{ lib, namespace, ... }: with lib; let inherit (lib.${namespace}) mkOpt mkBoolOpt; in { options.${namespace}.network = { hostName = mkOpt types.str "nixos" "The hostname of the system."; ipv4 = { method = mkOpt types.str "auto" "Method for IPv4 configuration (auto or manual)."; address = mkOpt types.str "10.0.1.1/24" "IPv4 address with subnet mask (e.g., 10.0.1.1/24)."; gateway = mkOpt types.str "10.0.1.1" "IPv4 default gateway."; interface = mkOpt types.str "" "Interface for the default gateway (required when using networkd)."; dns = mkOpt types.str "10.0.1.1" "IPv4 DNS server."; }; useNetworkd = mkBoolOpt true "Whether to use systemd-networkd for networking."; nat = { enable = mkBoolOpt false "Whether to enable NAT."; internalInterfaces = mkOpt (types.listOf types.str) [ ] "List of internal interfaces for NAT."; externalInterface = mkOpt types.str "" "External interface for NAT."; enableIPv6 = mkBoolOpt false "Whether to enable IPv6 NAT."; }; firewall = { enable = mkBoolOpt true "Whether to enable the firewall."; allowPing = mkBoolOpt true "Whether to allow ICMP ping."; allowedTCPPorts = mkOpt (types.listOf types.port) [ ] "List of allowed TCP ports."; allowedUDPPorts = mkOpt (types.listOf types.port) [ ] "List of allowed UDP ports."; trustedInterfaces = mkOpt (types.listOf types.str) [ ] "List of trusted interfaces."; kdeConnect = { enable = mkBoolOpt true "Whether to configure firewall ports for KDE Connect."; tcpRange = mkOpt (types.submodule { options = { from = mkOpt types.port 1714 "Start of TCP port range."; to = mkOpt types.port 1764 "End of TCP port range."; }; }) { from = 1714; to = 1764; } "KDE Connect TCP port range."; udpRange = mkOpt (types.submodule { options = { from = mkOpt types.port 1714 "Start of UDP port range."; to = mkOpt types.port 1764 "End of UDP port range."; }; }) { from = 1714; to = 1764; } "KDE Connect UDP port range."; }; }; networkmanager = { enable = mkBoolOpt true "Whether to enable WiFi configuration."; powersave = mkBoolOpt false "Whether to enable WiFi power saving."; profiles = mkOpt (types.attrsOf ( types.submodule { options = { ssid = mkOpt types.str "" "SSID of the WiFi network."; type = mkOpt types.str "wifi" "type of the network.(wifi/ethernet)"; interface = mkOpt types.str "" "Interface for this profile (defaults to global ipv4.interface)."; autoconnect = mkBoolOpt true "autoconnect to this connection"; autoconnect-retries = mkOpt types.int (-1) "The number of times a connection should be tried when autoactivating before giving up. Zero means forever, -1 means the global default (4 times if not overridden)"; priority = mkOpt types.int 0 "connection priority in range -999 to 999. The higher number means higher priority."; psk = mkOpt types.str "$PSK" "PSK for WiFi connection (set to \$PSK to use SOPS secret 'wifi/PSK')."; keyMgmt = mkOpt types.str "sae" "Key management type (e.g., sae, wpa-psk)."; }; } )) { "Joey's Jungle 6G" = { ssid = "Joey's Jungle 6G"; psk = "$PSK"; priority = 100; }; "Joey's Jungle 5G" = { ssid = "Joey's Jungle 5G"; psk = "$PSK"; priority = 50; }; "Joey's Jungle 2.5G" = { ssid = "Joey's Jungle 2.5G"; psk = "$PSK"; priority = 10; }; } "network profiles."; }; hostId = mkOpt types.str "" "Host ID for ZFS and other services."; iwd = { enable = mkBoolOpt true "Whether to enable iwd for wireless networking."; settings = mkOpt types.attrs { } "Settings for iwd."; }; extraFirewallCommands = mkOpt types.str "" "Extra commands for the firewall."; }; }