rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-15 05:13:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

initial systemd-networkd conf, has problems

Browse source
This commit is contained in:
Rouven Seifert 2023-01-15 02:28:40 +01:00
parent 1d380cfdfc
commit 974b62495e
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
1 changed files with 75 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

93
hosts/thinkpad/modules/networks/default.nix
View file

@ -4,10 +4,15 @@
sops.secrets = { sops.secrets = {
"wireless-env" = { }; "wireless-env" = { };
"wireguard/dorm/private" = { }; "wireguard/dorm/private" = {
"wireguard/dorm/preshared" = { }; owner = config.users.users.systemd-network.name;
};
"wireguard/dorm/preshared" = {
owner = config.users.users.systemd-network.name;
};
}; };
networking = { networking = {
useNetworkd = true;
hostName = "thinkpad"; hostName = "thinkpad";
firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }]; # open ports for kde connect firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }]; # open ports for kde connect
firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }]; firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }];
@ -23,26 +28,78 @@
"@DORM_SSID@" = { "@DORM_SSID@" = {
psk = "@DORM_PSK@"; psk = "@DORM_PSK@";
authProtocols = [ "WPA-PSK" ]; authProtocols = [ "WPA-PSK" ];
extraConfig = "disabled=1";
}; };
}; };
}; };
wg-quick.interfaces = { };
Dorm = { systemd.network = {
address = [ "10.10.10.3/32" ]; enable = true;
privateKeyFile = config.sops.secrets."wireguard/dorm/private".path; wait-online.anyInterface = true;
listenPort = 51820; netdevs."20-bond0" = {
dns = [ "192.168.10.1" ]; netdevConfig = {
autostart = false; Name = "bond0";
peers = [ Kind = "bond";
{ };
publicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430="; bondConfig = {
presharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path; Mode = "active-backup";
allowedIPs = [ "0.0.0.0/0" ]; PrimaryReselectPolicy = "always";
endpoint = "dorm.vpn.rfive.de:51820";
}
];
}; };
}; };
networks = {
"20-ethernet-bond0" = {
matchConfig.Name = "enp0s31f6";
networkConfig = {
Bond = "bond0";
PrimarySlave = true;
};
};
"20-wireless-bond0" = {
matchConfig.Name = "wlp9s0";
networkConfig = {
Bond = "bond0";
#IgnoreCarrierLoss = "3s";
DHCP = "yes";
};
};
"20-bond0" = {
matchConfig.Name = "bond0";
networkConfig = {
#DHCP = "yes";
};
};
};
# some wireguard interfaces
#netdevs."30-dorm" = {
#netdevConfig = {
#Kind = "wireguard";
#Name = "dorm";
#Description = "WireGuard to my Dorm Infra";
#};
#wireguardConfig = {
#PrivateKeyFile = config.sops.secrets."wireguard/dorm/private".path;
#ListenPort = 51820;
#};
#wireguardPeers = [
#{
#wireguardPeerConfig = {
#PublicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430=";
#PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path;
#AllowedIPs = [ "10.10.10.0/24" ];
##Endpoint = "dorm.vpn.rfive.de:51820";
#Endpoint = "141.30.227.6:51820";
#};
#}
#];
#};
#networks."30-dorm" = {
#matchConfig.Name = "dorm";
#networkConfig = {
#Address = "10.10.10.3/32";
#};
#routes = [
#{ routeConfig = { Gateway = "10.10.10.1"; Destination = "10.10.10.0/24"; }; }
#];
#};
}; };
} }