fixup toaster network

2025-01-03 19:06:42 +01:00 · 2025-01-03 19:06:42 +01:00 · 0457c44807
commit 0457c44807
parent a31fff4a8e
10 changed files with 207 additions and 292 deletions
--- a/hosts/toaster/network/default.nix
+++ b/hosts/toaster/network/default.nix
@ -0,0 +1,39 @@
+{ lib, config, ... }: {
+  imports = [
+    ./mullvad.nix
+    ./dumpdvb.nix
+    ./zw.nix
+  ];
+
+  # Networkmanager shouldn't interfere with systemd managed interfaces
+  networking.networkmanager.unmanaged =
+    let
+      systemd_netdevs = lib.attrsets.attrValues (lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs);
+    in
+    systemd_netdevs;
+
+    systemd.network ={
+      enable = true;
+      wait-online.enable = false; # uplink is managed by networkmanager
+    };
+
+    users.users."0xa".extraGroups = [ "networkmanager" ];
+
+    networking = {
+      hostName = "toaster";
+      firewall.enable = true;
+      wireguard.enable = true;
+    };
+
+    services.resolved = {
+      enable = true;
+      dnssec = "allow-downgrade";
+      fallbackDns = [
+        "9.9.9.9"
+        "2620:fe::fe"
+        "149.112.112.112"
+        "2620:fe::9"
+      ];
+    };
+
+  }