nixos-config/lib/openwrt.nix

{ inputs, ... }:
let
  getProfiles =
    pkgs:
    inputs.openwrt-imagebuilder.lib.profiles {
      inherit pkgs;
      release = "snapshot";
    };
in
{
  flake.lib.mkOpenwrtImage =
    {
      pkgs,
      hostname,
      timezone,
      ipaddr,
      packages ? [ ],
      uci ? "",
    }:
    inputs.openwrt-imagebuilder.lib.build (
      (getProfiles pkgs).identifyProfile "glinet_gl-mt6000"
      // {
        packages = [
          # TODO does this include everything that the web firmware builder includes?
          "auc"
          "dawn"
          "luci-app-attendedsysupgrade"
          "luci-app-dawn"
          "luci-app-nextdns"
          "luci-ssl"
          "nextdns"
          "tailscale"
        ] ++ packages;

        # TODO set up SSH config (register public keys, disable password login, ...)
        files = pkgs.runCommand "image-files" { } ''
          mkdir -p $out/etc/uci-defaults
          cat > $out/etc/uci-defaults/99-custom <<EOF
          hostname='${hostname}'
          timezone='${timezone}'
          ipaddr='${ipaddr}'

          # Set system defaults
          uci set system.@system[0].hostname="$hostname"
          uci set system.@system[0].timezone="$timezone"
          uci set network.lan.ipaddr="$ipaddr"
          uci set uhttpd.main.redirect_https='1'
          ${uci}
          uci commit
          /etc/init.d/system reload

          # Set WiFi country code
          iw reg set DE

          # Enable hardware acceleration: Hardware Flow Offloading (HFO)
          uci set firewall.@defaults[0].flow_offloading=1
          uci set firewall.@defaults[0].flow_offloading_hw=1
          uci commit
          /etc/init.d/firewall restart

          # Enable hardware acceleration: Wireless Ethernet Dispatch (WED)
          echo 'options mt7915e wed_enable=Y' >>/etc/modules.conf

          # Set up automatic upgrades
          # TODO download upgrade script from GitHub gist
          # wget [github gist url]
          # cat "0 3 * * * /path/to/gist/script" >>/etc/crontabs/root
          EOF
        '';
      }
    );
}
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00			`{ inputs, ... }:`
			`let`
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`getProfiles =`
			`pkgs:`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00			`inputs.openwrt-imagebuilder.lib.profiles {`
			`inherit pkgs;`
			`release = "snapshot";`
			`};`
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`in`
			`{`
feat(openwrt): update config 2024-03-07 20:19:06 +01:00			`flake.lib.mkOpenwrtImage =`
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`{`
			`pkgs,`
			`hostname,`
			`timezone,`
			`ipaddr,`
			`packages ? [ ],`
			`uci ? "",`
			`}:`
			`inputs.openwrt-imagebuilder.lib.build (`
			`(getProfiles pkgs).identifyProfile "glinet_gl-mt6000"`
			`// {`
			`packages = [`
			`# TODO does this include everything that the web firmware builder includes?`
			`"auc"`
			`"dawn"`
			`"luci-app-attendedsysupgrade"`
			`"luci-app-dawn"`
			`"luci-app-nextdns"`
			`"luci-ssl"`
			`"nextdns"`
			`"tailscale"`
			`] ++ packages;`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`# TODO set up SSH config (register public keys, disable password login, ...)`
			`files = pkgs.runCommand "image-files" { } ''`
			`mkdir -p $out/etc/uci-defaults`
			`cat > $out/etc/uci-defaults/99-custom <<EOF`
			`hostname='${hostname}'`
			`timezone='${timezone}'`
			`ipaddr='${ipaddr}'`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`# Set system defaults`
			`uci set system.@system[0].hostname="$hostname"`
			`uci set system.@system[0].timezone="$timezone"`
			`uci set network.lan.ipaddr="$ipaddr"`
			`uci set uhttpd.main.redirect_https='1'`
			`${uci}`
			`uci commit`
			`/etc/init.d/system reload`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`# Set WiFi country code`
			`iw reg set DE`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`# Enable hardware acceleration: Hardware Flow Offloading (HFO)`
			`uci set firewall.@defaults[0].flow_offloading=1`
			`uci set firewall.@defaults[0].flow_offloading_hw=1`
			`uci commit`
			`/etc/init.d/firewall restart`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`# Enable hardware acceleration: Wireless Ethernet Dispatch (WED)`
			`echo 'options mt7915e wed_enable=Y' >>/etc/modules.conf`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00
style: reformat with nixfmt-rfc-style 2024-05-26 16:45:38 +02:00			`# Set up automatic upgrades`
			`# TODO download upgrade script from GitHub gist`
			`# wget [github gist url]`
			`# cat "0 3 * * * /path/to/gist/script" >>/etc/crontabs/root`
			`EOF`
			`'';`
			`}`
			`);`
feat(hosts): add doctr & penguin 2024-01-30 21:44:02 +01:00			`}`