foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-01-31 16:57:55 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
00bbbd8135
nixos-config/hosts/plover/modules/hardware/hetzner-cloud-cx21.nix
Gabriel Arazas a386f99554 hosts: simplify networking set and update Wireguard setup 
Currently, the networking set is very messy. It is better to contain
them into another attribute set and categorizing them by the interfaces
that is supposed to contain them. I should've done this some time ago.
2023-01-23 17:46:32 +08:00

119 lines
3.3 KiB
Nix
Raw Blame History

{ config, lib, pkgs, modulesPath, ... }:
# Most of the filesystems listed here are supposed to be overriden to default
# settings of whatever image format configuration this host system will import
# from nixos-generators.
let
network = import ./networks.nix;
inherit (builtins) toString;
inherit (network) privateIPv6Prefix interfaces;
# This is just referring to the same interface just with alternative names.
mainEthernetInterfaceNames = [ "ens3" "enp0s3" ];
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = [ "ata_piix" "virtio_pci" "virtio_scsi" "xhci_pci" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = lib.mkOverride 2000 {
label = "nixos";
fsType = "ext4";
options = [ "defaults" ];
};
fileSystems."/boot" = lib.mkOverride 2000 {
label = "boot";
fsType = "vfat";
};
zramSwap = {
enable = true;
numDevices = 1;
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
networking = {
enableIPv6 = true;
usePredictableInterfaceNames = true;
useNetworkd = true;
# We're using networkd to configure so we're disabling this
# service.
useDHCP = false;
dhcpcd.enable = false;
};
# The interface configuration is based from the following discussion:
# https://discourse.nixos.org/t/nixos-on-hetzner-cloud-servers-ipv6/221/
systemd.network = {
enable = true;
# For more information, you can look at Hetzner documentation from
# https://docs.hetzner.com/robot/dedicated-server/ip/additional-ip-adresses/
networks = {
"60-wan" = {
matchConfig.Name = lib.concatStringsSep " " mainEthernetInterfaceNames;
# Setting the primary static IPs.
address = with interfaces; [
# The public IPs.
"${main'.IPv4}/32"
"${main'.IPv6}/128"
# IPs in the LAN.
"${main.IPv4}/16"
"${main.IPv6}/64"
];
networkConfig = {
IPForward = true;
IPMasquerade = "both";
};
routes = [
{ routeConfig.Gateway = "fe80::1"; }
{ routeConfig.Destination = "${interfaces.main'.IPv4}/32"; }
{
routeConfig = {
Gateway = "${interfaces.main'.IPv4}/32";
GatewayOnLink = true;
};
}
];
};
"60-lan" = {
matchConfig.Name = "ens11";
address = with interfaces.internal; [
"${IPv4}/16"
"${IPv6}/64"
];
networkConfig.DHCP = "yes";
};
# This is to make use of the remaining ethernet interfaces as we can
# build a local network.
"60-dhcpv6-pd-downstreams" = {
matchConfig.Name = "en*";
networkConfig.DHCP = "yes";
# Even if there's one, it would have the interface with subnets and a
# guaranteed network interface for the internal services.
dhcpV6Config.PrefixDelegationHint = "${privateIPv6Prefix}:43ff::/64";
};
};
};
# This is to look out for any errors that will occur for my networking setup
# which is always a possibility.
systemd.services.systemd-networkd.serviceConfig.Environment = "SYSTEMD_LOG_LEVEL=debug";
}
Reference in New Issue View Git Blame Copy Permalink