{ config, lib, ... }: let cfg = config.kropcloud.networking; ipopts = version: { address = lib.mkOption { type = lib.types.nullOr lib.types.str; description = "The server IPv${version} address"; example = if version == 4 then "192.168.1.155" else null; default = null; }; prefixLength = lib.mkOption { type = lib.types.nullOr lib.types.int; description = "The server IPv${version} address prefix length"; default = null; example = if version == 4 then 24 else 64; }; defaultGateway = lib.mkOption { type = lib.types.nullOr lib.types.str; description = "The defautl gateway IPv${version}"; default = null; example = if version == 4 then "192.168.1.1" else null; }; }; in { options.kropcloud.networking = { enable = lib.mkOption { type = lib.types.bool; description = "Whence to configure networking"; default = true; example = false; }; ipv4 = ipopts 4; }; config = lib.mkIf cfg.enable { assertions = [ { assertion = !(cfg.ipv4.address == null || cfg.ipv4.prefixLength == null || cfg.ipv4.defaultGateway == null); message = '' You need to provide valid values for `address`, `prefixLength` and `defaultGateway` in `kropcloud.networking.ipv4` when either is set. ''; } ]; networking = { nftables.enable = true; firewall = { checkReversePath = "loose"; }; interfaces = { ens18 = { ipv4.addresses = lib.mkIf (cfg.ipv4.address != null || cfg.ipv4.prefixLength != null) [ { address = cfg.ipv4.address; prefixLength = cfg.ipv4.prefixLength; } ]; }; }; useDHCP = ( cfg.ipv4.address == null || cfg.ipv4.prefixLength == null || cfg.ipv4.defaultGateway == null ); defaultGateway = lib.mkIf (cfg.ipv4.defaultGateway != null) { address = cfg.ipv4.defaultGateway; }; nameservers = lib.mkIf (cfg.ipv4.address != null || cfg.ipv4.prefixLength != null || cfg.ipv4.defaultGateway != null) [ "8.8.8.8" "1.1.1.1" ]; }; }; }