-{ pkgs, lib, config, ... }:
+{ pkgs, config, ... }:
with (import ./names-and-numbers.nix);
let
inherit (config.users) users;
in
{
-networking.nftables.ruleset = ''
- table inet filter {
- chain input {
- iifname ${lteIface} jump input-net
- iifname ${lteIface} log level warn prefix "input-net: " counter drop
+ networking.nftables.ruleset = ''
+ table inet filter {
+ chain input {
+ iifname ${lteIface} jump input-net
+ iifname ${lteIface} log level warn prefix "input-net: " counter drop
+ }
+ chain output-net {
+ ip daddr 10.151.0.1 tcp dport 8080 counter accept \
+ comment "mmsd: Prixtel/SFR"
+ }
+ chain output {
+ oifname ${lteIface} jump output-net
+ oifname ${lteIface} log level warn prefix "output-net: " counter drop
+ }
+ chain forward-to-net {
+ }
+ chain forward-from-net {
+ }
+ chain forward-to-net { }
+ chain forward-from-net { }
+ chain forward {
+ iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} goto forward-to-net
+ iifname ${lteIface} oifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } goto forward-from-net
+ }
}
- chain output-net {
- ip daddr 10.151.0.1 tcp dport 8080 counter accept \
- comment "mmsd: Prixtel/SFR"
+ table inet nat {
+ chain postrouting {
+ iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} masquerade
+ }
}
- chain output {
- oifname ${lteIface} jump output-net
- oifname ${lteIface} log level warn prefix "output-net: " counter drop
- }
- chain forward-to-net {
- }
- chain forward-from-net {
- }
- chain forward-to-net { }
- chain forward-from-net { }
- chain forward {
- iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} goto forward-to-net
- iifname ${lteIface} oifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } goto forward-from-net
- }
- }
- table inet nat {
- chain postrouting {
- iifname { ${wifiIface}, ${eth1Iface}, ${eth2Iface}, ${eth3Iface} } oifname ${lteIface} masquerade
- }
- }
-'';
-services.mmsd.enable = true;
-services.mmsd.extraArgs = ["--debug"];
-systemd.services.NetworkManager.wants = [ "ModemManager.service" ];
-services.dbus.packages = [ pkgs.dconf ];
-programs.dconf.enable = true;
-environment.etc."NetworkManager/system-connections/Prixtel.nmconnection" = {
- mode = "600";
- text = ''
- [connection]
- id=Prixtel
- uuid=b223f550-dff1-4ba3-9755-cd4557faaa5a
- type=gsm
- autoconnect=true
- permissions=user:${users.julm.name}:;
+ '';
+ services.mmsd.enable = true;
+ services.mmsd.extraArgs = [ "--debug" ];
+ systemd.services.NetworkManager.wants = [ "ModemManager.service" ];
+ services.dbus.packages = [ pkgs.dconf ];
+ programs.dconf.enable = true;
+ environment.etc."NetworkManager/system-connections/Prixtel.nmconnection" = {
+ mode = "600";
+ text = ''
+ [connection]
+ id=Prixtel
+ uuid=b223f550-dff1-4ba3-9755-cd4557faaa5a
+ type=gsm
+ autoconnect=true
+ autoconnect-retries=0
- [gsm]
- apn=sl2sfr
- number=*99#
- #home-only=true
+ [gsm]
+ apn=sl2sfr
+ number=*99#
+ #home-only=true
- [ppp]
+ [ppp]
- [ipv4]
- method=auto
- dhcp-send-hostname=false
+ [ipv4]
+ method=auto
+ dhcp-send-hostname=false
- [ipv6]
- method=auto
- addr-gen-mode=stable-privacy
- ip6-privacy=2
- dhcp-send-hostname=false
+ [ipv6]
+ method=auto
+ addr-gen-mode=stable-privacy
+ ip6-privacy=2
+ dhcp-send-hostname=false
- [proxy]
- '';
-};
-environment.systemPackages = [
- pkgs.modem-manager-gui
- pkgs.libmbim
- pkgs.chatty
- pkgs.gnome.gnome-contacts
- pkgs.picocom
- pkgs.calls
- pkgs.dfeet
- # https://gitlab.com/mobian1/callaudiod/-/issues/26
- # https://gitlab.com/mobian1/callaudiod/-/issues/27
- pkgs.callaudiod
-];
+ [proxy]
+ '';
+ };
+ environment.systemPackages = [
+ pkgs.modem-manager-gui
+ pkgs.libmbim
+ pkgs.chatty
+ pkgs.gnome.gnome-contacts
+ pkgs.picocom
+ pkgs.calls
+ pkgs.dfeet
+ # https://gitlab.com/mobian1/callaudiod/-/issues/26
+ # https://gitlab.com/mobian1/callaudiod/-/issues/27
+ pkgs.callaudiod
+ ];
}
sourcephile / git / julm / julm-nix.git / blobdiff