From 918d42ff71e74e1fdbcdd6febb6f7ba2ce8862e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9r=C3=A9mie=20SALVI?= Date: Fri, 12 Dec 2025 04:42:20 +0100 Subject: [PATCH] Add wake online --- hosts/home-nix/hardware-configuration.nix | 23 ++++++++++++---- modules/core/packages.nix | 1 + modules/core/users.nix | 2 +- modules/optionnals/hosts/home-nix.nix | 13 ++++++--- modules/optionnals/hosts/work-nix.nix | 4 +-- modules/optionnals/options.nix | 10 +++++++ modules/optionnals/{ssh.nix => sshd.nix} | 0 modules/optionnals/wakeonlan.nix | 32 +++++++++++++++++++++++ 8 files changed, 74 insertions(+), 11 deletions(-) create mode 100644 modules/optionnals/options.nix rename modules/optionnals/{ssh.nix => sshd.nix} (100%) create mode 100644 modules/optionnals/wakeonlan.nix diff --git a/hosts/home-nix/hardware-configuration.nix b/hosts/home-nix/hardware-configuration.nix index 3a6bf54..a2b4f44 100644 --- a/hosts/home-nix/hardware-configuration.nix +++ b/hosts/home-nix/hardware-configuration.nix @@ -1,14 +1,27 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ehci_pci" + "ahci" + "nvme" + "usbhid" + "usb_storage" + "sd_mod" + ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; diff --git a/modules/core/packages.nix b/modules/core/packages.nix index ed50554..dc62bac 100644 --- a/modules/core/packages.nix +++ b/modules/core/packages.nix @@ -24,6 +24,7 @@ pkgs.bash pkgs.fzf pkgs.bc + pkgs.wakeonlan ]; services = { locate = { diff --git a/modules/core/users.nix b/modules/core/users.nix index afc302e..4a6ea3c 100644 --- a/modules/core/users.nix +++ b/modules/core/users.nix @@ -18,7 +18,7 @@ "video" ]; openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAKMJ3TkEmRQcX7RQijNa2km6a2xXJk6M6FERh7C9nTJ" + config.sops.secrets."ssh_keys/beastie_priv".path ]; shell = pkgs.zsh; }; diff --git a/modules/optionnals/hosts/home-nix.nix b/modules/optionnals/hosts/home-nix.nix index 9389ad1..6ae9293 100644 --- a/modules/optionnals/hosts/home-nix.nix +++ b/modules/optionnals/hosts/home-nix.nix @@ -3,6 +3,9 @@ pkgs, ... }: +let + lanIface = "enp5s0"; +in { imports = [ #../ai.nix @@ -10,10 +13,12 @@ ../k8s.nix ../libvirt.nix ../openfortivpn.nix + ../options.nix ../packages.nix ../sops-desktop.nix - ../ssh.nix + ../sshd.nix ../sudo-nopasswd.nix + ../wakeonlan.nix ### Import GUI modules ../desktop/code.nix @@ -31,6 +36,8 @@ ../desktop/nvidia.nix ]; + my.lanInterface = "enp5s0"; + sops = { secrets = { "wireguard_home/publickey" = { }; @@ -44,7 +51,7 @@ networking = { #useNetworkd = true; #useHostResolvConf = false; - interfaces.enp5s0 = { + interfaces.${config.my.lanInterface} = { ipv4.addresses = [ { address = "192.168.0.2"; @@ -54,7 +61,7 @@ }; defaultGateway = { address = "192.168.0.254"; - interface = "enp5s0"; + interface = "${config.my.lanInterface}"; }; nameservers = [ #"9.9.9.9" diff --git a/modules/optionnals/hosts/work-nix.nix b/modules/optionnals/hosts/work-nix.nix index b6bd15b..8d4a860 100644 --- a/modules/optionnals/hosts/work-nix.nix +++ b/modules/optionnals/hosts/work-nix.nix @@ -10,7 +10,7 @@ ../openfortivpn.nix ../packages.nix ../sops-desktop.nix - ../ssh.nix + ../sshd.nix ../sudo-nopasswd.nix ### Import GUI modules @@ -36,7 +36,7 @@ carto-interavtive 172.18.20.134 ''; }; - users.users.${username} = { + users.users.${username} = { extraGroups = [ "networkmanager" ]; }; programs.nm-applet.enable = true; diff --git a/modules/optionnals/options.nix b/modules/optionnals/options.nix new file mode 100644 index 0000000..f28ccc8 --- /dev/null +++ b/modules/optionnals/options.nix @@ -0,0 +1,10 @@ +{ + lib, + ... +}: +{ + options.my.lanInterface = lib.mkOption { + type = lib.types.str; + default = "enp5s0"; + }; +} diff --git a/modules/optionnals/ssh.nix b/modules/optionnals/sshd.nix similarity index 100% rename from modules/optionnals/ssh.nix rename to modules/optionnals/sshd.nix diff --git a/modules/optionnals/wakeonlan.nix b/modules/optionnals/wakeonlan.nix new file mode 100644 index 0000000..98e14e4 --- /dev/null +++ b/modules/optionnals/wakeonlan.nix @@ -0,0 +1,32 @@ +{ + config, + pkgs, + hostname, + ... +}: +{ + systemd.services."wol@$${config.my.lanInterface}" = { + description = "Wake-on-LAN for ${config.my.lanInterface}"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${config.my.lanInterface} wol g"; + RandomizedDelaySec = "30s"; + }; + }; + environment.systemPackages = [ pkgs.ethtool ]; + + boot.initrd.network = { + enable = true; + ssh = { + enable = true; + port = 2222; + authorizedKeys = [ "ssh-ed25519 AAAA..." ]; # ta clé publique + hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ]; + }; + }; + boot.kernelParams = [ + "ip=192.168.0.2::192.168.0.254:255.255.255.0:${hostname}:${config.my.lanInterface}:off" + ]; +}