qenya/nixfiles
1
0
Fork 0
Code Issues 4 Pull requests Activity Actions

treewide: migrate networking to systemd-networkd

Browse source
This commit is contained in:
Katherina Walshe-Grey 2024-11-05 18:31:39 +00:00
parent 955409c8ef
commit 9cfe6e2c4c
8 changed files with 36 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

1
common/environment.nix
View file

@ -13,6 +13,7 @@
lsof lsof
tcpdump tcpdump
netcat # <3 netcat # <3
wireguard-tools
]; ];
environment.wordlist.enable = true; environment.wordlist.enable = true;

8
flake.lock generated
View file

@ -46,11 +46,11 @@
}, },
"birdsong": { "birdsong": {
"locked": { "locked": {
"lastModified": 1722971137, "lastModified": 1730826917,
"narHash": "sha256-1x0vaUy/uFCfoDn0a4K55+MNseAqLQmv1GPP6GQFFIA=", "narHash": "sha256-KzpWqP+Cg0H2V036LgIHfuxnpVq2wZ+eGFjuXegRhLY=",
"ref": "main", "ref": "main",
"rev": "2fd6d96a00ef69a2afe72a2fe9d18d759c1cc8f3", "rev": "8ca844c0d0ce3b8088c0a380ecdbf555015b0cd6",
"revCount": 7, "revCount": 9,
"type": "git", "type": "git",
"url": "https://git.qenya.tel/qenya/birdsong" "url": "https://git.qenya.tel/qenya/birdsong"
}, },

5
hosts/kalessin/hardware-configuration.nix
View file

@ -40,8 +40,9 @@
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; # networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s6.useDHCP = lib.mkDefault true; networking.useNetworkd = true;
networking.interfaces.enp0s6.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
} }

7
hosts/orm/default.nix
View file

@ -11,7 +11,12 @@
users.users.qenya.extraGroups = [ "wheel" ]; users.users.qenya.extraGroups = [ "wheel" ];
qenya.base-server.enable = true; qenya.base-server.enable = true;
age.secrets.wireguard-peer-orm.file = ../../secrets/wireguard-peer-orm.age; age.secrets.wireguard-peer-orm = {
file = ../../secrets/wireguard-peer-orm.age;
owner = "root";
group = "systemd-network";
mode = "640";
};
birdsong.peering = { birdsong.peering = {
enable = true; enable = true;

5
hosts/orm/hardware-configuration.nix
View file

@ -42,8 +42,9 @@
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; # networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens3.useDHCP = lib.mkDefault true; networking.useNetworkd = true;
networking.interfaces.ens3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
} }

11
hosts/tohru/networking.nix
View file

@ -1,9 +1,18 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
networking.useNetworkd = true;
systemd.network.wait-online.enable = false;
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
age.secrets.wireguard-peer-tohru.file = ../../secrets/wireguard-peer-tohru.age; age.secrets.wireguard-peer-tohru = {
file = ../../secrets/wireguard-peer-tohru.age;
owner = "root";
group = "systemd-network";
mode = "640";
};
birdsong.peering = { birdsong.peering = {
enable = true; enable = true;
privateKeyFile = config.age.secrets.wireguard-peer-tohru.path; privateKeyFile = config.age.secrets.wireguard-peer-tohru.path;

7
hosts/yevaud/default.nix
View file

@ -12,7 +12,12 @@
qenya.base-server.enable = true; qenya.base-server.enable = true;
age.secrets.wireguard-peer-yevaud.file = ../../secrets/wireguard-peer-yevaud.age; age.secrets.wireguard-peer-yevaud = {
file = ../../secrets/wireguard-peer-yevaud.age;
owner = "root";
group = "systemd-network";
mode = "640";
};
birdsong.peering = { birdsong.peering = {
enable = true; enable = true;

5
hosts/yevaud/hardware-configuration.nix
View file

@ -42,8 +42,9 @@
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; # networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens3.useDHCP = lib.mkDefault true; networking.useNetworkd = true;
networking.interfaces.ens3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
} }