]> Git — Sourcephile - julm/julm-nix.git/blob - hosts/aubergine/networking/lte.nix
systemd-creds: move to creds-{setup,encrypt,decrypt}.sh
[julm/julm-nix.git] / hosts / aubergine / networking / lte.nix
1 { pkgs, lib, config, ... }:
2 with (import ./names-and-numbers.nix);
3 let
4 inherit (config.users) users;
5 in
6 {
7 imports = [
8 ../../../nixos/modules/mmsd.nix
9 ];
10 networking.nftables.ruleset = ''
11 table inet filter {
12 chain input {
13 iifname ${lteIface} jump input-net
14 iifname ${lteIface} log level warn prefix "input-net: " counter drop
15 }
16 chain output-net {
17 ip daddr 10.151.0.1 tcp dport 8080 counter accept \
18 comment "mmsd-tng: Prixtel/SFR"
19 }
20 chain output {
21 oifname ${lteIface} jump output-net
22 oifname ${lteIface} log level warn prefix "output-net: " counter drop
23 }
24 chain forward-to-net {
25 }
26 chain forward-from-net {
27 }
28 chain forward-to-net { }
29 chain forward-from-net { }
30 chain forward {
31 iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} goto forward-to-net
32 iifname ${lteIface} oifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } goto forward-from-net
33 }
34 }
35 table inet nat {
36 chain postrouting {
37 iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} masquerade
38 }
39 }
40 '';
41 services.mmsd.enable = true;
42 services.mmsd.extraArgs = ["--debug"];
43 systemd.services.NetworkManager.wants = [ "ModemManager.service" ];
44 services.dbus.packages = [ pkgs.dconf ];
45 programs.dconf.enable = true;
46 environment.etc."NetworkManager/system-connections/Prixtel.nmconnection" = {
47 mode = "600";
48 text = ''
49 [connection]
50 id=Prixtel
51 uuid=b223f550-dff1-4ba3-9755-cd4557faaa5a
52 type=gsm
53 autoconnect=true
54 permissions=user:${users.julm.name}:;
55
56 [gsm]
57 apn=sl2sfr
58 number=*99#
59 #home-only=true
60
61 [ppp]
62
63 [ipv4]
64 method=auto
65 dhcp-send-hostname=false
66
67 [ipv6]
68 method=auto
69 addr-gen-mode=stable-privacy
70 ip6-privacy=2
71 dhcp-send-hostname=false
72
73 [proxy]
74 '';
75 };
76 environment.systemPackages = [
77 pkgs.modem-manager-gui
78 pkgs.libmbim
79 pkgs.chatty
80 pkgs.gnome.gnome-contacts
81 pkgs.mmsd-tng
82 pkgs.picocom
83 pkgs.calls
84 pkgs.dfeet
85 # https://gitlab.com/mobian1/callaudiod/-/issues/26
86 # https://gitlab.com/mobian1/callaudiod/-/issues/27
87 pkgs.callaudiod
88 ];
89 }