64 lines
1.6 KiB
Nix
64 lines
1.6 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
cfg = config.kropcloud.networking;
|
|
ipopts = version: {
|
|
address = lib.mkOption {
|
|
type = lib.types.nullOr lib.types.str;
|
|
description = "The server IPv${version} address";
|
|
example = if version == 4 then "192.168.1.155" else null;
|
|
default = null;
|
|
};
|
|
prefixLength = lib.mkOption {
|
|
type = lib.types.nullOr lib.types.int;
|
|
description = "The server IPv${version} address prefix length";
|
|
default = null;
|
|
example = if version == 4 then 24 else 64;
|
|
};
|
|
};
|
|
in
|
|
{
|
|
options.kropcloud.networking = {
|
|
enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
description = "Whence to configure networking";
|
|
default = true;
|
|
example = false;
|
|
};
|
|
ipv4 = ipopts 4;
|
|
};
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
assertions = [
|
|
{
|
|
assertion = !(cfg.ipv4.address == null || cfg.ipv4.prefixLength == null);
|
|
message = ''
|
|
You need to provide valid values for both `address` and `prefixLength` in `kropcloud.networking.ipv4`
|
|
when either is set.
|
|
'';
|
|
}
|
|
];
|
|
|
|
networking = {
|
|
nftables.enable = true;
|
|
firewall = {
|
|
checkReversePath = "loose";
|
|
};
|
|
interfaces = {
|
|
ens18 = {
|
|
ipv4.addresses = lib.mkIf (cfg.ipv4.address != null || cfg.ipv4.prefixLength != null) [
|
|
{
|
|
address = cfg.ipv4.address;
|
|
prefixLength = cfg.ipv4.prefixLength;
|
|
}
|
|
];
|
|
};
|
|
};
|
|
useDHCP = (cfg.ipv4.address == null || cfg.ipv4.prefixLength == null);
|
|
nameservers = [ "8.8.8.8" "1.1.1.1" ];
|
|
};
|
|
};
|
|
}
|