From 0d17924cd71b5c918e8b34538ce261aff8a6b741 Mon Sep 17 00:00:00 2001
From: Tom Herbers <mail@tomherbers.de>
Date: Wed, 27 Sep 2023 04:59:52 +0200
Subject: [PATCH] init

---
 .github/workflows/build-iso.yaml | 61 ++++++++++++++++++++++++++++++++
 .gitignore                       |  1 +
 README.md                        | 17 +++++++++
 configuration.nix                | 56 +++++++++++++++++++++++++++++
 ffda-network-setup-mode.nix      | 33 +++++++++++++++++
 iso.nix                          | 12 +++++++
 6 files changed, 180 insertions(+)
 create mode 100644 .github/workflows/build-iso.yaml
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 configuration.nix
 create mode 100644 ffda-network-setup-mode.nix
 create mode 100644 iso.nix

diff --git a/.github/workflows/build-iso.yaml b/.github/workflows/build-iso.yaml
new file mode 100644
index 0000000..b3bf745
--- /dev/null
+++ b/.github/workflows/build-iso.yaml
@@ -0,0 +1,61 @@
+name: "Build ISO"
+on:
+  push:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  build:
+    strategy:
+      fail-fast: false
+      matrix:
+        plattform: [x86_64-linux]
+        include:
+          - plattform: x86_64-linux
+            type: iso
+            attrPath: config.system.build.isoImage
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - uses: cachix/install-nix-action@v23
+      with:
+        nix_path: nixpkgs=channel:nixos-23.05
+        extra_nix_config: |
+          system-features = aarch64-linux arm-linux
+    - run: |
+         DEBIAN_FRONTEND=noninteractive
+         sudo apt-get update -q -y && sudo apt-get install -q -y tree qemu-system-aarch64 qemu-efi binfmt-support qemu-user-static
+    - run: nix-build '<nixpkgs/nixos>' -A ${{ matrix.attrPath }} -I nixos-config=${{ matrix.type }}.nix --argstr system ${{ matrix.plattform }}
+    - run: tree result
+    - uses: actions/upload-artifact@v3
+      with:
+        name: ${{ matrix.plattform }}-${{ matrix.type }}
+        path: result/${{ matrix.type }}/
+        if-no-files-found: error
+        retention-days: 5
+
+
+  create_release:
+    runs-on: ubuntu-latest
+    needs:
+      - build
+    if: startsWith(github.ref, 'refs/tags/v')
+    permissions:
+      contents: write
+    steps:
+      - name: Download all artifacts
+        uses: actions/download-artifact@v3
+      - name: Display structure of artifacts
+        run: ls -R
+      - name: Create Release & Upload Release Assets
+        uses: softprops/action-gh-release@v1
+        with:
+          # Note: If there is no release name specified, releases created in
+          # the GitHub UI do not trigger a failure and are modified instead.
+          draft: false
+          prerelease: false
+          # Note: Release notes are only auto-generated if the release was
+          # created by the Github Action and was not created in the Github UI.
+          generate_release_notes: true
+          files: |
+            ./*/*.iso
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b2be92b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+result
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..43608c0
--- /dev/null
+++ b/README.md
@@ -0,0 +1,17 @@
+# network-setup-mode-trigger-os
+
+
+## Usage
+
+1. Downaload the provided ISO
+2. Copy it onto an USB Stick (for example https://etcher.balena.io/ could be used)
+3. Interrupt your normal Boot and instead boot from the USB
+4. once booted type `sudo send-network-request enp1s0` to start sending the reset packages on the specified interface
+5. connect the wired Network Port of your PC to the unpowered side of an PoE Injector (please do at least a tripple check)
+6. connect your AP to the powered side of the PoE Injector, wait a few seconds
+7. press Ctrl+C to abort sending the packages
+8. (optional) after a while you should be able to ssh into your device with `ssh root@192.168.1.1`. You can terminate the connection with `exit`
+9. type "systemctl poweroff" to turn your PC off
+10. remove the USB stick and start your PC as you normaly would
+11. until the AP loses power it's in the Setup/Config Mode and can be accessed as any other Freifunk Router via 192.168.1.1
+
diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..2562ee0
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,56 @@
+
+{ config, pkgs, lib, ... }:
+{
+  #isoImage.squashfsCompression = "gzip -Xcompression-level 1";
+
+  services.openssh.enable = lib.mkForce false;
+  services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password";
+
+  time.timeZone = "Europe/Berlin";
+
+  networking.hostName = "setup-mode-trigger";
+
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = lib.mkForce "de";
+    useXkbConfig = true;
+  };
+
+  environment.systemPackages = with pkgs; [
+    htop
+    nano
+    wget
+    curl
+    tcpdump
+    ethtool
+    tmux
+    (import ./ffda-network-setup-mode.nix)
+  ];
+
+  networking = {
+    useNetworkd = true;
+    usePredictableInterfaceNames = true;
+    useDHCP = false;
+  };
+
+  services.getty.helpLine = lib.mkForce ''
+    #####################################################################
+    #                                                                   #
+    # Run `sudo send-network-request enp1s0` to start sending requests. #
+    #                                                                   #
+    #####################################################################
+  '';
+
+  systemd.network = {
+    networks = {
+      "99-default" = {
+        matchConfig.Name = "*";
+        networkConfig = {
+          IPv6AcceptRA = true;
+          DHCP = "yes";
+        };
+      };
+    };
+  };
+  
+}
diff --git a/ffda-network-setup-mode.nix b/ffda-network-setup-mode.nix
new file mode 100644
index 0000000..1c207ee
--- /dev/null
+++ b/ffda-network-setup-mode.nix
@@ -0,0 +1,33 @@
+let
+  pkgs = import <nixpkgs> {};
+in
+
+with pkgs;
+
+stdenv.mkDerivation {
+  pname = "ffda-network-setup-mode";
+  version = "0.1";
+
+  src = fetchgit {
+    url = "https://github.com/freifunk-gluon/community-packages.git";
+    rev = "ca08c5446221cee0fc3d65b7dff2f12101a3ca59";
+    sha256 = "sha256-c2gXp1JFBU2NgGlfuyVj9PkK8Y/+5Iq6BahxxS//V2o=";
+    sparseCheckout = [
+      "ffda-network-setup-mode/src"
+    ];
+    deepClone = false;
+  };
+
+  buildPhase = ''
+    gcc ffda-network-setup-mode/src/send-network-request.c
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin
+    cp a.out $out/bin/send-network-request
+  '';
+
+  meta = with lib; {
+    description = "send network setup mode packages over specified interface";
+  };
+}
diff --git a/iso.nix b/iso.nix
new file mode 100644
index 0000000..60c7baf
--- /dev/null
+++ b/iso.nix
@@ -0,0 +1,12 @@
+{ config, pkgs, ... }:
+{
+  imports = [
+    <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
+
+    # Provide an initial copy of the NixOS channel so that the user
+    # doesn't need to run "nix-channel --update" first.
+    <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
+
+    ./configuration.nix
+  ];
+}