Skip to content

Commit 824fb1e

Browse files
PlopmenzPlopmenz
committed
network config
1 parent 0504285 commit 824fb1e

6 files changed

Lines changed: 113 additions & 6 deletions

File tree

.github/workflows/cache.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ jobs:
1111
strategy:
1212
matrix:
1313
runner:
14-
- ubuntu-latest
14+
- ubuntu-24.04
1515
- ubuntu-24.04-arm
1616

1717
steps:

.github/workflows/installer.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313
strategy:
1414
matrix:
1515
runner:
16-
- ubuntu-latest
16+
- ubuntu-24.04
1717
- ubuntu-24.04-arm
1818

1919
permissions:

README.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,5 +38,6 @@ export ENCRYPTED="1" && curl https://raw.githubusercontent.com/Openmesh-Network/
3838
```
3939
#cloud-config
4040
runcmd:
41-
- export DOMAIN="xnode.plopmenz.com" && export ACME_EMAIL="plopmenz@gmail.com" && export XNODE_OWNER="eth:519ce4c129a981b2cbb4c3990b1391da24e8ebf3" && export ENCRYPTED="1" && curl https://raw.githubusercontent.com/Openmesh-Network/xnode-manager/main/os/install.sh | bash 2>&1 | tee /tmp/xnodeos.log
41+
- |
42+
export DOMAIN="xnode.plopmenz.com" && export ACME_EMAIL="plopmenz@gmail.com" && export XNODE_OWNER="eth:519ce4c129a981b2cbb4c3990b1391da24e8ebf3" && export ENCRYPTED="1" && curl https://raw.githubusercontent.com/Openmesh-Network/xnode-manager/main/os/install.sh | bash 2>&1 | tee /tmp/xnodeos.log
4243
```

os/flake.nix

Lines changed: 46 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,7 @@
7979
{
8080
boot.loader.timeout = 0; # Speed up boot by skipping selection
8181
zramSwap.enable = true; # Compress memory
82+
boot.kernel.sysctl."fs.inotify.max_user_instances" = 2147483647; # Containers can easily use more inotify instances than default 128
8283

8384
environment.systemPackages = [
8485
pkgs.mergerfs
@@ -156,15 +157,15 @@
156157
anyInterface = true;
157158
};
158159
networks = {
159-
"wired" = {
160+
"99-wired" = {
160161
matchConfig.Name = "en*";
161162
networkConfig = {
162163
DHCP = "yes";
163164
};
164165
dhcpV4Config.RouteMetric = 100;
165166
dhcpV6Config.WithoutRA = "solicit";
166167
};
167-
"wireless" = {
168+
"99-wireless" = {
168169
matchConfig.Name = "wl*";
169170
networkConfig = {
170171
DHCP = "yes";
@@ -213,6 +214,49 @@
213214
};
214215
}
215216
)
217+
(
218+
let
219+
raw-network-config =
220+
if (builtins.pathExists ./network-config) then
221+
builtins.fromJSON (builtins.readFile ./network-config)
222+
else
223+
{ };
224+
network-config = builtins.map (address: {
225+
name = address.address;
226+
value = {
227+
ip = builtins.map (ip: { address = "${ip.local}/${ip.prefixlen}"; }) (
228+
builtins.filter (ip: ip.scope == "global" && !ip.dynamic) address.addr_info
229+
);
230+
route =
231+
builtins.map
232+
(route: {
233+
destination = if (route.dst == "default") then "0.0.0.0/0" else route.dst;
234+
gateway = route.gateway;
235+
})
236+
(
237+
builtins.filter (
238+
route: route.protocol == "static" && route.dev == address.ifname
239+
) raw-network-config.route
240+
);
241+
};
242+
}) raw-network-config.address;
243+
in
244+
{
245+
systemd.network.networks = builtins.listToAttrs (
246+
builtins.map (interface: {
247+
name = "00-${interface.name}";
248+
value = {
249+
matchConfig.MACAddress = interface.name;
250+
address = builtins.map (ip: ip.address) interface.value.ip;
251+
routes = builtins.map (route: {
252+
Destination = route.destination;
253+
Gateway = route.gateway;
254+
}) interface.value.route;
255+
};
256+
}) network-config
257+
);
258+
}
259+
)
216260
(
217261
{ config, ... }:
218262
let

os/installer/install.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,6 +129,9 @@ fi
129129
if [[ $USER_PASSWD ]]; then
130130
echo -n "${USER_PASSWD}" > /mnt/etc/nixos/user-passwd
131131
fi
132+
if [[ $NETWORK_CONFIG ]]; then
133+
echo -n "${NETWORK_CONFIG}" > /mnt/etc/nixos/network-config
134+
fi
132135
if [[ $INITIAL_CONFIG ]]; then
133136
sed -i "/# START USER CONFIG/,/# END USER CONFIG/c\# START USER CONFIG\n${INITIAL_CONFIG}\n# END USER CONFIG" /mnt/etc/nixos/flake.nix
134137
fi

