diff --git a/hosts/thinkpad/modules/networks/default.nix b/hosts/thinkpad/modules/networks/default.nix index dcf6a0e..5a56d40 100644 --- a/hosts/thinkpad/modules/networks/default.nix +++ b/hosts/thinkpad/modules/networks/default.nix @@ -35,71 +35,68 @@ systemd.network = { enable = true; wait-online.anyInterface = true; - netdevs."20-bond0" = { - netdevConfig = { - Name = "bond0"; - Kind = "bond"; + networks."10-loopback" = { + matchConfig.Name = "lo"; + }; + networks."10-wired" = { + matchConfig.Name = "enp0s31f6"; + networkConfig = { + DHCP = "yes"; }; - bondConfig = { - Mode = "active-backup"; - PrimaryReselectPolicy = "always"; + dhcpV4Config = { + RouteMetric = 10; }; }; - networks = { - "20-ethernet-bond0" = { - matchConfig.Name = "enp0s31f6"; - networkConfig = { - Bond = "bond0"; - PrimarySlave = true; - }; + networks."10-wireless" = { + matchConfig.Name = "wlp9s0"; + networkConfig = { + DHCP = "yes"; + IgnoreCarrierLoss = "3s"; }; - "20-wireless-bond0" = { - matchConfig.Name = "wlp9s0"; - networkConfig = { - Bond = "bond0"; - #IgnoreCarrierLoss = "3s"; - DHCP = "yes"; - }; - }; - "20-bond0" = { - matchConfig.Name = "bond0"; - networkConfig = { - #DHCP = "yes"; - }; + dhcpV4Config = { + RouteMetric = 20; }; }; # some wireguard interfaces - #netdevs."30-dorm" = { - #netdevConfig = { - #Kind = "wireguard"; - #Name = "dorm"; - #Description = "WireGuard to my Dorm Infra"; - #}; - #wireguardConfig = { - #PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path; - #ListenPort = 51820; - #}; - #wireguardPeers = [ - #{ - #wireguardPeerConfig = { - #PublicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430="; - #PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path; - #AllowedIPs = [ "10.10.10.0/24" ]; - ##Endpoint = "dorm.vpn.rfive.de:51820"; - #Endpoint = "141.30.227.6:51820"; - #}; - #} - #]; - #}; - #networks."30-dorm" = { - #matchConfig.Name = "dorm"; - #networkConfig = { - #Address = "10.10.10.3/32"; - #}; - #routes = [ - #{ routeConfig = { Gateway = "10.10.10.1"; Destination = "10.10.10.0/24"; }; } - #]; - #}; + netdevs."30-dorm" = { + netdevConfig = { + Kind = "wireguard"; + Name = "dorm"; + Description = "WireGuard to my Dorm Infra"; + }; + wireguardConfig = { + PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path; + ListenPort = 51820; + }; + wireguardPeers = [ + { + wireguardPeerConfig = { + PublicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430="; + PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path; + Endpoint = "dorm.vpn.rfive.de:51820"; + AllowedIPs = "10.10.10.0/24, 192.168.10.0/24"; # seems to be broken, has no effect on routes + }; + } + ]; + }; + networks."30-dorm" = { + matchConfig.Name = "dorm"; + networkConfig = { + Address = "10.10.10.3/24"; + DNS = "10.10.10.1"; + DNSDefaultRoute = true; + }; + linkConfig = { + ActivationPolicy = "manual"; #manual activation cause sometimes the endpoint can't be resolved + }; + routes = [ + # Somehow systemd-networkd always creates a route to 10.10.10.0/24 with metric 0 and regardless how I set it, + # my settings are ignored and set to 0. Route below would do it right, as soon as I find out how I can deacivate + # the metric 0 one, this will be uncommented + #{ routeConfig = { Gateway = "0.0.0.0"; Destination = "10.10.10.0/24"; Metric = 50; }; } + { routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.10.0/24"; Metric = 50; }; } + ]; + }; }; }