nan2gua1: syncoid: enable

[julm/julm-nix.git] / hosts / aubergine / networking / lte.nix

{
  pkgs,
  lib,
  config,
  ...
}:
with (import ./names-and-numbers.nix);
let
  inherit (config.users) users;
  modemmanager = pkgs.modemmanager-1-18;
in
#modemmanager = pkgs.modemmanager-1-20-4;
{
  networking.nftables.ruleset = ''
    table inet filter {
      chain input {
        iifname ${lteIface} jump input-net
        iifname ${lteIface} log level warn prefix "input-net: " counter drop
      }
      chain output-net {
        ip daddr 10.151.0.1 tcp dport 8080 counter accept \
          comment "mmsd: Prixtel/SFR"
      }
      chain output {
        oifname ${lteIface} jump output-net
        oifname ${lteIface} log level warn prefix "output-net: " counter drop
      }
      chain forward-to-net {
      }
      chain forward-from-net {
      }
      chain forward-to-net { }
      chain forward-from-net { }
      chain forward {
        iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} goto forward-to-net
        iifname ${lteIface} oifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } goto forward-from-net
      }
    }
    table inet nat {
      chain postrouting {
        iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} masquerade
      }
    }
  '';
  services.mmsd.enable = true;
  services.mmsd.extraArgs = [ "--debug" ];
  systemd.services.ModemManager.serviceConfig.ExecStart = lib.mkForce [
    ""
    # See https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/780
    "${modemmanager}/bin/ModemManager --debug"
  ];
  systemd.services.NetworkManager.wants = [ "ModemManager.service" ];
  services.dbus.packages = [ pkgs.dconf ];
  programs.dconf.enable = true;
  environment.etc."NetworkManager/system-connections/Prixtel.nmconnection" = {
    mode = "600";
    text = ''
      [connection]
      id=Prixtel
      uuid=b223f550-dff1-4ba3-9755-cd4557faaa5a
      type=gsm
      autoconnect=true
      autoconnect-priority=999
      autoconnect-retries=0

      [gsm]
      apn=sl2sfr
      number=*99#
      #home-only=true

      [ppp]

      [ipv4]
      method=auto
      dhcp-send-hostname=false

      [ipv6]
      method=auto
      addr-gen-mode=stable-privacy
      ip6-privacy=2
      dhcp-send-hostname=false

      [proxy]
    '';
  };
  systemd.services.watch-lte = {
    after = [
      "ModemManager.service"
      "NetworkManager.service"
      "NetworkManager-wait-online.service"
    ];
    requires = [
      "ModemManager.service"
      "NetworkManager.service"
      "NetworkManager-wait-online.service"
    ];
    wantedBy = [ "network-online.target" ];
    #startAt = "*:0/5"; # every 5 min
    path = with pkgs; [
      inetutils
      jq
      modemmanager
      networkmanager
    ];
    unitConfig = {
      StartLimitIntervalSec = 0;
    };
    serviceConfig = {
      Type = "simple";
      IPAddressAllow = [ "9.9.9.9" ];
      RestrictAddressFamilies = [
        "AF_INET"
        "AF_INET6"
        "AF_UNIX"
      ];
      ExecStart = pkgs.writeShellScript "watch-lte" ''
        set -eux
        lastPONG=$(date +%s)
        while sleep 5; do
          if ping 9.9.9.9 --count 10 --linger 20 --interval 1 --quiet --numeric
          then lastPONG=$(date +%s)
          fi
          if test $(( $(date +%s) - lastPONG )) -gt 300
          then
            modem=$(mmcli -L -J | jq -r '.["modem-list"][0]') || true
            mmcli -m "$modem" --command "AT+CFUN=1,1" || true
            sleep 10
            systemctl restart ModemManager
            sleep 10
            nmcli connection up Prixtel
            sleep 300
          fi
        done
      '';
      Restart = "on-failure";
      RestartSec = "10s";
    };
  };
  environment.systemPackages = [
    pkgs.modem-manager-gui
    pkgs.libmbim
    pkgs.chatty
    pkgs.gnome-contacts
    pkgs.picocom
    pkgs.tio
    pkgs.calls
    pkgs.d-spy
    # https://gitlab.com/mobian1/callaudiod/-/issues/26
    # https://gitlab.com/mobian1/callaudiod/-/issues/27
    pkgs.callaudiod
  ];
}