mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

network

Browse Source
This commit is contained in:
mjallen18
2025-07-22 18:03:18 -05:00
parent 1d1f145b37
commit f8e80bd44c
7 changed files with 133 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
flake.nix
View File

@@ -99,7 +99,10 @@
systems = { systems = {
# common modules # common modules
modules.nixos = with inputs; [ modules.nixos = with inputs; [
authentik-nix.nixosModules.default
chaotic.nixosModules.default chaotic.nixosModules.default
crowdsec.nixosModules.crowdsec
crowdsec.nixosModules.crowdsec-firewall-bouncer
disko.nixosModules.disko disko.nixosModules.disko
impermanence.nixosModules.impermanence impermanence.nixosModules.impermanence
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
@@ -134,9 +137,6 @@
# ###################################################### # ######################################################
nas = { nas = {
modules = with inputs; [ modules = with inputs; [
authentik-nix.nixosModules.default
crowdsec.nixosModules.crowdsec
crowdsec.nixosModules.crowdsec-firewall-bouncer
nixos-hardware.nixosModules.common-pc nixos-hardware.nixosModules.common-pc
nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-cpu-amd-pstate nixos-hardware.nixosModules.common-cpu-amd-pstate

118
modules/nixos/network/default.nix Normal file
View File

@@ -0,0 +1,118 @@
{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.network;
in
{
options.${namespace}.network = with types; {
hostName = lib.mkOption {
type = str;
default = "nixos";
description = "The hostname of the system.";
};
ipv4 = {
method = mkOption {
type = types.str;
default = "auto";
};
address = lib.mkOption {
type = types.str;
default = "10.0.1.1";
};
gateway = lib.mkOption {
type = types.str;
default = "10.0.1.1";
};
dns = lib.mkOption {
type = types.str;
default = "10.0.1.1";
};
};
};
config = {
networking = {
hostName = lib.mkForce cfg.hostName;
# Enable Network Manager
networkmanager = {
enable = true;
ensureProfiles = {
environmentFiles = [
config.sops.secrets.wifi.path
];
profiles = {
"Joey's Jungle 6G" = {
connection = {
id = "Joey's Jungle 6G";
type = "wifi";
};
ipv4 = if (cfg.ipv4.method == "auto")
then
{
method = "auto";
}
else
{
address1 = cfg.ipv4.address;
dns = cfg.ipv4.dns;
gateway = cfg.ipv4.gateway;
method = "manual";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
wifi = {
mode = "infrastructure";
ssid = "Joey's Jungle 6G";
};
wifi-security = {
key-mgmt = "sae";
psk = "$PSK";
};
};
"Joey's Jungle 5G" = {
connection = {
id = "Joey's Jungle 5G";
type = "wifi";
};
ipv4 = if (cfg.ipv4.method == "auto")
then
{
method = "auto";
}
else
{
address1 = cfg.ipv4.address;
dns = cfg.ipv4.dns;
gateway = cfg.ipv4.gateway;
method = "manual";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
wifi = {
mode = "infrastructure";
ssid = "Joey's Jungle 5G";
};
wifi-security = {
key-mgmt = "sae";
psk = "$PSK";
};
};
};
};
};
};
};
}

3
systems/aarch64-linux/pi5/default.nix
View File

@@ -19,6 +19,9 @@ in
${namespace} = { ${namespace} = {
hardware.disko.enable = true; hardware.disko.enable = true;
desktop.hyprland.enable = false; desktop.hyprland.enable = false;
network = {
hostName = "pi5";
};
}; };
# Enable nix flakes and nix-command tools # Enable nix flakes and nix-command tools

36
systems/aarch64-linux/pi5/networking.nix
View File

@@ -14,41 +14,5 @@ in
enable = true; enable = true;
allowPing = true; allowPing = true;
}; };
# Enable Network Manager
networkmanager = {
enable = lib.mkDefault true;
wifi.powersave = lib.mkDefault false;
settings.connectivity.uri = lib.mkDefault "http://nmcheck.gnome.org/check_network_status.txt";
ensureProfiles = {
environmentFiles = [
config.sops.secrets.wifi.path
];
profiles = {
"Joey's Jungle 5G" = {
connection = {
id = "Joey's Jungle 5G";
type = "wifi";
};
ipv4 = {
method = "auto";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
wifi = {
mode = "infrastructure";
ssid = "Joey's Jungle 5G";
};
wifi-security = {
key-mgmt = "sae";
psk = "$PSK";
};
};
};
};
};
}; };
} }

2
systems/x86_64-linux/nas/apps.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, lib, namespace, ... }: { namespace, ... }:
{ {
${namespace} = { ${namespace} = {
services = { services = {

8
systems/x86_64-linux/nas/default.nix
View File

@@ -6,7 +6,6 @@
config, config,
pkgs, pkgs,
lib, lib,
inputs,
namespace, namespace,
... ...
}: }:
@@ -39,6 +38,13 @@
nvidiaSettings = true; nvidiaSettings = true;
enableNvidiaDocker = true; enableNvidiaDocker = true;
}; };
network = {
hostName = "jallen-nas";
ipv4 = {
address = "10.0.1.3/24";
method = "manual";
};
};
user = { user = {
name = "admin"; name = "admin";
}; };

41
systems/x86_64-linux/nas/networking.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, ... }: { ... }:
let let
ports = [ ports = [
8008 # restic 8008 # restic
@@ -28,49 +28,10 @@ in
{ {
# Networking configs # Networking configs
networking = { networking = {
hostName = lib.mkForce "jallen-nas";
useNetworkd = true; useNetworkd = true;
hostId = "4b501480"; hostId = "4b501480";
# Disable Network Manager
networkmanager = {
enable = true;
ensureProfiles = {
environmentFiles = [
config.sops.secrets.wifi.path
];
profiles = {
"Joey's Jungle 6G" = {
connection = {
id = "Joey's Jungle 6G";
type = "wifi";
};
ipv4 = {
address1 = "10.0.1.3/24";
dns = "10.0.1.1";
gateway = "10.0.1.1";
method = "manual";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
wifi = {
mode = "infrastructure";
ssid = "Joey's Jungle 6G";
};
wifi-security = {
key-mgmt = "sae";
psk = "$PSK";
};
};
};
};
};
nat = { nat = {
enable = true; enable = true;
internalInterfaces = [ "ve-+" ]; internalInterfaces = [ "ve-+" ];