jalr/weinturm-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
weinturm-infra/hosts/pbx/services/fieldpoc/default.nix
Jakob Lechner 651a96a6d9 Add phonebook
2025-07-30 01:41:51 +02:00

108 lines
2.4 KiB
Nix
Raw Blame History

{config, ...}: let
ommIp = "192.168.98.11";
rtpPorts = {
from = 11000;
to = 11250;
};
in {
imports = [
./accounts.nix
./extensions.nix
];
sops.secrets."fieldpoc/omm" = {
sopsFile = ../../secrets.yaml;
owner = "fieldpoc";
};
sops.secrets."fieldpoc/sip" = {
sopsFile = ../../secrets.yaml;
owner = "fieldpoc";
};
networking.firewall = {
allowedUDPPorts = [5060];
allowedUDPPortRanges = [
{
inherit (rtpPorts) from;
inherit (rtpPorts) to;
}
];
interfaces.voice.allowedUDPPorts = [53];
};
environment.persistence."/persist".directories = [
{
directory = "/var/lib/fieldpoc";
user = "fieldpoc";
group = "fieldpoc";
mode = "u=rwx,g=,o=";
}
{
directory = "/var/lib/postgresql";
user = "postgres";
group = "postgres";
mode = "u=rwx,g=rx,o=";
}
];
services = {
yate.config = {
yrtpchan.general = {
minport = rtpPorts.from;
maxport = rtpPorts.to;
};
ysipchan = {
"listener voice" = {
addr = (builtins.elemAt config.networking.interfaces.voice.ipv4.addresses 0).address;
type = "udp";
port = 5060;
};
};
};
fieldpoc = {
enable = true;
inherit ommIp;
ommUser = "omm";
ommPasswordPath = config.sops.secrets."fieldpoc/omm".path;
sipsecretPath = config.sops.secrets."fieldpoc/sip".path;
dhcp = {
enable = true;
interface = "voice";
subnet = "192.168.98.0/24";
pool = "192.168.98.100 - 192.168.98.250";
router = "192.168.98.1";
dnsServers = "192.168.98.1";
omm = ommIp;
reservations = [
{
name = "rfp-01";
macAddress = "00:30:42:1b:23:ed";
ipAddress = ommIp;
}
{
name = "rfp-02";
macAddress = "00:30:42:1b:21:c1";
ipAddress = "192.168.98.12";
}
{
name = "rfp-03";
macAddress = "00:30:42:1b:26:f6";
ipAddress = "192.168.98.13";
}
{
name = "rfp-04";
macAddress = "00:30:42:1b:22:3b";
ipAddress = "192.168.98.14";
}
{
name = "rfp-05";
macAddress = "00:30:42:1b:22:7c";
ipAddress = "192.168.98.15";
}
];
};
};
};
}
Reference in a new issue View git blame Copy permalink