I'm imagining my #guixrouter having a default tunnel to Google and Cloudflare DNS, and then all the guixrouters register themselves somehow over i2p so that a guile script can grab a set of random i2p addresses and set up a service where DNS is resolved over i2p to other guixrouter instances […]
Ok, family and friends and #guix peeps, the #guixrouter initial push is up on codeberg as promised.
https://codeberg.org/dlakelan/guixrouter
There's also a semi-extensive discussion of how to use it in the README which is visible at the repo page, it probably needs a bit more discussion in the […]
So on the #guixrouter project I'm just about ready to publish. I need to remove all the specific stuff about my network in ONE more file, do a final check, and then push it to codeberg. Expect an announcement maybe tomorrow?
Does anyone want to test it out? I think the easiest way is with a […]
Default services right now:
squid proxy, dnsmasq, unbound DNS over TLS, wireguard, yggdrasil, keepalived, tor, i2p, zabbix agent, prometheus exporter, ntpd client and server, dhcpd for upstream requests, nginx reverse proxy, letsencrypt, ssh, custom nftables firewall, and HFSC qdisc traffic […]
Ok, so it was not hard to get i2pd running on the #guixrouter. And it has a way to limit the number of transit connections, so I can probably prevent it from eating up my connection budget, so i2p is a go for default services on the router.
Where are my #ipv6 experts at?
My #guixrouter is having problems where when I restart its networking, it can respond to neighbor discovery, but after some time... it stops receiving neighbor discovery requests (they don't appear in tcpdumps). I think this must be either something to do with my […]
Right now my #guixrouter uses unbound to forward upstream queries to Cloudflare DNS over TLS.
I'm thinking of moving that to DNS over Tor. How many of you do your DNS over Tor and how reliable is it? Since unbound doesn't handle this directly with socks proxy options, I'm thinking of using […]
Saw the message from @guix about a potential security issue this morning. did a #guix pull and deployed to my #guixrouter, problem was fixed within 10 mins of seeing the announcement. So great for an internet facing device. My previous Raspberry Pi 4 device running the Pi OS got updated rarely […]
A fairly long bunch of text around an error in guix where two packages I want to install are each asking for a different version of some dependency. It wants me to uninstall one of the packages or upgrade them, but they're already upgraded.
#guix experts, for my #guixrouter I am trying to add the tor snowflake proxy, and I'm getting a problem with conflicting versions of some dependency. Screenshot is hard to read so I'll give the gist of it in the next post. Anyone got an idea how to handle […]
[Original post on mastodon.sdf.org]
Ive been making a bunch of steady progress on the computer projects I have. For example ive got Tor doing relay on my router. Ive got storage for my Yunohost. Ive got both my kids laptops working, ive got backups for my laptop, and backups for my NAS, etc.
So one thing I'd like to get back to […]
Is anyone using #frrouting in #guix? I'm trying to get babeld to run over my VPN network. I've got it running on the remote end where it's OpenWrt, I want to start frrouting on my #guixrouter and have it start babeld and use similar settings, it look like /gnu/store/...-frrouting/sbin/frrinit.sh […]
One of my projects for the 2 week christmas break we're doing is to finally put together and upload the #guixrouter to a Codeberg site. Merry Christmas y'all I hope I am able to give you guys that gift, and that a few of you will test it out and provide some feedback. #guix
I have a few more things I want to do with the #guix router project. I want to configure tor, and i2pd, which should be straightforward, and I want to detect and fail over between my Fiber WAN and my backup LTE modem WAN2. Today I worked on the fail over. I'm detecting failure with more than 2 […]
#guix pull, followed by deploy of my config to my router confirms that the new default for keepalived works and the #guixrouter comes up properly. Took a few minutes, `reboot --kexec` had the system back up in about 30 seconds. I almost could have watched a youtube video with enough buffered to […]
For my #guix friends who are following the #guixrouter project, they merged my keepalived change, so now keepalived by default depends on networking so it doesn't come up and fail if your network isn't up properly. Which means I can guix pull and rebuild my router without my special patched fork […]
Well, my #guix peeps, I just used pre-inst-env guix deploy to build my router's OS definition on my build machine and deploy it to the router using the modified guix which has my patches to make keepalived have adjustable requirements... if my router comes up properly I will file a PR for the […]
Things I figured out: how to get logged in as root to the mysql db, how to create a zabbix user, and how to populate the schema... Things I haven't figured out yet.. How to get zabbix to connect without using TLS.
#guix #guixrouter
I added zabbix agent and prometheus exporter to the #guix router and of course now I have to create a zabbix server to aggregate that info so there's another guix VM coming online... that's what I'm up to next. Soon it will be mine all mine ... MUAHHAHAHAHAHA sorry nevermind.
#guixrouter
#guix peeps, and #guixrouter fans as well as #git literati...
I have a config that's pretty good, it's all based around my personal needs including secrets and network numbering and host names and etc. I'd like to branch the git and build a "generic" version, then create a new repo on codeburg […]
YAAAAS... #guix router now has yggdrasil running correctly! There's really just one thing holding me back from calling it version 1.0 and that's keepalived not having a requirements option so you can get it to start at the appropriate time. I'll look into that soon, but for the moment if I log […]
Well my fellow network nerds... Part of the rush to get a #guix router online has been because I know my mother's Raspberry Pi has required several reboots in the last month or two... Finally this afternoon there was no internet at her house, and a power-cycle did NOT bring it back up. I'm […]
One thing that would be nice to have is WAN failover. I've got a 4G/LTE modem and a service we bought because of the fire. It'd be nice to have it detect if my regular Fiber WAN is down for more than say 2 minutes and failover to using the LTE modem.
If I have both WANs up but the LTE has a […]
I've only got a few must-have items left on my #guix router list. One was a reliable timer for duckdns updates. That required setting some PATH type variables at the top of the script because it worked fine in my personal profile, but didn't work in the system profile. Both the regular PATH and […]
So, it's been on the net a few days now and my #guix router is currently being continuously hammered by some particular ipv4 for ssh connections to root. My firewall permits 10/minute and the password is disabled and the acceptable public key is mine only. so i'm not too worried about it... but […]
OK my #guix router followers. My biggest issues right now is probably that after a reboot I have to log in and restart keepalived because it comes up before networking and it tries to use NICs that haven't been renamed yet. The existing service has no way to specify shepherd requirements. What's […]
