diff options
| author | Franck Cuny <franck@fcuny.net> | 2022-04-05 20:12:56 -0700 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2022-04-05 20:12:56 -0700 |
| commit | f3657271d6ea2408d812d32eea9862b61e49f5d8 (patch) | |
| tree | c6ea56f0616174024c7293ce032b7adacf7ea884 /hosts | |
| parent | refactor security to a module (diff) | |
| download | infra-f3657271d6ea2408d812d32eea9862b61e49f5d8.tar.gz | |
refactor network configuration
Diffstat (limited to 'hosts')
| -rw-r--r-- | hosts/aptos/networking.nix | 22 | ||||
| -rw-r--r-- | hosts/carmel/networking.nix | 20 | ||||
| -rw-r--r-- | hosts/common/system/default.nix | 2 | ||||
| -rw-r--r-- | hosts/common/system/network.nix | 19 | ||||
| -rw-r--r-- | hosts/sound.nix | 1 | ||||
| -rw-r--r-- | hosts/tahoe/networking.nix | 22 |
6 files changed, 58 insertions, 28 deletions
diff --git a/hosts/aptos/networking.nix b/hosts/aptos/networking.nix index ed5e175..111fbe7 100644 --- a/hosts/aptos/networking.nix +++ b/hosts/aptos/networking.nix @@ -1,4 +1,6 @@ -{ ... }: { +{ lib, ... }: + +{ # Use systemd-networkd for networking systemd.network = { enable = true; @@ -15,8 +17,22 @@ }; }; - networking.wireless.iwd.enable = true; - networking.private-wireguard.enable = true; + networking = { + hostName = "aptos"; + useNetworkd = true; + useDHCP = false; + private-wireguard.enable = true; + }; + + services.nscd.enable = false; + system.nssModules = lib.mkForce [ ]; + + # Use systemd-resolved + services.resolved = { + enable = true; + dnssec = "false"; + }; + my.hardware.networking.wireless.enable = true; my.services.tailscale.enable = true; } diff --git a/hosts/carmel/networking.nix b/hosts/carmel/networking.nix index f4a1c6f..8ad9d3e 100644 --- a/hosts/carmel/networking.nix +++ b/hosts/carmel/networking.nix @@ -1,4 +1,6 @@ -{ ... }: { +{ lib, ... }: + +{ # Use systemd-networkd for networking systemd.network = { enable = true; @@ -14,4 +16,20 @@ }; }; }; + + services.nscd.enable = false; + system.nssModules = lib.mkForce [ ]; + + # Use systemd-resolved + services.resolved = { + enable = true; + dnssec = "false"; + }; + + networking = { + hostName = "carmel"; + useNetworkd = true; + useDHCP = false; + private-wireguard.enable = true; + }; } diff --git a/hosts/common/system/default.nix b/hosts/common/system/default.nix index 9b2a7e4..8ccb80f 100644 --- a/hosts/common/system/default.nix +++ b/hosts/common/system/default.nix @@ -1,5 +1,5 @@ { pkgs, ... }: { - imports = [ ./boot.nix ./hardware.nix ./network.nix ]; + imports = [ ./boot.nix ./hardware.nix ]; } diff --git a/hosts/common/system/network.nix b/hosts/common/system/network.nix deleted file mode 100644 index df5aa27..0000000 --- a/hosts/common/system/network.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, pkgs, lib, hostname, ... }: - -{ - networking = { - hostName = hostname; - useNetworkd = true; - wireless.enable = false; - useDHCP = false; - }; - - services.nscd.enable = false; - system.nssModules = lib.mkForce [ ]; - - # Use systemd-resolved - services.resolved = { - enable = true; - dnssec = "false"; - }; -} diff --git a/hosts/sound.nix b/hosts/sound.nix deleted file mode 100644 index 947f9cd..0000000 --- a/hosts/sound.nix +++ /dev/null @@ -1 +0,0 @@ -{ ... }: { my.hardware.sound = { pipewire = { enable = true; }; }; } diff --git a/hosts/tahoe/networking.nix b/hosts/tahoe/networking.nix index 1b0568e..22a7251 100644 --- a/hosts/tahoe/networking.nix +++ b/hosts/tahoe/networking.nix @@ -1,4 +1,6 @@ -{ ... }: { +{ lib, ... }: + +{ # Use systemd-networkd for networking systemd.network = { enable = true; @@ -15,8 +17,22 @@ }; }; - networking.private-wireguard.enable = true; - networking.firewall.enable = false; + networking = { + hostName = "tahoe"; + useNetworkd = true; + useDHCP = false; + private-wireguard.enable = true; + firewall.enable = false; + }; + + services.nscd.enable = false; + system.nssModules = lib.mkForce [ ]; + + # Use systemd-resolved + services.resolved = { + enable = true; + dnssec = "false"; + }; my.services.tailscale.enable = true; } |