71 lines
1.9 KiB
Nix
71 lines
1.9 KiB
Nix
{ hostName, config, lib, ... }:
|
|
|
|
let
|
|
# pick an address for a net's gateway
|
|
findGw6 = net: gw6:
|
|
let
|
|
inherit (config.site.net.${net}) hosts6;
|
|
in
|
|
builtins.foldl' (result: ctx:
|
|
let
|
|
h = hosts6.${ctx};
|
|
in
|
|
if result == null && h ? ${hostName} && h ? ${gw6}
|
|
then h.${gw6}
|
|
else result
|
|
) null (builtins.attrNames hosts6);
|
|
in
|
|
{
|
|
networking.firewall.enable = lib.mkDefault false;
|
|
|
|
# network configuration
|
|
networking.useDHCP = false;
|
|
|
|
networking.useNetworkd = true;
|
|
systemd.network = {
|
|
enable = true;
|
|
|
|
networks =
|
|
builtins.mapAttrs (ifName: { gw4, gw6, ... }:
|
|
let
|
|
netConfig = config.site.net.${ifName};
|
|
in lib.mkIf (config.site.net ? ${ifName}) rec {
|
|
matchConfig.Name = ifName;
|
|
|
|
networkConfig = {
|
|
IPForward = config.site.hosts.${hostName}.isRouter;
|
|
IPv6AcceptRA = lib.mkDefault false;
|
|
LLDP = true;
|
|
EmitLLDP = true;
|
|
};
|
|
|
|
addresses =
|
|
let
|
|
address = netConfig.hosts4.${hostName};
|
|
prefixLen = netConfig.subnet4Len;
|
|
in
|
|
lib.optional (netConfig.hosts4 ? ${hostName}) {
|
|
addressConfig.Address = "${address}/${toString prefixLen}";
|
|
} ++
|
|
builtins.concatMap (hosts6:
|
|
lib.optional (hosts6 ? ${hostName}) {
|
|
addressConfig.Address = "${hosts6.${hostName}}/64";
|
|
}
|
|
) (builtins.attrValues netConfig.hosts6);
|
|
|
|
gateway = with lib;
|
|
optional (gw4 != null) config.site.net.${ifName}.hosts4.${gw4} ++
|
|
optional (gw6 != null) (findGw6 ifName gw6);
|
|
|
|
}) config.site.hosts.${hostName}.interfaces;
|
|
};
|
|
|
|
# DNS settings
|
|
networking.useHostResolvConf = false;
|
|
services.resolved.enable = false;
|
|
environment.etc."resolv.conf".text = ''
|
|
nameserver 172.20.73.8
|
|
nameserver 9.9.9.9
|
|
'';
|
|
}
|