs, - system, -}: -with pkgs; -with lib; -with builtins; - -let - rtr = (import mikrotik-config); - - formatValue = - key: value: - if key == "comment" then - ''${key}="${value}"'' - else if key == "no_label" then - formatValue null value - #''${key}="${value}"'' - else if isAttrs value && key != null then - concatStringsSep " " ([ "${key}" ] ++ (mapAttrsToList (k: v: formatValue k v) value)) - - else if isAttrs value then - concatStringsSep " " (mapAttrsToList (k: v: formatValue k v) value) - - else - "${key}=${value}"; - - formatSection = - name: opts: - [ "${name}" ] - ++ ( - if isAttrs opts then - (mapAttrsToList (k: v: "set ${formatValue k v}") opts) - else - (map (x: "add ${formatValue null x}") opts) - ); -in -rec { - mikrotik-router = stdenv.mkDerivation rec { - version = "0.0.1"; - name = "mikrotik-router-${version}"; - - src = builtins.toFile "router-config.rsc" ( - concatStringsSep "\n" (flatten (mapAttrsToList (key: values: formatSection key values) rtr)) - ); - - builder = builtins.toFile "builder.sh" '' - source $stdenv/setup - mkdir $out - install $src $out/router-config.rsc - ''; - }; -} diff --git a/router.nix b/router.nix deleted file mode 100644 index c676be2..0000000 --- a/router.nix +++ /dev/null @@ -1,198 +0,0 @@ -{ - "/interface bridge" = [ - { - auto-mac = "no"; - comment = "defconf"; - name = "bridge"; - } - { name = "wifi"; } - ]; - "/interface list" = [ - { name = "WAN"; } - { name = "LAN"; } - ]; - "/ip pool" = [ - { - name = "wired-pool"; - ranges = "10.10.10.10-10.10.10.254"; - } - { - name = "wifi-pool"; - ranges = "10.10.11.10-10.10.11.254"; - } - ]; - "/ip dhcp-server" = [ - { - address-pool = "wired-pool"; - disabled = "no"; - interface = "bridge"; - name = "wired-dhcp"; - } - { - address-pool = "wifi-pool"; - disabled = "no"; - interface = "wifi"; - name = "wifi-dhcp"; - } - ]; - "/interface bridge port" = [ - { - bridge = "bridge"; - interface = "ether2"; - } - { - bridge = "bridge"; - interface = "ether3"; - } - { - bridge = "bridge"; - interface = "ether4"; - } - { - bridge = "wifi"; - interface = "ether5"; - } - { - bridge = "bridge"; - interface = "sfp1"; - } - ]; - "/ip neighbor discovery-settings" = { - discover-interface-list = "LAN"; - }; - "/interface list member" = [ - { - interface = "bridge"; - list = "LAN"; - } - { - interface = "ether1"; - list = "WAN"; - } - ]; - "/ip address" = [ - { - address = "10.10.10.1/24"; - interface = "bridge"; - network = "10.10.10.0"; - } - { - address = "10.10.11.1/24"; - interface = "wifi"; - network = "10.10.11.0"; - } - ]; - "/ip dhcp-client" = [ - { - disabled = "no"; - interface = "ether1"; - } - ]; - "/ip dhcp-server network" = [ - { - address = "10.10.10.0/24"; - gateway = "10.10.10.1"; - netmask = "24"; - } - { - address = "10.10.11.0/24"; - gateway = "10.10.11.1"; - netmask = "24"; - } - ]; - "/ip dns" = { - "allow-remote-requests" = "yes"; - servers = "1.1.1.1,1.0.0.1"; - }; - "/ip dns static" = [ - { - address = "192.168.88.1"; - name = "router.lan"; - } - ]; - "/ip firewall filter" = [ - { - action = "accept"; - chain = "input"; - comment = "defconf: accept established,related,untracked"; - "connection-state" = "established,related,untracked"; - } - { - action = "drop"; - chain = "input"; - comment = "defconf: drop invalid"; - "connection-state" = "invalid"; - } - { - action = "accept"; - chain = "input"; - comment = "defconf: accept ICMP"; - protocol = "icmp"; - } - { - action = "drop"; - chain = "input"; - comment = "defconf: drop all not coming from LAN"; - "in-interface-list" = "!LAN"; - } - { - action = "accept"; - chain = "forward"; - comment = "defconf: accept in ipsec policy"; - "ipsec-policy" = "in,ipsec"; - } - { - action = "accept"; - chain = "forward"; - comment = "defconf: accept out ipsec policy"; - "ipsec-policy" = "out,ipsec"; - } - { - action = "fasttrack-connection"; - chain = "forward"; - comment = "defconf: fasttrack"; - "connection-state" = "established,related"; - } - { - action = "accept"; - chain = "forward"; - comment = "defconf: accept established,related, untracked"; - "connection-state" = "established,related,untracked"; - } - { - action = "drop"; - chain = "forward"; - comment = "defconf: drop invalid"; - "connection-state" = "invalid"; - } - { - action = "drop"; - chain = "forward"; - comment = "defconf: drop all from WAN not DSTNATed"; - "connection-nat-state" = "!dstnat"; - "connection-state" = "new"; - "in-interface-list" = "WAN"; - } - ]; - "/ip firewall nat" = [ - { - action = "masquerade"; - chain = "srcnat"; - comment = "defconf: masquerade"; - "ipsec-policy" = "out,none"; - "out-interface-list" = "WAN"; - } - ]; - "/system clock" = { - "time-zone-name" = "Europe/Berlin"; - }; - "/system routerboard settings" = { - "silent-boot" = "no"; - }; - "/tool mac-server" = { - "allowed-interface-list" = "LAN"; - }; - "/tool mac-server mac-winbox" = { - "allowed-interface-list" = "LAN"; - }; -} diff --git a/systems/club-mate/default.nix b/systems/club-mate/default.nix index b40ebcb..38b08b1 100644 --- a/systems/club-mate/default.nix +++ b/systems/club-mate/default.nix @@ -65,14 +65,8 @@ source-han-serif-japanese ]; fontconfig.defaultFonts = { - serif = [ - "Noto Serif" - "Source Han Serif" - ]; - sansSerif = [ - "Noto Sans" - "Source Han Sans" - ]; + serif = [ "Noto Serif" "Source Han Serif" ]; + sansSerif = [ "Noto Sans" "Source Han Sans" ]; }; }; @@ -121,9 +115,7 @@ }; }; - environment.variables = { - LOG_ICONS = "true"; - }; + environment.variables = { LOG_ICONS = "true"; }; services = { xserver = { xkb.layout = "de"; diff --git a/systems/fritz-mate/default.nix b/systems/fritz-mate/default.nix index 322a0fa..8805ac5 100644 --- a/systems/fritz-mate/default.nix +++ b/systems/fritz-mate/default.nix @@ -7,7 +7,9 @@ }: { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; boot = { loader = { @@ -17,14 +19,12 @@ kernelPackages = self.inputs.rpi_5.legacyPackages.aarch64-linux.linuxPackages_rpi5; kernelModules = [ ]; initrd = { - availableKernelModules = [ - "usbhid" - "usb_storage" - ]; + availableKernelModules = [ "usbhid" "usb_storage" ]; kernelModules = [ ]; }; }; + networking = { useDHCP = lib.mkDefault true; wireless.iwd = { diff --git a/systems/mio-mio-mate/default.nix b/systems/mio-mio-mate/default.nix index 0c51bc5..7e8a19f 100644 --- a/systems/mio-mio-mate/default.nix +++ b/systems/mio-mio-mate/default.nix @@ -35,16 +35,8 @@ networking.firewall = { enable = true; - allowedTCPPorts = [ - 80 - 443 - 53 - ]; - allowedUDPPorts = [ - 80 - 443 - 53 - ]; + allowedTCPPorts = [ 80 443 53 ]; + allowedUDPPorts = [ 80 443 53 ]; }; services.nginx = { diff --git a/users/default.nix b/users/default.nix index bfe68b4..3cc8526 100644 --- a/users/default.nix +++ b/users/default.nix @@ -1,4 +1,8 @@ -{ pkgs, config, ... }: +{ + pkgs, + config, + ... +}: { home = {