{ config, lib, pkgs, foodogsquaredLib, ... }:
let
hostCfg = config.hosts.ni;
cfg = hostCfg.networking;
in {
options.hosts.ni.networking = {
enable = lib.mkEnableOption "networking setup";
enableCommonSetup = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Whether to enable opening TCP ports and configuring network-related
settings typically used for easy networking with clients.
'';
example = false;
};
setup = lib.mkOption {
type = lib.types.enum [ "networkd" "networkmanager" ];
description = ''
Indicates the component of the network setup. In practice, you'll most
likely just use NetworkManager since it is what is being supported by
most desktop setups such as GNOME.
::: {.warning}
Using systemd-networkd setup is considered experimental. Use at your own
risk.
:::
'';
default =
if config.networking.useNetworkd then "networkd" else "networkmanager";
defaultText = ''
When networkd is enabled, `networkd`, otherwise `networkmanager` as the
general fallback value.
'';
example = "networkd";
};
};
config = lib.mkIf cfg.enable (lib.mkMerge [
{
# Set your time zone.
time.timeZone = "Asia/Manila";
# Doxxing myself.
location = {
latitude = 15.0;
longitude = 121.0;
};
# Add these timeservers.
networking.timeServers =
lib.mkBefore [ "ntp.nict.jp" "time.nist.gov" "time.facebook.com" ];
# Put on your cloak, kid.
suites.vpn.personal.enable = true;
# We'll go with a software firewall. We're mostly configuring it as if we're
# using a server even though the chances of that is pretty slim.
networking.nftables.enable = true;
networking.firewall.enable = true;
# Just supporting local systems, businesses, and business systems.
services.avahi = {
enable = true;
nssmdns4 = true;
publish = {
enable = true;
userServices = true;
};
};
# Cross-platform filesystem networking.
services.samba = {
enable = true;
nmbd.enable = true;
nsswins = true;
};
# Set resolved for DNS resolutions.
services.resolved = {
enable = true;
llmnr = "true";
domains = [
"~plover.foodogsquared.one"
"~0.27.172.in-addr.arpa"
"~0.28.172.in-addr.arpa"
];
};
}
(lib.mkIf (cfg.setup == "networkd") {
networking = {
usePredictableInterfaceNames = true;
useNetworkd = true;
# We're using networkd to configure so we're disabling this
# service.
useDHCP = false;
dhcpcd.enable = false;
};
# Setting up our network manager of choice.
systemd.network.enable = true;
# Setting up the bond devices. So far it should have 2 Ethernet ports and
# one WiFi interface so it should be bond composed of three interfaces.
systemd.network.networks."40-bond1-dev1" = {
matchConfig.Name = "enp3s0";
networkConfig.Bond = "bond1";
};
systemd.network.networks."40-bond1-dev2" = {
matchConfig.Name = "wlp4s0";
networkConfig = {
Bond = "bond1";
IgnoreCarrierLoss = "15";
};
};
# Creating the ethernet-wireless-network bond.
systemd.network.netdevs."40-bond1".netdevConfig = {
Name = "bond1";
Kind = "bond";
};
systemd.network.networks."40-bond1" = {
matchConfig.Name = "bond1";
networkConfig.DHCP = "yes";
};
})
(lib.mkIf (cfg.setup == "networkmanager") {
networking.usePredictableInterfaceNames = true;
# Enable and configure NetworkManager.
networking.networkmanager = lib.mkMerge [
{
enable = true;
dhcp = lib.mkIf (config.networking.dhcpcd.enable) "dhcpcd";
}
(lib.mkIf config.services.resolved.enable { dns = "systemd-resolved"; })
];
# We'll configure individual network interfaces to use DHCP since it can
# fail wait-online-interface.service.
networking.useDHCP = lib.mkDefault true;
# Configure the networking bonds.
networking.bonds.bond0 = {
driverOptions = {
miimon = "100";
mode = "active-backup";
};
interfaces = [ "eno1" "enp3s0" "wlp4s0" ];
};
})
(lib.mkIf cfg.enableCommonSetup {
state.ports = {
http = {
value = 80;
protocols = [ "tcp" ];
openFirewall = true;
};
https = {
value = 443;
protocols = [ "tcp" ];
openFirewall = true;
};
# This is for user-specific services that would need to be exposed to
# the local network.
userland = {
value = foodogsquaredLib.nixos.makeRange 20000 30000;
openFirewall = true;
};
};
})
]);
}