ci/ios/test-router/README.md
Obtain an x86 computer with 2 ethernet interfaces.
Install NixOS on the hardware following the NixOS installation guide
Copy the generated /etc/nixos/hardware-config.nix file to the flake repo, add it to git.
Create a new Stagemole account, and add plentry of time to it
Add a new nixosConfiguration entry in flake.nix, following app-team-ios-lab as an example, making sure to import
the hardware config.
hardware-config.nix file as it contains the mount config for the partitions.
./router-config.nix import, as to not clash with existing SSIDs.
Also set the wgIpv4 and wgIpv6 args to the IP addresses from the wireguard config.Apply the new configuration either via SSH or by copying the flake over to the nix machine
nixos-reubild switch .#$newMachine --target-host root@$newMachine-ip if one can SSH into the machinenixos-reubild switch .$pathToFlake#$newMachine if flake is copied to nix machine, with $pathToFlake being the
path to this flake directory.Copy the wireguard private key from the generated config to the file /staging-wg-private-key
One can create an ISO to live-boot a router needing to permanently install this config. There are two drawbacks:
To do this, add a nixosConfiguration with an extra import of the installer ISO profile like so:
nixosConfigurations.app-team-ios-lab-iso = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
(import ./router-config.nix {
ssid = "app-team-ios-tests";
lanMac = "48:21:0b:36:bb:52";
wanMac = "48:21:0b:36:43:a3";
lanIp = "192.168.105.1/24";
wgIpv4 = "10.64.9.184/32";
wgIpv6 = "fc00:bbbb:bbbb:bb01::a40:9b8/128";
})
"${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
{
isoImage.squashfsCompression = "lz4";
}
];
};
And build it like so:
nix build .#nixosConfigurations.app-team-ios-lab-iso.config.system.build.isoImage
8.8.8.8:80 are NAT'ed to the gateway address.