back to declarative network
This commit is contained in:
parent
3cbb763ed5
commit
3511f194c5
2 changed files with 53 additions and 29 deletions
|
|
@ -58,7 +58,7 @@
|
||||||
./modules/basic-tools
|
./modules/basic-tools
|
||||||
./modules/binary-caches.nix
|
./modules/binary-caches.nix
|
||||||
./modules/devtools.nix
|
./modules/devtools.nix
|
||||||
./modules/gnome.nix
|
./modules/sway.nix
|
||||||
./modules/gnupg.nix
|
./modules/gnupg.nix
|
||||||
./modules/radio.nix
|
./modules/radio.nix
|
||||||
./modules/science.nix
|
./modules/science.nix
|
||||||
|
|
|
||||||
|
|
@ -1,39 +1,63 @@
|
||||||
{ lib, config, ... }: {
|
{ lib, config, pkgs, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
./mullvad.nix
|
./mullvad.nix
|
||||||
./dumpdvb.nix
|
./dumpdvb.nix
|
||||||
./zw.nix
|
./zw.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# Networkmanager shouldn't interfere with systemd managed interfaces
|
environment.systemPackages = with pkgs; [ iwgtk ];
|
||||||
networking.networkmanager.unmanaged =
|
|
||||||
let
|
|
||||||
systemd_netdevs = lib.attrsets.attrValues (lib.attrsets.mapAttrs (_name: value: value.netdevConfig.Name) config.systemd.network.netdevs);
|
|
||||||
in
|
|
||||||
systemd_netdevs;
|
|
||||||
|
|
||||||
systemd.network ={
|
# kick out networkmanager
|
||||||
enable = true;
|
networking.networkmanager.enable = lib.mkForce false;
|
||||||
wait-online.enable = false; # uplink is managed by networkmanager
|
networking.useNetworkd = true;
|
||||||
|
systemd.network.enable = true;
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
hostName = "toaster";
|
||||||
|
firewall.enable = true;
|
||||||
|
wireguard.enable = true;
|
||||||
|
wireless.iwd.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved = {
|
||||||
|
enable = true;
|
||||||
|
dnssec = "allow-downgrade";
|
||||||
|
fallbackDns = [
|
||||||
|
"9.9.9.9"
|
||||||
|
"2620:fe::fe"
|
||||||
|
"149.112.112.112"
|
||||||
|
"2620:fe::9"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# we might have no interwebs at all
|
||||||
|
systemd.network.wait-online.enable = false;
|
||||||
|
|
||||||
|
# uplinks
|
||||||
|
systemd.network.networks = {
|
||||||
|
"10-ether-uplink" = {
|
||||||
|
matchConfig.Name = "enp1s0f0";
|
||||||
|
networkConfig = {
|
||||||
|
DHCP = "yes";
|
||||||
|
IPv6AcceptRA = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
"10-dock-uplink" = {
|
||||||
users.users."0xa".extraGroups = [ "networkmanager" ];
|
matchConfig.Name = "enp5s0f4u1u1";
|
||||||
|
networkConfig = {
|
||||||
networking = {
|
DHCP = "yes";
|
||||||
hostName = "toaster";
|
IPv6AcceptRA = true;
|
||||||
firewall.enable = true;
|
};
|
||||||
wireguard.enable = true;
|
dhcpV4Config = { RouteMetric = 666; };
|
||||||
|
dhcpV6Config = { RouteMetric = 666; };
|
||||||
};
|
};
|
||||||
|
"wlan-uplink" = {
|
||||||
services.resolved = {
|
matchConfig.Name = "wlan0";
|
||||||
enable = true;
|
networkConfig = {
|
||||||
dnssec = "allow-downgrade";
|
DHCP = "yes";
|
||||||
fallbackDns = [
|
IPv6AcceptRA = true;
|
||||||
"9.9.9.9"
|
};
|
||||||
"2620:fe::fe"
|
|
||||||
"149.112.112.112"
|
|
||||||
"2620:fe::9"
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue