network/nix/nixos-module/network.nix

{ hostName, config, lib, pkgs, ... }:

{
  networking.firewall.enable = lib.mkDefault false;

  networking.useHostResolvConf = false;
  services.resolved.enable = false;
  environment.etc."resolv.conf".text = ''
    nameserver 172.20.73.8 9.9.9.9
  '';
  
  systemd.network = {
    enable = true;

    networks =
      builtins.mapAttrs (ifName: { gw, gw6, ... }: {
        matchConfig.Name = ifName;
        # addresses = [ {
        #   addressConfig.Address = "127.0.0.1/8";
        # } ];
        # TODO: lookup hostname
        gateway = with lib;
          optional (gw  != null) gw ++
          optional (gw6 != null) gw6;
      }) config.site.hosts.${hostName}.interfaces;
  };
}