network/nix/nixos-module/network.nix

66 lines
1.8 KiB
Nix

{ hostName, config, lib, pkgs, ... }:
let
# pick an address for a net's gateway
findGw6 = net: gw6:
let
inherit (config.site.net.${net}) hosts6;
in
builtins.foldl' (result: ctx:
let
h = hosts6.${ctx};
in
if result == null && h ? ${hostName} && h ? ${gw6}
then h.${gw6}
else result
) null (builtins.attrNames hosts6);
in
{
networking.firewall.enable = lib.mkDefault false;
# network configuration
networking.useDHCP = false;
networking.useNetworkd = true;
systemd.network = {
enable = true;
networks =
builtins.mapAttrs (ifName: { gw4, gw6, ... }:
let
netConfig = config.site.net.${ifName};
in rec {
matchConfig.Name = ifName;
networkConfig.IPForward =
config.site.hosts.${hostName}.isRouter;
addresses =
let
address = netConfig.hosts4.${hostName};
prefixLen = netConfig.subnet4Len;
in
lib.optional (netConfig.hosts4 ? ${hostName}) {
addressConfig.Address = "${address}/${toString prefixLen}";
} ++
builtins.concatMap (hosts6:
lib.optional (hosts6 ? ${hostName}) {
addressConfig.Address = "${hosts6.${hostName}}/64";
}
) (builtins.attrValues netConfig.hosts6);
gateway = with lib;
optional (gw4 != null) config.site.net.${ifName}.hosts4.${gw4} ++
optional (gw6 != null) (findGw6 ifName gw6);
}) config.site.hosts.${hostName}.interfaces;
};
# DNS settings
networking.useHostResolvConf = false;
services.resolved.enable = false;
environment.etc."resolv.conf".text = ''
nameserver 172.20.73.8 9.9.9.9
'';
}