hosts/aubergine/networking/lte.nix

   1 { pkgs, lib, config, ... }:
   2 with (import ./names-and-numbers.nix);
   3 let
   4   inherit (config.users) users;
   5 in
   6 {
   7   networking.nftables.ruleset = ''
   8     table inet filter {
   9       chain input {
  10         iifname ${lteIface} jump input-net
  11         iifname ${lteIface} log level warn prefix "input-net: " counter drop
  12       }
  13       chain output-net {
  14         ip daddr 10.151.0.1 tcp dport 8080 counter accept \
  15           comment "mmsd: Prixtel/SFR"
  16       }
  17       chain output {
  18         oifname ${lteIface} jump output-net
  19         oifname ${lteIface} log level warn prefix "output-net: " counter drop
  20       }
  21       chain forward-to-net {
  22       }
  23       chain forward-from-net {
  24       }
  25       chain forward-to-net { }
  26       chain forward-from-net { }
  27       chain forward {
  28         iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} goto forward-to-net
  29         iifname ${lteIface} oifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } goto forward-from-net
  30       }
  31     }
  32     table inet nat {
  33       chain postrouting {
  34         iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} masquerade
  35       }
  36     }
  37   '';
  38   services.mmsd.enable = true;
  39   services.mmsd.extraArgs = [ "--debug" ];
  40   systemd.services.ModemManager.serviceConfig.ExecStart = lib.mkForce [ "" "${pkgs.modemmanager}/bin/ModemManager --debug" ];
  41   systemd.services.NetworkManager.wants = [ "ModemManager.service" ];
  42   services.dbus.packages = [ pkgs.dconf ];
  43   programs.dconf.enable = true;
  44   environment.etc."NetworkManager/system-connections/Prixtel.nmconnection" = {
  45     mode = "600";
  46     text = ''
  47       [connection]
  48       id=Prixtel
  49       uuid=b223f550-dff1-4ba3-9755-cd4557faaa5a
  50       type=gsm
  51       autoconnect=true
  52       autoconnect-retries=0
  53
  54       [gsm]
  55       apn=sl2sfr
  56       number=*99#
  57       #home-only=true
  58
  59       [ppp]
  60
  61       [ipv4]
  62       method=auto
  63       dhcp-send-hostname=false
  64
  65       [ipv6]
  66       method=auto
  67       addr-gen-mode=stable-privacy
  68       ip6-privacy=2
  69       dhcp-send-hostname=false
  70
  71       [proxy]
  72     '';
  73   };
  74   systemd.services.watch-lte = {
  75     wantedBy = [ "multi-user.target" ];
  76     startAt = "*:0/5"; # every 5 min
  77     path = with pkgs; [ inetutils networkmanager ];
  78     unitConfig = { StartLimitIntervalSec = 0; };
  79     serviceConfig = {
  80       Type = "simple";
  81       IPAddressAllow = [ "9.9.9.9" ];
  82       RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
  83       ExecStart = pkgs.writeShellScript "watch-lte" ''
  84         set -eux
  85         ping -c 1 9.9.9.9 ||
  86         nmcli connection up Prixtel
  87       '';
  88       Restart = "on-failure";
  89       RestartSec = "30s";
  90     };
  91   };
  92   environment.systemPackages = [
  93     pkgs.modem-manager-gui
  94     pkgs.libmbim
  95     pkgs.chatty
  96     pkgs.gnome.gnome-contacts
  97     pkgs.picocom
  98     pkgs.tio
  99     pkgs.calls
 100     pkgs.dfeet
 101     # https://gitlab.com/mobian1/callaudiod/-/issues/26
 102     # https://gitlab.com/mobian1/callaudiod/-/issues/27
 103     pkgs.callaudiod
 104   ];
 105 }