tomate: configure ifsr-apb network

2024-04-16 10:58:35 +02:00 · 2024-04-16 10:58:35 +02:00 · 5b95918c29
commit 5b95918c29
parent 83db5399d7
3 changed files with 44 additions and 6 deletions
--- a/hosts/tomate/configuration.nix
+++ b/hosts/tomate/configuration.nix
@ -8,6 +8,7 @@
  imports =
    [
      # Include the results of the hardware scan.
+      ./network.nix
      ./hardware-configuration.nix
    ];

@ -15,8 +16,6 @@
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

-  networking.hostName = "tomate"; # Define your hostname.
-  networking.nftables.enable = true;

  nix = {
    settings = {
@ -29,8 +28,6 @@
    };
  };

-  # Enable networking
-  networking.networkmanager.enable = true;

  # Set your time zone.
  time.timeZone = "Europe/Berlin";
--- a/hosts/tomate/network.nix
+++ b/hosts/tomate/network.nix
@ -0,0 +1,40 @@
+{ config, ... }:
+{
+  sops.secrets.ifsr-apb-auth = { };
+  networking = {
+    domain = "ifsr.de";
+    hostName = "tomate";
+    useNetworkd = true;
+    nftables.enable = true;
+    # Radius authentification
+    supplicant."enp3s0" = {
+      driver = "wired";
+      configFile.path = config.sops.secrets.ifsr-apb-auth.path;
+    };
+  };
+
+  services.resolved = {
+    enable = true;
+    fallbackDns = [ "9.9.9.9" ];
+  };
+
+  systemd.network = {
+    enable = true;
+
+    networks."10-wired-default" = {
+      matchConfig.Name = "enp3s0";
+
+      address = [ "141.30.86.196/26" ];
+      routes = [
+        {
+          routeConfig.Gateway = "141.30.86.193";
+        }
+      ];
+      networkConfig = {
+        DNS = "141.30.1.1";
+        LLDP = true;
+        EmitLLDP = "nearest-bridge";
+      };
+    };
+  };
+}