panacea/modules/networking.nix

{ config, lib, pkgs, ... }:

{
  # Set hostname, hostid and enable WiFi
  networking = {
    hostName = "panacea";
    hostId = "8feb0bb8";
    wireless.iwd.enable = true;
  };

  # Enable systemd-networkd
  networking = {
    useDHCP = false;
    interfaces = {
      enp0s31f6.useDHCP = true;
      wlan0.useDHCP = true;
    };
    useNetworkd = true;
    dhcpcd.enable = false;
  };
  systemd.services."systemd-networkd-wait-online".enable = false;

  # Disable DNSSEC
  services.resolved.dnssec = "false";

  # Prioritize ethernet over WiFi
  systemd.network.networks."40-enp0s31f6".dhcpV4Config.RouteMetric = 10;
  systemd.network.networks."40-wlan0".dhcpV4Config.RouteMetric = 20;

  # Static IP for home network
  systemd.network.networks."24-home" = {
    name = "wlan0";
    matchConfig = {
      Name = "wlan0";
      SSID = "WiFi-5.0-CE42";
    };
    address = [ "192.168.13.131/24" ];
    gateway = [ "192.168.13.1" ];
    dns = [ "192.168.13.2" ];
    networkConfig.DNSSEC = "no";
  };

  # Enable zeroconf
  services.avahi = {
    enable = true;
    nssmdns = true;
  };

  # VPN setup
  systemd.network.netdevs."wg0" = {
    netdevConfig = {
      Kind = "wireguard";
      Name = "wg0";
    };
    wireguardConfig.PrivateKeyFile = config.age.secrets.wireguard.path;
    wireguardPeers = [{
      wireguardPeerConfig = {
        PublicKey = "GN8lqPBZYOulh6xD4GhkoEWI65HMMCpSxJSH5871YnU=";
        AllowedIPs = [ "0.0.0.0/0" ];
        Endpoint = "coolneng.duckdns.org:1194";
      };
    }];
  };
  systemd.network.networks."wg0" = {
    matchConfig.Name = "wg0";
    networkConfig = {
      Address = "10.8.0.2/32";
      DNS = "10.8.0.1";
    };
    routes = [{ routeConfig.Destination = "10.8.0.1"; }];
  };

  # Firewall configuration
  networking.firewall = {
    allowedTCPPorts = [
      9090 # Calibre Wireless
    ];
    allowedUDPPorts = [
      54982 # Calibre Wireless
    ];
  };
}
Add network configuration in a different module 2020-04-18 21:04:14 +02:00			`{ config, lib, pkgs, ... }:`

			`{`
Rebuild packages with pulseaudio and fix GTK theme 2020-05-14 02:09:23 +02:00			`# Set hostname, hostid and enable WiFi`
Add network configuration in a different module 2020-04-18 21:04:14 +02:00			`networking = {`
			`hostName = "panacea";`
Replace grub with systemd-boot 2020-05-08 21:53:52 +02:00			`hostId = "8feb0bb8";`
Revert "Revert "Replace wpa_supplicant with iwd"" This reverts commit 93d8ac4e0003af684528c230fa66cc09bf6420d6. 2020-12-20 20:54:53 +01:00			`wireless.iwd.enable = true;`
Add network configuration in a different module 2020-04-18 21:04:14 +02:00			`};`

Migrate to systemd-networkd 2022-03-28 18:08:23 +02:00			`# Enable systemd-networkd`
			`networking = {`
			`useDHCP = false;`
			`interfaces = {`
			`enp0s31f6.useDHCP = true;`
			`wlan0.useDHCP = true;`
			`};`
			`useNetworkd = true;`
			`dhcpcd.enable = false;`
			`};`
			`systemd.services."systemd-networkd-wait-online".enable = false;`

Disable DNSSEC 2022-08-16 13:12:34 +02:00			`# Disable DNSSEC`
			`services.resolved.dnssec = "false";`

Prioritize ethernet over WiFi 2022-04-29 18:12:46 +02:00			`# Prioritize ethernet over WiFi`
			`systemd.network.networks."40-enp0s31f6".dhcpV4Config.RouteMetric = 10;`
			`systemd.network.networks."40-wlan0".dhcpV4Config.RouteMetric = 20;`

Migrate to systemd-networkd 2022-03-28 18:08:23 +02:00			`# Static IP for home network`
			`systemd.network.networks."24-home" = {`
			`name = "wlan0";`
			`matchConfig = {`
			`Name = "wlan0";`
			`SSID = "WiFi-5.0-CE42";`
			`};`
Change network subnet 2022-07-12 20:49:08 +02:00			`address = [ "192.168.13.131/24" ];`
			`gateway = [ "192.168.13.1" ];`
			`dns = [ "192.168.13.2" ];`
Migrate to systemd-networkd 2022-03-28 18:08:23 +02:00			`networkConfig.DNSSEC = "no";`
			`};`

Add network configuration in a different module 2020-04-18 21:04:14 +02:00			`# Enable zeroconf`
			`services.avahi = {`
			`enable = true;`
			`nssmdns = true;`
			`};`
Set up Wireguard 2022-08-03 13:52:02 +02:00
			`# VPN setup`
			`systemd.network.netdevs."wg0" = {`
			`netdevConfig = {`
			`Kind = "wireguard";`
			`Name = "wg0";`
			`};`
			`wireguardConfig.PrivateKeyFile = config.age.secrets.wireguard.path;`
			`wireguardPeers = [{`
			`wireguardPeerConfig = {`
			`PublicKey = "GN8lqPBZYOulh6xD4GhkoEWI65HMMCpSxJSH5871YnU=";`
			`AllowedIPs = [ "0.0.0.0/0" ];`
Update Wireguard port 2022-09-08 10:53:41 +02:00			`Endpoint = "coolneng.duckdns.org:1194";`
Set up Wireguard 2022-08-03 13:52:02 +02:00			`};`
			`}];`
			`};`
			`systemd.network.networks."wg0" = {`
			`matchConfig.Name = "wg0";`
			`networkConfig = {`
			`Address = "10.8.0.2/32";`
			`DNS = "10.8.0.1";`
			`};`
			`routes = [{ routeConfig.Destination = "10.8.0.1"; }];`
			`};`
Allow Calibre wireless connections 2022-09-04 18:35:36 +02:00
			`# Firewall configuration`
			`networking.firewall = {`
			`allowedTCPPorts = [`
			`9090 # Calibre Wireless`
			`];`
			`allowedUDPPorts = [`
			`54982 # Calibre Wireless`
			`];`
			`};`
Add network configuration in a different module 2020-04-18 21:04:14 +02:00			`}`