zaphyra's git: nixfiles

config/home/zaphyra/configure/gnome: make cccda door notify transient

diff --git a/config/home/zaphyra/configure/gnome.nix b/config/home/zaphyra/configure/gnome.nix
@@ -152,7 +152,7 @@ in
         command = "${pkgs.writeShellScript "cccda-buzzer" ''
           export SSH_AUTH_SOCK=$(gpgconf --list-dirs agent-ssh-socket)
 
-          ${pkgs.libnotify}/bin/notify-send CCCDA-Door "$(${pkgs.chaosctl}/bin/chaosctl door buzzer)"
+          ${pkgs.libnotify}/bin/notify-send -e "CCCDA-Door" "$(${pkgs.chaosctl}/bin/chaosctl door buzzer)"
         ''}";
         binding = "<Super><Shift>d";
       };

diff --git a/flake.nix b/flake.nix
@@ -104,6 +104,7 @@
             )
 
             inputs.impermanence.nixosModules.default
+
             inputs.lixModule.nixosModules.default
             inputs.lanzaboote.nixosModules.lanzaboote
             inputs.sopsNix.nixosModules.sops

diff --git a/hosts/huntii/default.nix b/hosts/huntii/default.nix
@@ -12,6 +12,11 @@
     allowHibernation = true;
   };
 
+  networking = {
+    hasDN42 = true;
+    dn42Address = "fd6b:6174:6a61::3";
+  };
+
   configuration =
     {
       modulesPath,

@@ -110,6 +115,7 @@
       };
 
       services = {
+        resolved.enable = true;
         printing.enable = true;
         gnome.at-spi2-core.enable = false;
 

diff --git a/hosts/morio/default.nix b/hosts/morio/default.nix
@@ -22,6 +22,9 @@
     ip6Address = "2a03:4000:39:e9a::1";
     ip6PrefixLength = 64;
     defaultGateway6 = "fe80::1";
+
+    hasDN42 = true;
+    dn42Address = "fd6b:6174:6a61::2";
   };
 
   configuration =

diff --git a/hosts/morio/dn42.nix b/hosts/morio/dn42.nix
@@ -2,6 +2,8 @@
 
 {
 
+  dns.zones."zaphyra.eu".subdomains."router-2.dn42".AAAA = [ hostConfig.networking.ip6Address ];
+
   sops.secrets."dn42/wgPrivateKey" = {
     owner = "systemd-network";
     group = "systemd-network";

@@ -11,7 +13,63 @@
     "fd6b:6174:6a61:53::2"
   ];
 
+#   modules.networking.dn42 = {
+#     enable = true;
+#     routerId = 42171802;
+#     asn = 4242421718;
+#     address = "fd6b:6174:6a61::2";
+#     range = "fd6b:6174:6a61::/48";
+#     babel = {
+#       enable = true;
+#       peerings = {
+#         vlan = { };
+#       };
+#     };
+#   };
+# 
+#   networking.firewall.trustedInterfaces = [ "vlan" ];
+# 
+#   systemd.network = {
+#     netdevs."15-dn42" = {
+#       netdevConfig = {
+#         Kind = "dummy";
+#         Name = "dn42";
+#       };
+#     };
+# 
+#     networks."15-dn42" = {
+#       matchConfig.Name = "dn42";
+#       linkConfig.RequiredForOnline = "no";
+#       address = [
+#         "fd6b:6174:6a61::2/48"
+#         "fd6b:6174:6a61:53::2/128"
+#       ];
+#     };
+# 
+#     links."10-vlan" = {
+#       matchConfig.PermanentMACAddress = "76:f9:f6:9a:82:d6";
+#       linkConfig.Name = "vlan";
+#     };
+# 
+#     networks."10-vlan" = {
+#       matchConfig.Name = "vlan";
+#       linkConfig.RequiredForOnline = "no";
+#       networkConfig.IPv6Forwarding = true;
+#     };
+#   };
+
   systemd.network = {
+#     links."10-vlan" = {
+#       matchConfig.PermanentMACAddress = "56:ca:a0:fa:fa:2b";
+#       linkConfig.Name = "vlan";
+#     };
+# 
+#     networks."10-vlan" = {
+#       matchConfig.Name = "vlan";
+#       linkConfig.RequiredForOnline = "no";
+#       networkConfig.IPv6Forwarding = true;
+#     };
+
     netdevs."20-dn42" = {
       netdevConfig = {
         Kind = "wireguard";

@@ -57,4 +115,6 @@
     };
   };
 
+
+
 }

diff --git a/hosts/novus/default.nix b/hosts/novus/default.nix
@@ -22,6 +22,9 @@
     ip6Address = "2a03:4000:4d:5e::1";
     ip6PrefixLength = 64;
     defaultGateway6 = "fe80::1";
+
+    hasDN42 = true;
+    dn42Address = "fd6b:6174:6a61::1";
   };
 
   configuration =

diff --git a/hosts/novus/dn42.nix b/hosts/novus/dn42.nix
@@ -76,6 +76,13 @@
         publicKey = "W+h0FMrxsAP7RppqFFMrfDHuu5CMW5aTW9E1MZXFf1w=";
         listenPort = 51829;
       };
+      # e1mo = {
+      #   asn = 4242420565;
+      #   remoteLinkLocalAddress = "";
+      #   endpoint = "";
+      #   publicKey = "";
+      #   listenPort = 51830;
+      # };
       clerie = {
         asn = 4242422574;
         remoteLinkLocalAddress = "fe80::2574";

@@ -96,6 +103,21 @@
         publicKey = "NxHkdwZPVL+3HdrHTFOslUpUckTf0dzEG9qpZ0FTBnA=";
         listenPort = 51833;
       };
+      # c4tg1rl5 = {
+      #   asn = "4242421411";
+      #   remoteLinkLocalAddress = "";
+      #   hasPresharedKey = true;
+      #   publicKey = "";
+      #   listenPort = 51834;
+      # };      
+    };
+    babel = {
+      enable = false;
+      peerings = {
+        dn42 = {
+          type = "tunnel";
+        };
+      };
     };
   };
 

@@ -105,11 +127,27 @@
       config.systemd.network.netdevs."20-dn42".wireguardConfig.ListenPort
     ];
     trustedInterfaces = [
+#      "vlan"
       "dn42"
     ];
+    # filterForward = true;
+    # extraForwardRules = "iifname dn42 accept";
   };
 
+
+
   systemd.network = {
+#     links."10-vlan" = {
+#       matchConfig.PermanentMACAddress = "56:ca:a0:fa:fa:2b";
+#       linkConfig.Name = "vlan";
+#     };
+# 
+#     networks."10-vlan" = {
+#       matchConfig.Name = "vlan";
+#       linkConfig.RequiredForOnline = "no";
+#       networkConfig.IPv6Forwarding = true;
+#     };
+
     config.networkConfig = {
       IPv6Forwarding = true;
     };

diff --git a/hosts/polaris/default.nix b/hosts/polaris/default.nix
@@ -20,6 +20,9 @@
     ip6IsPrivate = false;
     ip6Address = "2a03:4000:4d:5e:acab::1";
     ip6PrefixLength = 112;
+
+    hasDN42 = true;
+    dn42Address = "fd6b:6174:6a61::5";
   };
 
   configuration =

@@ -36,6 +39,7 @@
 
       imports = [
         (modulesPath + "/profiles/minimal.nix")
+        ./syncthing.nix
       ];
 
       boot = {

@@ -80,7 +84,6 @@
             enable = true;
             router.enable = true;
             smarthome.enable = true;
-            syncthing.enable = false;
           };
         };