Compare commits

...

2 Commits

Author SHA1 Message Date
a63d5db6e0
refactor(hosts/orion): overhaul networking
All checks were successful
Check Formatting of Files / Check-Formatting (push) Successful in 1m4s
2024-09-21 21:21:22 -05:00
73d5dedff4
feat(hosts/orion): install wireshark 2024-09-21 21:20:50 -05:00
3 changed files with 24 additions and 46 deletions

View File

@ -1,56 +1,29 @@
{ hostname, lib, ... }:
let
default-network-cfg =
let
use-dhcp-dns = "no";
in
{ hostname, ... }:
{
networkConfig = {
DHCP = "yes";
MulticastDNS = "yes";
IPv6PrivacyExtensions = "yes";
IPv6AcceptRA = "yes";
};
dhcpV4Config = {
RouteMetric = 600;
UseDNS = use-dhcp-dns;
};
ipv6AcceptRAConfig = {
RouteMetric = 600;
UseDNS = use-dhcp-dns;
};
};
in
{
systemd.network = {
enable = true;
networks = lib.attrsets.mapAttrs (name: value: value // default-network-cfg) {
"10-wlan".matchConfig.Name = [ "wl*" ];
"10-ethernet".matchConfig.name = [
"en*"
"eth*"
];
"10-wwan".matchConfig.name = [ "ww*" ];
};
};
services.resolved = {
enable = true;
domains = [ "~." ];
extraConfig = ''
DNS=2a07:e340::2#dns.mullvad.net 194.242.2.2#dns.mullvad.net
FallbackDNS=1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
Cache=yes
CacheFromLocalhost=no
DNSSEC=no
DNSOverTLS=opportunistic
MulticastDNS=yes
'';
dnsovertls = "true";
dnssec = "true";
};
networking = {
wireless.iwd = {
enable = true;
settings = {
Settings = {
AutoConnect = true;
AlwaysRandomizeAddress = true;
Hidden = true;
};
};
};
hostName = hostname;
wireless.iwd.enable = true;
nameservers = [
"194.242.2.2#dns.mullvad.net"
"2a07:e340::2#dns.mullvad.net"
"91.239.100.100#anycast.uncensoreddns.org"
"2001:67c:28a4::#anycast.uncensoreddns.org"
];
useNetworkd = true;
};
}

View File

@ -14,6 +14,10 @@
stdenv.cc.cc
];
};
wireshark = {
enable = true;
package = pkgs.wireshark;
};
steam.enable = true;
};
}

View File

@ -17,6 +17,7 @@
"keyd"
(lib.mkIf config.virtualisation.docker.enable "docker")
(lib.mkIf config.virtualisation.libvirtd.enable "libvirtd")
(lib.mkIf config.programs.wireshark.enable "wireshark")
];
group = "price";
shell = pkgs.zsh;