From 7b5080862171ea1ee2ad2348929af342d893a37d Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Mon, 4 Dec 2023 17:49:43 +0100
Subject: [PATCH] add omada

---
 hosts/fw.cloonar.com/configuration.nix |  1 +
 hosts/fw.cloonar.com/modules/omada.nix | 34 +++++++++++++++
 utils/overlays/packages.nix            |  1 +
 utils/pkgs/omada.nix                   | 59 ++++++++++++++++++++++++++
 4 files changed, 95 insertions(+)
 create mode 100644 utils/pkgs/omada.nix

diff --git a/hosts/fw.cloonar.com/configuration.nix b/hosts/fw.cloonar.com/configuration.nix
index 4c9b9e4..9a3cdff 100644
--- a/hosts/fw.cloonar.com/configuration.nix
+++ b/hosts/fw.cloonar.com/configuration.nix
@@ -61,6 +61,7 @@
     ethtool             # manage NIC settings (offload, NIC feeatures, ...)
     tcpdump             # view network traffic
     conntrack-tools     # view network connection states
+    omada
   ];
 
   nix.gc = {
diff --git a/hosts/fw.cloonar.com/modules/omada.nix b/hosts/fw.cloonar.com/modules/omada.nix
index 057c44d..99c07d4 100644
--- a/hosts/fw.cloonar.com/modules/omada.nix
+++ b/hosts/fw.cloonar.com/modules/omada.nix
@@ -23,4 +23,38 @@
       };
     };
   };
+
+  security.acme.certs."${domain}" = {
+    domain = "${domain}";
+  };
+
+  containers.omada = {
+    autoStart = true;
+    ephemeral = true;
+    macvlans = [ "vserver" ];
+    bindMounts = {
+      "/var/lib/gitea" = {
+        hostPath = "/var/lib/gitea/";
+        isReadOnly = false;
+      };
+    };
+    bindMounts = {
+      "/var/lib/acme/gitea/" = {
+        hostPath = "${config.security.acme.certs.${domain}.directory}";
+        isReadOnly = true;
+      };
+    };
+    config = { lib, config, pkgs, ... }: {
+      networking = {
+        hostName = "gitea";
+        interfaces.mv-vserver = {
+          useDHCP = true;
+        };
+        firewall = {
+          enable = true;
+          allowedTCPPorts = [ 22 80 443 ];
+        };
+      };
+    };
+  };
 }
diff --git a/utils/overlays/packages.nix b/utils/overlays/packages.nix
index 028c0b2..f34a9ed 100644
--- a/utils/overlays/packages.nix
+++ b/utils/overlays/packages.nix
@@ -2,5 +2,6 @@ self: super: {
   bento = (super.callPackage ../pkgs/bento { });
   ykfde = (super.callPackage ../pkgs/ykfde { });
   sysbox = (super.callPackage ../pkgs/sysbox.nix { });
+  omada = (super.callPackage ../pkgs/omada.nix { });
   wow-addon-manager = (super.callPackage ../pkgs/wow-addon-manager { });
 }
diff --git a/utils/pkgs/omada.nix b/utils/pkgs/omada.nix
new file mode 100644
index 0000000..6190bc2
--- /dev/null
+++ b/utils/pkgs/omada.nix
@@ -0,0 +1,59 @@
+{ stdenv
+, lib
+, fetchurl
+, dpkg
+, libredirect
+, makeWrapper
+, busybox
+, jsvc
+, mongodb
+, jre8_headless
+}:
+
+stdenv.mkDerivation rec {
+  pname = "omada-sdn";
+  version = "5.13.22";
+
+  src = fetchurl {
+    url = "https://static.tp-link.com/upload/software/2023/202312/20231201/Omada_SDN_Controller_v${version}_Linux_x64.deb";
+    sha256 = "sha256-/Sh/LztaBytiw3j54e7uqizK0iu0jLOB0w2MhVxRtAE=";
+  };
+
+  nativeBuildInputs = [ dpkg makeWrapper ];
+
+  unpackPhase = ''
+    runHook preUnpack
+
+    dpkg -x $src ./src
+
+    runHook postUnpack
+  '';
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p "$out"
+    cp -r src/* "$out"
+
+    mv "$out/usr/"* "$out/"
+    rmdir "$out/usr"
+
+    for f in "$out/lib/systemd/system/"*.service; do
+        substituteInPlace "$f" \
+            --replace "/usr/" "$out/"
+    done
+
+    for p in "$out/bin/"*; do
+        wrapProgram "$p" \
+            --set NIX_REDIRECTS "/usr/share=$out/share:/usr/bin=$out/bin" \
+            --prefix PATH : "${lib.makeBinPath [ busybox jsvc mongodb jre8_headless ]}"
+    done
+
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "Omada SDN Controller Software";
+    platforms = with platforms; [ "x86_64-linux" ];
+  };
+}