zaphyra's git: nixfiles

config/nixos/modules/presets/katja/router: refactor ppp stuff

diff --git a/config/nixos/modules/presets/katja/router/pppd.nix b/config/nixos/modules/presets/katja/router/pppd.nix
@@ -20,71 +20,31 @@ in
   };
 
   config = lib.mkIf cfg {
-    sops.secrets."environments/pppd" = { };
+    sops.secrets."pppCredentials" = { };
 
     services.pppd = {
       enable = true;
       peers.dtagdsl.config = ''
+        debug
         plugin pppoe.so dtagdsl
-        user "''${DTAG_PPP_USER}"
-        password "''${DTAG_PPP_PASS}"
-        hide-password
         ifname ppp-dtagdsl
-        persist
-
+        file ${config.sops.secrets."pppCredentials".path}
+        mtu 1500
+        mru 1500
         maxfail 0
-        holdoff 5
-
-        noipdefault
-
-        lcp-echo-interval 20
-        lcp-echo-failure 3
-
-        mtu 1492
-        defaultroute
-        replacedefaultroute
+        novj
         +ipv6
+        noauth
+        defaultroute
+        persist
+        noaccomp
+        default-asyncmap
+        lcp-echo-interval 30
+        lcp-echo-failure 4
+        #lcp-echo-adaptive
+        lcp-max-configure 10
       '';
     };
-
-    environment.etc."ppp/peers/dtagdsl".enable = false;
-    environment.etc."ip-up.d/1systemd-networkd" = {
-      mode = "755";
-      text = ''
-        #!{pkgs.bash}/bin/bash
-        networkctl reconfigure "$PPP_IFACE";
-      '';
-    };
-
-    systemd.services."pppd-dtagdsl".serviceConfig =
-      let
-        preStart = ''
-          mkdir -p /etc/ppp/peers
-
-          # Created files only readable by root
-          umask u=rw,g=,o=
-
-          # Copy config and substitute env-vars
-          rm -f /etc/ppp/peers/dtagdsl
-          ${pkgs.envsubst}/bin/envsubst -i "${
-            config.environment.etc."ppp/peers/dtagdsl".source
-          }" > /etc/ppp/peers/dtagdsl
-        '';
-
-        preStartFile = utils.systemdUtils.lib.makeJobScript {
-          name = "pppd-dtagdsl-pre-start";
-          text = preStart;
-          enableStrictShellChecks = true;
-        };
-
-      in
-      {
-        EnvironmentFile = config.sops.secrets."environments/pppd".path;
-        ExecStartPre = [
-          # "+" marks script to be executed without priviledge restrictions
-          "+${preStartFile}"
-        ];
-      };
   };
 
 }

diff --git a/config/nixos/modules/presets/katja/router/systemd-networkd.nix b/config/nixos/modules/presets/katja/router/systemd-networkd.nix
@@ -97,7 +97,8 @@ in
         };
 
         "10-ppp-dtagdsl" = {
-          matchConfig.Name = "ppp-dtagdsl";
+          matchConfig.Type = "ppp";
+          linkConfig.RequiredForOnline = "routable";
 
           networkConfig = {
             KeepConfiguration = true;

@@ -109,6 +110,10 @@ in
             UseDNS = false;
           };
 
+          ipv6SendRAConfig = {
+            Managed = true;
+          };
+
           dhcpV6Config = {
             WithoutRA = "solicit";
             PrefixDelegationHint = "::/56";

@@ -120,7 +125,10 @@ in
         "10-wg-novus" = {
           matchConfig.Name = "wg-novus";
 
-          linkConfig.RequiredForOnline = false;
+          linkConfig = {
+            RequiredForOnline = false;
+          };
+
           routes = [
             {
               Destination = "::/0";

@@ -135,6 +143,10 @@ in
             Driver = "bridge";
           };
 
+          linkConfig = {
+            RequiredForOnline = "routable";
+          };
+
           address = [
             "${hostConfig.networking.ip4Address}/${toString hostConfig.networking.ip4PrefixLength}"
             "${hostConfig.networking.ip6Address}/${toString hostConfig.networking.ip6PrefixLength}"

@@ -174,6 +186,7 @@ in
           };
 
           ipv6SendRAConfig = {
+            RouterLifetimeSec = 1800;
             EmitDNS = true;
             DNS = "_link_local";
           };