blob: 91306beefeb70cbb2b18c8e50131910078643d6c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
{
config,
lib,
pkgs,
this,
...
}:
with lib; let
cfg = config.nixfiles.modules.common.networking;
in {
options.nixfiles.modules.common.networking.onlyDefault =
mkEnableOption "custom networking settings";
config = mkIf (!cfg.onlyDefault) {
ark.directories = with config.networking;
optional networkmanager.enable "/etc/NetworkManager/system-connections"
++ optional wireless.iwd.enable "/var/lib/iwd";
# TODO Switch to systemd-networkd.
networking = mkMerge [
{
domain = my.domain.shire;
hostName = this.hostname;
hostId = substring 0 8 (builtins.hashString "md5" this.hostname);
# Remove default hostname mappings. This is required at least by the
# current implementation of the monitoring module.
hosts = {
"127.0.0.2" = mkForce [];
"::1" = mkForce [];
};
nameservers = mkDefault dns.const.quad9.default;
resolvconf.enable = true;
useDHCP = false;
firewall = {
enable = true;
rejectPackets = false;
allowPing = true;
pingLimit = "--limit 1/minute --limit-burst 5";
logRefusedConnections = false;
logRefusedPackets = false;
logRefusedUnicastsOnly = false;
logReversePathDrops = false;
};
}
(let
interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false.
in
mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) {
usePredictableInterfaceNames = false; # NOTE This can break something!
interfaces.${interface} = {
ipv4.addresses = with this.ipv4;
optional (isString address && isInt prefixLength) {
inherit address prefixLength;
};
ipv6.addresses = with this.ipv6;
optional (isString address && isInt prefixLength) {
inherit address prefixLength;
};
};
defaultGateway = with this.ipv4;
mkIf (isString gatewayAddress) {
inherit interface;
address = gatewayAddress;
};
defaultGateway6 = with this.ipv6;
mkIf (isString gatewayAddress) {
inherit interface;
address = gatewayAddress;
};
})
(mkIf this.isHeadful {
interfaces = {
eth0.useDHCP = mkDefault true;
wlan0.useDHCP = mkDefault true;
};
networkmanager = {
enable = mkDefault true;
wifi.backend = "iwd";
};
wireless = {
enable = false;
iwd.enable = mkDefault true;
userControlled.enable = true;
allowAuxiliaryImperativeNetworks = true;
};
})
];
environment = {
shellAliases = listToAttrs (map
({
name,
value,
}:
nameValuePair name "${pkgs.iproute2}/bin/${value}") [
{
name = "bridge";
value = "bridge -color=always";
}
{
name = "ip";
value = "ip -color=always";
}
{
name = "tc";
value = "tc -color=always";
}
]);
systemPackages = with pkgs; [
ethtool
nethogs
];
};
};
}
|
