1 files changed, 84 insertions, 7 deletions

diff --git a/deployment/systems/aisaka.scm b/deployment/systems/aisaka.scm
index 76c048c..eaba797 100644
--- a/deployment/systems/aisaka.scm
+++ b/deployment/systems/aisaka.scm
@@ -6,11 +6,13 @@
   #:use-module ((deployment keys)             #:prefix deployment:keys:)
   #:use-module ((gnu bootloader)              #:prefix gnu:bootloader:)
   #:use-module ((gnu bootloader grub)         #:prefix gnu:bootloader:grub:)
+  #:use-module ((gnu packages linux)          #:prefix gnu:packages:linux:)
   #:use-module ((gnu packages tls)            #:prefix gnu:packages:tls:)
   #:use-module ((gnu services)                #:prefix gnu:services:)
   #:use-module ((gnu services base)           #:prefix gnu:services:base:)
   #:use-module ((gnu services dns)            #:prefix gnu:services:dns:)
   #:use-module ((gnu services networking)     #:prefix gnu:services:networking:)
+  #:use-module ((gnu services shepherd)       #:prefix gnu:services:shepherd:)
   #:use-module ((gnu services version-control) #:prefix gnu:services:version-control:)
   #:use-module ((gnu services web)            #:prefix gnu:services:web:)
   #:use-module ((gnu system)                  #:prefix gnu:system:)
@@ -43,9 +45,9 @@
   ("ns1"             ttl "IN" "A"   ip-multimedia)
   ("@"               ttl "IN" "NS"  "ns1.marekpasnikowski.pl.")
   ("mx"              ttl "IN" "A"   ip-otvarta)
-  ("@"               ttl "IN" "MX"  "9 mx.marekpasnikowski.pl.")
   ("@"               ttl "IN" "MX"  "10 mx1.forwardemail.net.")
   ("@"               ttl "IN" "MX"  "10 mx2.forwardemail.net.")
+  ;("@"               ttl "IN" "MX"  "20 mx.marekpasnikowski.pl.")
   ("@"               ttl "IN" "TXT" "\"forward-email-port=49152\"")
   ("@"               ttl "IN" "TXT" "\"forward-email=marekpasnikowski.pl\"")
   ("@"               ttl "IN" "TXT" spf-value)
@@ -66,7 +68,7 @@
     (origin  "marekpasnikowski.pl")
     (ns      "ns.marekpasnikowski.pl.")
     (mail    "marek.marekpasnikowski.pl.")
-    (serial  2026010900)))
+    (serial  2026010903)))
 
 (define master-zone
   (gnu:services:dns:knot-zone-configuration
@@ -423,26 +425,100 @@
 (define enp1s0-route-4-default
   (gnu:services:base:network-route
     (destination "default")
-    (device      "enp1s0")
+    (source      #f)
+    (device      #f)
     (ipv6?       #f)
     (gateway     "192.168.10.1")))
 
-(define first-network
+(define network-hardware
   (gnu:services:base:static-networking
     (addresses    (list enp1s0-address-4
                         enp2s0-address-4))
+    (links        (list))
     (routes       (list enp1s0-route-4-default))
     (name-servers (list "192.168.10.1"
-                        "192.168.1.1"))))
+                        "192.168.1.1"))
+    (provision    (list 'network-hardware))
+    (requirement  (list))))
 
 (define static-networking-configuration
-  (list first-network))
+  (list network-hardware))
 
 (define static-networking
   (gnu:services:service
     gnu:services:networking:static-networking-service-type
     static-networking-configuration))
 
+(define ip-command
+  (file-append gnu:packages:linux:iproute
+               "/sbin/ip"))
+
+(define network-enp2s0-route-default
+  (let
+    ( (route-default- #~(list #$ip-command
+                              "route"
+                              "add"
+                              "default"
+                              "via"
+                              "192.168.1.1"
+                              "table"
+                              "1")))
+    (gnu:services:shepherd:shepherd-service
+      (provision     (list 'network-enp2s0-route-default))
+      (requirement   (list 'network-enp2s0-table))
+      (one-shot?     #t)
+      (respawn?      #f)
+      (start         #~(make-forkexec-constructor #$route-default-))
+      (stop          #~(const #f))
+      (actions       (list))
+      (auto-start?   #t)
+      (documentation "Sets up a default route for traffic from enp2s0.")
+      (modules       gnu:services:shepherd:%default-modules))))
+
+(define network-enp2s0-table
+  (let
+    ( (table- #~(list #$ip-command
+                      "rule"
+                      "add"
+                      "from"
+                      "192.168.1.2"
+                      "table"
+                      "1"
+                      "prio"
+                      "1")))
+    (gnu:services:shepherd:shepherd-service
+      (provision     (list 'network-enp2s0-table))
+      (requirement   (list 'network-hardware))
+      (one-shot?     #t)
+      (respawn?      #f)
+      (start         #~(make-forkexec-constructor #$table-))
+      (stop          #~(const #f))
+      (actions       (list))
+      (auto-start?   #t)
+      (documentation "Defines a table of rules number 1 for routes through enp2s0.")
+      (modules       gnu:services:shepherd:%default-modules))))
+
+(define networking
+  (gnu:services:shepherd:shepherd-service
+    (provision   (list 'networking))
+    (requirement (list 'network-enp2s0-table
+                       'network-enp2s0-route-default))
+    (one-shot?     #t)
+    (respawn?      #f)
+    (start         #~(const #t))
+    (stop          #~(const #f))
+    (actions       (list))
+    (auto-start?   #t)
+    (documentation "Defines a graph root of one-shot services to invoke various ip commands.")
+    (modules       gnu:services:shepherd:%default-modules)))
+
+(define iproute2-networking
+  (gnu:services:simple-service 'networking
+                               gnu:services:shepherd:shepherd-root-service-type
+                               (list network-enp2s0-table
+                                     network-enp2s0-route-default
+                                     networking)))
+
 (define swap-device-izumi-1-label
   ((@ (gnu system file-systems) file-system-label)
    "izumi-swap-f"))
@@ -486,7 +562,8 @@
               offload-rakan
               (openssh)
               (radicale)
-              static-networking))
+              static-networking
+              iproute2-networking))
 
 (define system-users
         (list users:id1000:uid1000-account