modules/nixos/common/networking.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

{
  config,
  lib,
  pkgs,
  this,
  ...
}:
with lib; {
  # TODO Support multiple interfaces and IP addresses.
  networking = mkMerge [
    {
      domain = my.domain.shire;

      hostName = this.hostname;
      hostId = substring 0 8 (builtins.hashString "md5" this.hostname);

      # Remove default hostname mappings. This is required at least by the current
      # implementation of the montoring module.
      hosts = {
        "127.0.0.2" = mkForce [];
        "::1" = mkForce [];
      };

      nameservers = mkDefault dns.const.quad9.default;

      useDHCP = false;

      firewall = {
        enable = true;

        rejectPackets = false;

        allowPing = true;
        pingLimit = "--limit 1/minute --limit-burst 5";

        logRefusedConnections = false;
        logRefusedPackets = false;
        logRefusedUnicastsOnly = false;
        logReversePathDrops = false;
      };
    }
    (let
      interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false.
    in
      mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) {
        usePredictableInterfaceNames = false; # NOTE This can break something!
        interfaces.${interface} = {
          ipv4.addresses = with this.ipv4;
            optional (isString address && isInt prefixLength) {
              inherit address prefixLength;
            };

          ipv6.addresses = with this.ipv6;
            optional (isString address && isInt prefixLength) {
              inherit address prefixLength;
            };
        };
        defaultGateway = with this.ipv4;
          mkIf (isString gatewayAddress) {
            inherit interface;
            address = gatewayAddress;
          };
        defaultGateway6 = with this.ipv6;
          mkIf (isString gatewayAddress) {
            inherit interface;
            address = gatewayAddress;
          };
      })
    (mkIf this.isHeadful {
      interfaces = {
        eth0.useDHCP = mkDefault true;
        wlan0.useDHCP = mkDefault true;
      };

      networkmanager = {
        enable = mkDefault true;
        wifi.backend = "iwd";
      };

      wireless = {
        enable = false;
        iwd.enable = mkDefault true;
        userControlled.enable = true;
        allowAuxiliaryImperativeNetworks = true;
      };
    })
  ];

  environment.shellAliases = listToAttrs (map
    ({
      name,
      value,
    }:
      nameValuePair name "${pkgs.iproute2}/bin/${value}") [
      {
        name = "bridge";
        value = "bridge -color=always";
      }
      {
        name = "ip";
        value = "ip -color=always";
      }
      {
        name = "tc";
        value = "tc -color=always";
      }
    ]);
}