Daniel LakelandOk, so it was not hard to get i2pd running on the #guixrouter. And it has a way to limit the number of transit connections, so I can probably prevent it from eating up my connection budget, so i2p is a go for default services on the router.
The only issue I have is that it doesn't seem to properly create the /var/run/i2pd directory and give it the right ownership/permissions. Though it LOOKS like it should work... and the same mechanisms work for squid... so I'm a little confused about that. But once you manually fix that permissions it boots fine. I'll fix it later.
Default services right now:
squid proxy, dnsmasq, unbound DNS over TLS, wireguard, yggdrasil, keepalived, tor, i2p, zabbix agent, prometheus exporter, ntpd client and server, dhcpd for upstream requests, nginx reverse proxy, letsencrypt, ssh, custom nftables firewall, and HFSC qdisc traffic shaper
Sounds interesting? I'm beginning to port it over to an independent repo so I can put it on codeberg
Irenes (many)@dlakelan oh good. while we're nix fans personally, guix is also a correct approach to this stuff, strongly preferable to those single-purpose "application" images people make. that sounds like a good set of services to start with. we definitely look forward to you publishing this.