shared-public-infra/modules/network.nix

67 lines
1.7 KiB
Nix

{ config
, lib
, ...
}: {
# use networkd
networking.dhcpcd.enable = false;
systemd.network.enable = true;
# add an entry to /etc/hosts for each host
networking.extraHosts = lib.concatStringsSep "\n" (lib.mapAttrsToList
(name: host: ''
${lib.optionalString (host.ipv4 != null) "${host.ipv4} ${name}"}
${lib.optionalString (host.ipv6 != null) "${host.ipv6} ${name}"}
'')
config.networking.newtype.hosts);
# leave container interfaces alone
systemd.network.networks."05-veth".extraConfig = ''
[Match]
Driver = veth
[Link]
Unmanaged = yes
'';
systemd.network.networks."10-nat-lan" = {
matchConfig.Name = "nat-lan";
linkConfig.RequiredForOnline = true;
DHCP = "yes";
};
systemd.network.links."10-nat-lan" = {
matchConfig.MACAddress = "3c:ec:ef:7e:bd:c8";
linkConfig.Name = "nat-lan";
};
systemd.network.netdevs."10-wan-br" = {
netdevConfig.Name = "wan-br";
netdevConfig.Kind = "bridge";
netdevConfig.MACAddress = "none";
bridgeConfig.MulticastSnooping = false;
};
systemd.network.links."10-wan-br" = {
matchConfig.Name = "wan-br";
linkConfig.MACAddressPolicy = "none";
};
systemd.network.networks."10-wan-br" = {
matchConfig.Name = "wan-br";
linkConfig.RequiredForOnline = true;
networkConfig.Address = [ config.networking.newtype.currentHost.ipv6 ];
};
systemd.network.networks."10-wan" = {
matchConfig.Name = "wan";
networkConfig.Bridge = "wan-br";
};
systemd.network.links."10-wan" = {
matchConfig.MACAddress = "3c:ec:ef:7e:bd:c9";
linkConfig.Name = "wan";
};
deployment.targetHost = "${config.networking.hostName}.infra.newtype.fr";
}