about summary refs log tree commit diff
path: root/modules/nixos/common/networking.nix
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2023-01-05 04:22:04 +0300
committerAzat Bahawi <azat@bahawi.net>2023-01-05 04:22:04 +0300
commit5e81e4814d6da25ce8531baf0bc2d23da7fc26b3 (patch)
treecd887f80d9f98d42db556b4a42bcb8d5faa91c84 /modules/nixos/common/networking.nix
parent2022-12-17 (diff)
2023-01-05
Diffstat (limited to 'modules/nixos/common/networking.nix')
-rw-r--r--modules/nixos/common/networking.nix186
1 files changed, 100 insertions, 86 deletions
diff --git a/modules/nixos/common/networking.nix b/modules/nixos/common/networking.nix
index 6109933..0c44159 100644
--- a/modules/nixos/common/networking.nix
+++ b/modules/nixos/common/networking.nix
@@ -5,104 +5,118 @@
   this,
   ...
 }:
-with lib; {
-  # TODO Support multiple interfaces and IP addresses.
-  networking = mkMerge [
-    {
-      domain = my.domain.shire;
+with lib; let
+  cfg = config.nixfiles.modules.common.networking;
+in {
+  options.nixfiles.modules.common.networking.onlyDefault =
+    mkEnableOption "custom networking settings";
 
-      hostName = this.hostname;
-      hostId = substring 0 8 (builtins.hashString "md5" this.hostname);
+  config = mkIf (!cfg.onlyDefault) {
+    # TODO Support multiple interfaces and IP addresses.
+    networking = mkMerge [
+      {
+        domain = my.domain.shire;
 
-      # Remove default hostname mappings. This is required at least by the current
-      # implementation of the montoring module.
-      hosts = {
-        "127.0.0.2" = mkForce [];
-        "::1" = mkForce [];
-      };
+        hostName = this.hostname;
+        hostId = substring 0 8 (builtins.hashString "md5" this.hostname);
 
-      nameservers = mkDefault dns.const.quad9.default;
+        # Remove default hostname mappings. This is required at least by the current
+        # implementation of the montoring module.
+        hosts = {
+          "127.0.0.2" = mkForce [];
+          "::1" = mkForce [];
+        };
 
-      useDHCP = false;
+        nameservers = mkDefault dns.const.quad9.default;
 
-      firewall = {
-        enable = true;
+        useDHCP = false;
 
-        rejectPackets = false;
+        firewall = {
+          enable = true;
 
-        allowPing = true;
-        pingLimit = "--limit 1/minute --limit-burst 5";
+          rejectPackets = false;
 
-        logRefusedConnections = false;
-        logRefusedPackets = false;
-        logRefusedUnicastsOnly = false;
-        logReversePathDrops = false;
-      };
-    }
-    (let
-      interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false.
-    in
-      mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) {
-        usePredictableInterfaceNames = false; # NOTE This can break something!
-        interfaces.${interface} = {
-          ipv4.addresses = with this.ipv4;
-            optional (isString address && isInt prefixLength) {
-              inherit address prefixLength;
-            };
+          allowPing = true;
+          pingLimit = "--limit 1/minute --limit-burst 5";
 
-          ipv6.addresses = with this.ipv6;
-            optional (isString address && isInt prefixLength) {
-              inherit address prefixLength;
-            };
+          logRefusedConnections = false;
+          logRefusedPackets = false;
+          logRefusedUnicastsOnly = false;
+          logReversePathDrops = false;
         };
-        defaultGateway = with this.ipv4;
-          mkIf (isString gatewayAddress) {
-            inherit interface;
-            address = gatewayAddress;
-          };
-        defaultGateway6 = with this.ipv6;
-          mkIf (isString gatewayAddress) {
-            inherit interface;
-            address = gatewayAddress;
+      }
+      (let
+        interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false.
+      in
+        mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) {
+          usePredictableInterfaceNames = false; # NOTE This can break something!
+          interfaces.${interface} = {
+            ipv4.addresses = with this.ipv4;
+              optional (isString address && isInt prefixLength) {
+                inherit address prefixLength;
+              };
+
+            ipv6.addresses = with this.ipv6;
+              optional (isString address && isInt prefixLength) {
+                inherit address prefixLength;
+              };
           };
-      })
-    (mkIf this.isHeadful {
-      interfaces = {
-        eth0.useDHCP = mkDefault true;
-        wlan0.useDHCP = mkDefault true;
-      };
+          defaultGateway = with this.ipv4;
+            mkIf (isString gatewayAddress) {
+              inherit interface;
+              address = gatewayAddress;
+            };
+          defaultGateway6 = with this.ipv6;
+            mkIf (isString gatewayAddress) {
+              inherit interface;
+              address = gatewayAddress;
+            };
+        })
+      (mkIf this.isHeadful {
+        interfaces = {
+          eth0.useDHCP = mkDefault true;
+          wlan0.useDHCP = mkDefault true;
+        };
 
-      networkmanager = {
-        enable = mkDefault true;
-        wifi.backend = "iwd";
-      };
+        networkmanager = {
+          enable = mkDefault true;
+          wifi.backend = "iwd";
+        };
 
-      wireless = {
-        enable = false;
-        iwd.enable = mkDefault true;
-        userControlled.enable = true;
-        allowAuxiliaryImperativeNetworks = true;
-      };
-    })
-  ];
+        wireless = {
+          enable = false;
+          iwd.enable = mkDefault true;
+          userControlled.enable = true;
+          allowAuxiliaryImperativeNetworks = true;
+        };
+      })
+    ];
 
-  environment.shellAliases = listToAttrs (map
-    ({
-      name,
-      value,
-    }:
-      nameValuePair name "${pkgs.iproute2}/bin/${value}") [
-      {
-        name = "bridge";
-        value = "bridge -color=always";
-      }
-      {
-        name = "ip";
-        value = "ip -color=always";
-      }
-      {
-        name = "tc";
-        value = "tc -color=always";
-      }
-    ]);
+    environment = {
+      shellAliases = listToAttrs (map
+        ({
+          name,
+          value,
+        }:
+          nameValuePair name "${pkgs.iproute2}/bin/${value}") [
+          {
+            name = "bridge";
+            value = "bridge -color=always";
+          }
+          {
+            name = "ip";
+            value = "ip -color=always";
+          }
+          {
+            name = "tc";
+            value = "tc -color=always";
+          }
+        ]);
+
+      systemPackages = with pkgs; [
+        ethtool
+        nethogs
+      ];
+    };
+  };
 }

Consider giving Nix/NixOS a try! <3