idk

2025-08-21 15:39:24 -05:00
parent 6025b6c4f1
commit bd64283f04
14 changed files with 768 additions and 346 deletions
--- a/systems/aarch64-linux/macbook-pro-nixos/default.nix
+++ b/systems/aarch64-linux/macbook-pro-nixos/default.nix
@@ -15,7 +15,7 @@ in
  imports = [
    ./boot.nix
    ./hardware-configuration.nix
-    ./networking.nix
+    # ./networking.nix - moved to modules/nixos/network
    ./services.nix
  ];

@@ -58,6 +58,28 @@ in
    };
    network = {
      hostName = "macbook-pro-nixos";
+      wifi.enable = false;
+      iwd = {
+        enable = true;
+        settings = {
+          General = {
+            EnableNetworkConfiguration = true;
+          };
+          Rank = {
+            BandModifier2_4GHz = 1.0;
+            BandModifier5GHz = 5.0;
+            BandModifier6GHz = 10.0;
+          };
+          Network = {
+            AutoConnect = true;
+          };
+        };
+      };
+      extraFirewallCommands = ''
+        iptables -I INPUT -m pkttype --pkt-type multicast -j ACCEPT
+        iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
+        iptables -I INPUT -p udp -m udp --match multiport --dports 1990,2021 -j ACCEPT
+      '';
    };
  };

--- a/systems/aarch64-linux/pi4/default.nix
+++ b/systems/aarch64-linux/pi4/default.nix
@@ -17,13 +17,31 @@ in
  imports = [
    ./adguard.nix
    ./boot.nix
-    ./networking.nix
+    # ./networking.nix - moved to modules/nixos/network
    ./sops.nix
  ];

  ${namespace} = {
    hardware.disko.enable = true;
-    network.hostName = "pi4";
+    network = {
+      hostName = "pi4";
+      ipv4 = {
+        method = "manual";
+        address = "10.0.1.2/24";
+        gateway = "10.0.1.1";
+        dns = "1.1.1.1";
+      };
+      firewall = {
+        enable = true;
+        allowPing = true;
+        allowedTCPPorts = [ 53 ];
+        allowedUDPPorts = [ 53 ];
+      };
+      wifi = {
+        enable = true;
+        powersave = false;
+      };
+    };
  };

  # Configure nixpkgs
--- a/systems/aarch64-linux/pi5/default.nix
+++ b/systems/aarch64-linux/pi5/default.nix
@@ -17,7 +17,7 @@ in
 {
  imports = [
    ./boot.nix
-    ./networking.nix
+    # ./networking.nix - moved to modules/nixos/network
    ./services.nix
    ./sops.nix
  ];
@@ -27,6 +27,15 @@ in
    desktop.hyprland.enable = false;
    network = {
      hostName = "pi5";
+      ipv4 = {
+        method = "manual";
+        gateway = "10.0.1.1";
+        dns = "10.0.1.1";
+      };
+      firewall = {
+        enable = true;
+        allowPing = true;
+      };
    };
  };