os/installer/kexec.nix

Lines changed: 60 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@
2121
cp "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}" xnodeos/bzImage
2222
cp "${config.system.build.kexecScript}" xnodeos/install
2323
cp "${pkgs.pkgsStatic.kexec-tools}/bin/kexec" xnodeos/kexec
24+
cp "${pkgs.pkgsStatic.iproute2.override { iptables = null; }}/bin/ip" xnodeos/ip
2425
tar -czvf $out/xnodeos-kexec-installer-${pkgs.stdenv.hostPlatform.system}.tar.gz xnodeos
2526
'';
2627

@@ -30,11 +31,12 @@
3031
pkgs.writeScript "kexec-boot" ''
3132
#!/usr/bin/env bash
3233
SCRIPT_DIR=$( cd -- "$( dirname -- "''${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
34+
NETWORK_CONFIG="{ \"address\": $(''${SCRIPT_DIR}/ip -j address show), \"route\": $(''${SCRIPT_DIR}/ip -j route show) }"
3335
''${SCRIPT_DIR}/kexec --load ''${SCRIPT_DIR}/bzImage \
3436
--initrd=''${SCRIPT_DIR}/initrd \
3537
--command-line "init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} && $(cat << EOF
3638
37-
export XNODE_OWNER="''${XNODE_OWNER}" && export DOMAIN="''${DOMAIN}" && export ACME_EMAIL="''${ACME_EMAIL}" && export USER_PASSWD="''${USER_PASSWD}" && export ENCRYPTED="''${ENCRYPTED}" && export INITIAL_CONFIG="''${INITIAL_CONFIG}"
39+
export XNODE_OWNER="''${XNODE_OWNER}" && export DOMAIN="''${DOMAIN}" && export ACME_EMAIL="''${ACME_EMAIL}" && export USER_PASSWD="''${USER_PASSWD}" && export ENCRYPTED="''${ENCRYPTED}" && export NETWORK_CONFIG="''${NETWORK_CONFIG}" && export INITIAL_CONFIG="''${INITIAL_CONFIG}"
3840
EOF
3941
)"
4042
''${SCRIPT_DIR}/kexec -e
@@ -46,4 +48,61 @@
4648
sed '2q;d' /proc/cmdline > /tmp/xnode-env
4749
source /tmp/xnode-env
4850
'';
51+
52+
systemd.services.apply-network-config = {
53+
wantedBy = [ "multi-user.target" ];
54+
description = "Apply run time provided network config.";
55+
wants = [ "network-pre.target" ];
56+
before = [ "network-pre.target" ];
57+
serviceConfig = {
58+
Type = "oneshot";
59+
User = "root";
60+
Group = "root";
61+
RemainAfterExit = true;
62+
};
63+
path = [
64+
pkgs.iproute2
65+
pkgs.jq
66+
];
67+
script = ''
68+
# Extract environmental variables
69+
sed '2q;d' /proc/cmdline > /tmp/xnode-env
70+
source /tmp/xnode-env
71+
72+
if [[ $NETWORK_CONFIG ]]; then
73+
interfaces=$(echo "$NETWORK_CONFIG" | jq -c '.address.[]')
74+
routes=$(echo "$NETWORK_CONFIG" | jq -c '.route.[]')
75+
for iface in $interfaces; do
76+
mac=$(echo "$iface" | jq -r '.address')
77+
og_name=$(echo "$iface" | jq -r '.ifname')
78+
name=$(grep -l "$mac" /sys/class/net/*/address | sed 's|/sys/class/net/\(.*\)/address|\1|')
79+
80+
addresses=$(echo "$iface" | jq -c '.addr_info[]')
81+
for address in $addresses; do
82+
scope=$(echo "$address" | jq -r '.scope')
83+
dynamic=$(echo "$address" | jq -r '.dynamic')
84+
85+
if [ "$scope" != "global" ] || [ "$dynamic" = "true" ]; then
86+
continue
87+
fi
88+
89+
config="$(echo "$address" | jq -r '.local')/$(echo "$address" | jq -r '.prefixlen')"
90+
ip address add $config dev $name
91+
done
92+
93+
for route in $routes; do
94+
protocol=$(echo "$route" | jq -r '.protocol')
95+
dev=$(echo "$route" | jq -r '.dev')
96+
97+
if [ "$protocol" != "static" ] || [ "$dev" != "$og_name" ]; then
98+
continue
99+
fi
100+
101+
config="$(echo "$route" | jq -r '.dst') via $(echo "$route" | jq -r '.gateway')"
102+
ip route add $config dev $name
103+
done
104+
done
105+
fi
106+
'';
107+
};
49108
}

0 commit comments

Comments
 (0)