Add wake online

hosts/home-nix/hardware-configuration.nix

@@ -1,14 +1,27 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
+  config,
+  lib,
+  modulesPath,
+  ...
+}:
 
 {
-  imports =
+  imports = [
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
-    ];
+  ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ehci_pci"
+    "ahci"
+    "nvme"
+    "usbhid"
+    "usb_storage"
+    "sd_mod"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];

modules/core/packages.nix

@@ -24,6 +24,7 @@
     pkgs.bash
     pkgs.fzf
     pkgs.bc
+    pkgs.wakeonlan
   ];
   services = {
     locate = {

modules/core/users.nix

@@ -18,7 +18,7 @@
           "video"
         ];
         openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAKMJ3TkEmRQcX7RQijNa2km6a2xXJk6M6FERh7C9nTJ"
+          config.sops.secrets."ssh_keys/beastie_priv".path
         ];
         shell = pkgs.zsh;
       };

modules/optionnals/hosts/home-nix.nix

@@ -3,6 +3,9 @@
   pkgs,
   ...
 }:
+let
+  lanIface = "enp5s0";
+in
 {
   imports = [
     #../ai.nix
@@ -10,10 +13,12 @@
     ../k8s.nix
     ../libvirt.nix
     ../openfortivpn.nix
+    ../options.nix
     ../packages.nix
     ../sops-desktop.nix
-    ../ssh.nix
+    ../sshd.nix
     ../sudo-nopasswd.nix
+    ../wakeonlan.nix
 
     ### Import GUI modules
     ../desktop/code.nix
@@ -31,6 +36,8 @@
     ../desktop/nvidia.nix
   ];
 
+  my.lanInterface = "enp5s0";
+
   sops = {
     secrets = {
       "wireguard_home/publickey" = { };
@@ -44,7 +51,7 @@
   networking = {
     #useNetworkd = true;
     #useHostResolvConf = false;
-    interfaces.enp5s0 = {
+    interfaces.${config.my.lanInterface} = {
       ipv4.addresses = [
         {
           address = "192.168.0.2";
@@ -54,7 +61,7 @@
     };
     defaultGateway = {
       address = "192.168.0.254";
-      interface = "enp5s0";
+      interface = "${config.my.lanInterface}";
     };
     nameservers = [
       #"9.9.9.9"

modules/optionnals/hosts/work-nix.nix

@@ -10,7 +10,7 @@
     ../openfortivpn.nix
     ../packages.nix
     ../sops-desktop.nix
-    ../ssh.nix
+    ../sshd.nix
     ../sudo-nopasswd.nix
 
     ### Import GUI modules
@@ -36,7 +36,7 @@
       carto-interavtive 172.18.20.134
     '';
   };
-    users.users.${username} = {
+  users.users.${username} = {
     extraGroups = [ "networkmanager" ];
   };
   programs.nm-applet.enable = true;

modules/optionnals/options.nix

@@ -0,0 +1,10 @@
+{
+  lib,
+  ...
+}:
+{
+  options.my.lanInterface = lib.mkOption {
+    type = lib.types.str;
+    default = "enp5s0";
+  };
+}

modules/optionnals/wakeonlan.nix

@@ -0,0 +1,32 @@
+{
+  config,
+  pkgs,
+  hostname,
+  ...
+}:
+{
+  systemd.services."wol@$${config.my.lanInterface}" = {
+    description = "Wake-on-LAN for ${config.my.lanInterface}";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      Type = "oneshot";
+      ExecStart = "${pkgs.ethtool}/bin/ethtool -s ${config.my.lanInterface} wol g";
+      RandomizedDelaySec = "30s";
+    };
+  };
+  environment.systemPackages = [ pkgs.ethtool ];
+
+  boot.initrd.network = {
+    enable = true;
+    ssh = {
+      enable = true;
+      port = 2222;
+      authorizedKeys = [ "ssh-ed25519 AAAA..." ]; # ta clé publique
+      hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ];
+    };
+  };
+  boot.kernelParams = [
+    "ip=192.168.0.2::192.168.0.254:255.255.255.0:${hostname}:${config.my.lanInterface}:off"
+  ];
+}