2022-12-17

1 files changed, 108 insertions, 0 deletions

diff --git a/modules/nixos/common/networking.nix b/modules/nixos/common/networking.nix
new file mode 100644
index 0000000..6109933
--- /dev/null
+++ b/modules/nixos/common/networking.nix
@@ -0,0 +1,108 @@
+{
+  config,
+  lib,
+  pkgs,
+  this,
+  ...
+}:
+with lib; {
+  # TODO Support multiple interfaces and IP addresses.
+  networking = mkMerge [
+    {
+      domain = my.domain.shire;
+
+      hostName = this.hostname;
+      hostId = substring 0 8 (builtins.hashString "md5" this.hostname);
+
+      # Remove default hostname mappings. This is required at least by the current
+      # implementation of the montoring module.
+      hosts = {
+        "127.0.0.2" = mkForce [];
+        "::1" = mkForce [];
+      };
+
+      nameservers = mkDefault dns.const.quad9.default;
+
+      useDHCP = false;
+
+      firewall = {
+        enable = true;
+
+        rejectPackets = false;
+
+        allowPing = true;
+        pingLimit = "--limit 1/minute --limit-burst 5";
+
+        logRefusedConnections = false;
+        logRefusedPackets = false;
+        logRefusedUnicastsOnly = false;
+        logReversePathDrops = false;
+      };
+    }
+    (let
+      interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false.
+    in
+      mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) {
+        usePredictableInterfaceNames = false; # NOTE This can break something!
+        interfaces.${interface} = {
+          ipv4.addresses = with this.ipv4;
+            optional (isString address && isInt prefixLength) {
+              inherit address prefixLength;
+            };
+
+          ipv6.addresses = with this.ipv6;
+            optional (isString address && isInt prefixLength) {
+              inherit address prefixLength;
+            };
+        };
+        defaultGateway = with this.ipv4;
+          mkIf (isString gatewayAddress) {
+            inherit interface;
+            address = gatewayAddress;
+          };
+        defaultGateway6 = with this.ipv6;
+          mkIf (isString gatewayAddress) {
+            inherit interface;
+            address = gatewayAddress;
+          };
+      })
+    (mkIf this.isHeadful {
+      interfaces = {
+        eth0.useDHCP = mkDefault true;
+        wlan0.useDHCP = mkDefault true;
+      };
+
+      networkmanager = {
+        enable = mkDefault true;
+        wifi.backend = "iwd";
+      };
+
+      wireless = {
+        enable = false;
+        iwd.enable = mkDefault true;
+        userControlled.enable = true;
+        allowAuxiliaryImperativeNetworks = true;
+      };
+    })
+  ];
+
+  environment.shellAliases = listToAttrs (map
+    ({
+      name,
+      value,
+    }:
+      nameValuePair name "${pkgs.iproute2}/bin/${value}") [
+      {
+        name = "bridge";
+        value = "bridge -color=always";
+      }
+      {
+        name = "ip";
+        value = "ip -color=always";
+      }
+      {
+        name = "tc";
+        value = "tc -color=always";
+      }
+    ]);
+}