From b28314ca953dec93337f37670d2532dfcb71cb68 Mon Sep 17 00:00:00 2001
From: Grisha Shipunov <blame@oxapentane.com>
Date: Sat, 11 Jan 2025 02:54:24 +0100
Subject: [PATCH] minime: networkd

---
 hosts/minime/configuration.nix          | 97 -------------------------
 hosts/minime/default.nix                |  1 +
 hosts/minime/hardware-configuration.nix | 12 ---
 hosts/minime/networking.nix             | 28 +++++++
 4 files changed, 29 insertions(+), 109 deletions(-)
 create mode 100644 hosts/minime/networking.nix

diff --git a/hosts/minime/configuration.nix b/hosts/minime/configuration.nix
index b169a06..0a36ae6 100644
--- a/hosts/minime/configuration.nix
+++ b/hosts/minime/configuration.nix
@@ -14,107 +14,10 @@
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
-  networking.hostName = "minime"; # Define your hostname.
-  # Pick only one of the below networking options.
-  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
-
-  # Set your time zone.
-  # time.timeZone = "Europe/Amsterdam";
-
-  # Configure network proxy if necessary
-  # networking.proxy.default = "http://user:password@proxy:port/";
-  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
-  # Select internationalisation properties.
-  # i18n.defaultLocale = "en_US.UTF-8";
-  # console = {
-  #   font = "Lat2-Terminus16";
-  #   keyMap = "us";
-  #   useXkbConfig = true; # use xkb.options in tty.
-  # };
 
   # Enable the X11 windowing system.
   services.xserver.enable = false;
 
-
-  # Configure keymap in X11
-  # services.xserver.xkb.layout = "us";
-  # services.xserver.xkb.options = "eurosign:e,caps:escape";
-
-  # Enable CUPS to print documents.
-  # services.printing.enable = true;
-
-  # Enable sound.
-  # hardware.pulseaudio.enable = true;
-  # OR
-  # services.pipewire = {
-  #   enable = true;
-  #   pulse.enable = true;
-  # };
-
-  # Enable touchpad support (enabled default in most desktopManager).
-  # services.libinput.enable = true;
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  # users.users.alice = {
-  #   isNormalUser = true;
-  #   extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
-  #   packages = with pkgs; [
-  #     tree
-  #   ];
-  # };
-
-  # programs.firefox.enable = true;
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  # environment.systemPackages = with pkgs; [
-  #   vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
-  #   wget
-  # ];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
-
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
-
-  # Copy the NixOS configuration file and link it from the resulting system
-  # (/run/current-system/configuration.nix). This is useful in case you
-  # accidentally delete configuration.nix.
-  # system.copySystemConfiguration = true;
-
-  # This option defines the first version of NixOS you have installed on this particular machine,
-  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
-  #
-  # Most users should NEVER change this value after the initial install, for any reason,
-  # even if you've upgraded your system to a new NixOS release.
-  #
-  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
-  # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
-  # to actually do that.
-  #
-  # This value being lower than the current NixOS release does NOT mean your system is
-  # out of date, out of support, or vulnerable.
-  #
-  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
-  # and migrated your data accordingly.
-  #
-  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
   system.stateVersion = "24.11"; # Did you read the comment?
 
 }
diff --git a/hosts/minime/default.nix b/hosts/minime/default.nix
index 44cca38..90013f7 100644
--- a/hosts/minime/default.nix
+++ b/hosts/minime/default.nix
@@ -2,6 +2,7 @@
   imports = [
     ./configuration.nix
     ./hardware-configuration.nix
+    ./networking.nix
     ./secrets.nix
     ./zfs.nix
   ];
diff --git a/hosts/minime/hardware-configuration.nix b/hosts/minime/hardware-configuration.nix
index f714d9e..12c658f 100644
--- a/hosts/minime/hardware-configuration.nix
+++ b/hosts/minime/hardware-configuration.nix
@@ -55,18 +55,6 @@
       randomEncryption = true;
     } ];
 
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s13f0u1u1.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp2s0f1.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp87s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp90s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp91s0.useDHCP = lib.mkDefault true;
-
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
diff --git a/hosts/minime/networking.nix b/hosts/minime/networking.nix
new file mode 100644
index 0000000..cd01a42
--- /dev/null
+++ b/hosts/minime/networking.nix
@@ -0,0 +1,28 @@
+{ ... }: {
+  networking.hostName = "minime"; # Define your hostname.
+  networking.useNetworkd = true;
+  networking.firewall.enable = true;
+
+  services.resolved = {
+    enable = true;
+    dnssec = "false";
+    fallbackDns = [
+      "9.9.9.9"
+      "2620:fe::fe"
+      "149.112.112.112"
+      "2620:fe::9"
+    ];
+  };
+
+  systemd.network.enable = true;
+
+  systemd.network.networks = {
+    "10-ether-uplink" = {
+      matchConfig.name = "enp90s0";
+      networkConfig = {
+        DHCP = "yes";
+        IPv6AcceptRA = true;
+      };
+    };
+  };
+}