2023-09-02 21:33:09 +08:00
|
|
|
inputs:
|
|
|
|
{
|
|
|
|
options.nixos.system.networking = let inherit (inputs.lib) mkOption types; in
|
|
|
|
{
|
|
|
|
hostname = mkOption { type = types.nonEmptyStr; };
|
2024-03-21 15:29:56 +08:00
|
|
|
networkManager.enable = mkOption
|
2024-03-21 21:49:29 +08:00
|
|
|
{ type = types.bool; default = inputs.config.nixos.system.networking.networkd == null; };
|
|
|
|
networkd = mkOption
|
2024-03-21 14:34:11 +08:00
|
|
|
{
|
2024-03-21 21:49:29 +08:00
|
|
|
type = types.nullOr (types.submodule { options =
|
|
|
|
{
|
|
|
|
dhcp = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
|
|
|
|
static = mkOption
|
|
|
|
{
|
|
|
|
type = types.attrsOf (types.submodule { options =
|
|
|
|
{
|
|
|
|
ip = mkOption { type = types.nonEmptyStr; };
|
|
|
|
mask = mkOption { type = types.ints.unsigned; };
|
|
|
|
gateway = mkOption { type = types.nonEmptyStr; };
|
|
|
|
dns = mkOption { type = types.nonEmptyStr; default = null; };
|
|
|
|
};});
|
|
|
|
default = {};
|
|
|
|
};
|
|
|
|
};});
|
|
|
|
default = null;
|
2024-03-21 14:34:11 +08:00
|
|
|
};
|
2024-03-21 21:49:29 +08:00
|
|
|
wireless = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
|
2023-09-02 21:33:09 +08:00
|
|
|
};
|
2024-03-21 14:34:11 +08:00
|
|
|
config = let inherit (inputs.config.nixos.system) networking; in inputs.lib.mkMerge
|
|
|
|
[
|
|
|
|
# general config
|
2023-09-02 21:33:09 +08:00
|
|
|
{
|
2024-03-21 15:29:56 +08:00
|
|
|
networking.hostName = networking.hostname;
|
2023-09-02 21:33:09 +08:00
|
|
|
boot.kernel.sysctl =
|
|
|
|
{
|
|
|
|
"net.core.rmem_max" = 67108864;
|
|
|
|
"net.core.wmem_max" = 67108864;
|
|
|
|
"net.ipv4.tcp_rmem" = "4096 87380 67108864";
|
|
|
|
"net.ipv4.tcp_wmem" = "4096 65536 67108864";
|
|
|
|
"net.ipv4.tcp_mtu_probing" = true;
|
|
|
|
"net.ipv4.tcp_tw_reuse" = true;
|
|
|
|
"net.ipv4.tcp_max_syn_backlog" = 8388608;
|
|
|
|
"net.core.netdev_max_backlog" = 8388608;
|
|
|
|
"net.core.somaxconn" = 8388608;
|
|
|
|
"net.ipv4.conf.all.route_localnet" = true;
|
|
|
|
"net.ipv4.conf.default.route_localnet" = true;
|
|
|
|
"net.ipv4.conf.all.accept_local" = true;
|
|
|
|
"net.ipv4.conf.default.accept_local" = true;
|
|
|
|
"net.ipv4.ip_forward" = true;
|
|
|
|
"net.ipv4.ip_nonlocal_bind" = true;
|
|
|
|
"net.bridge.bridge-nf-call-iptables" = false;
|
|
|
|
"net.bridge.bridge-nf-call-ip6tables" = false;
|
|
|
|
"net.bridge.bridge-nf-call-arptables" = false;
|
|
|
|
};
|
2024-03-21 14:34:11 +08:00
|
|
|
}
|
2024-03-21 15:29:56 +08:00
|
|
|
# networkManager
|
|
|
|
(inputs.lib.mkIf networking.networkManager.enable
|
|
|
|
{
|
|
|
|
networking.networkmanager =
|
|
|
|
{
|
|
|
|
enable = true;
|
|
|
|
# let networkmanager ignore the kernel command line `ip=xxx`
|
|
|
|
extraConfig =
|
|
|
|
''
|
|
|
|
[device]
|
|
|
|
keep-configuration=no
|
|
|
|
'';
|
|
|
|
};
|
2024-03-24 20:27:08 +08:00
|
|
|
environment.persistence."${inputs.config.nixos.system.impermanence.persistence}".directories =
|
|
|
|
[{ directory = "/etc/NetworkManager/system-connections"; mode = "0700"; }];
|
2024-03-21 15:29:56 +08:00
|
|
|
})
|
2024-03-21 14:34:11 +08:00
|
|
|
# networkd
|
2024-03-22 09:59:02 +08:00
|
|
|
(inputs.lib.mkIf (networking.networkd != null)
|
2024-03-21 14:34:11 +08:00
|
|
|
{
|
|
|
|
systemd.network =
|
|
|
|
{
|
|
|
|
enable = true;
|
2024-03-21 21:49:29 +08:00
|
|
|
networks = builtins.listToAttrs
|
|
|
|
(
|
|
|
|
(builtins.map
|
|
|
|
(network:
|
2024-03-21 14:34:11 +08:00
|
|
|
{
|
2024-03-21 21:49:29 +08:00
|
|
|
name = "10-${network.ssid}";
|
|
|
|
value =
|
2024-03-21 14:34:11 +08:00
|
|
|
{
|
2024-03-21 21:49:29 +08:00
|
|
|
matchConfig.Name = network.ssid;
|
|
|
|
networkConfig = { DHCP = "yes"; IPv6AcceptRA = true; };
|
|
|
|
linkConfig.RequiredForOnline = "routable";
|
2024-03-21 14:34:11 +08:00
|
|
|
};
|
2024-03-21 21:49:29 +08:00
|
|
|
})
|
|
|
|
networking.networkd.dhcp)
|
|
|
|
++ (builtins.map
|
|
|
|
(network:
|
|
|
|
{
|
|
|
|
name = "10-${network.name}";
|
|
|
|
value =
|
|
|
|
{
|
|
|
|
matchConfig.Name = network.name;
|
|
|
|
address = [ "${network.ip}/${builtins.toString network.mask}" ];
|
|
|
|
routes = [{ routeConfig.Gateway = network.gateway; }];
|
|
|
|
linkConfig.RequiredForOnline = "routable";
|
|
|
|
};
|
|
|
|
})
|
|
|
|
(inputs.localLib.attrsToList networking.networkd.static))
|
|
|
|
);
|
|
|
|
};
|
2024-03-22 09:59:02 +08:00
|
|
|
networking =
|
|
|
|
{
|
|
|
|
networkmanager.unmanaged = with networking.networkd; dhcp ++ (builtins.attrNames static);
|
|
|
|
useNetworkd = true;
|
|
|
|
};
|
2024-03-21 21:49:29 +08:00
|
|
|
})
|
|
|
|
# wpa_supplicant
|
|
|
|
(inputs.lib.mkIf (networking.wireless != [])
|
|
|
|
{
|
2024-03-22 09:59:02 +08:00
|
|
|
networking.wireless =
|
2024-03-21 21:49:29 +08:00
|
|
|
{
|
|
|
|
enable = true;
|
|
|
|
networks = builtins.listToAttrs (builtins.map
|
|
|
|
(network:
|
|
|
|
{
|
|
|
|
name = network;
|
|
|
|
value.psk = "@${builtins.hashString "md5" network}_PSK@";
|
2024-03-21 14:34:11 +08:00
|
|
|
})
|
2024-03-21 21:49:29 +08:00
|
|
|
networking.wireless);
|
|
|
|
environmentFile = inputs.config.sops.templates."wireless.env".path;
|
|
|
|
};
|
|
|
|
sops =
|
|
|
|
{
|
|
|
|
templates."wireless.env".content = builtins.concatStringsSep "\n" (builtins.map
|
|
|
|
(network: "${builtins.hashString "md5" network}_PSK=${inputs.config.sops.placeholder."wireless/${network}"}")
|
|
|
|
networking.wireless);
|
|
|
|
secrets = builtins.listToAttrs (builtins.map
|
|
|
|
(network: { name = "wireless/${network}"; value = {}; })
|
|
|
|
networking.wireless);
|
2024-03-21 14:34:11 +08:00
|
|
|
};
|
|
|
|
})
|
|
|
|
];
|
2023-09-02 21:33:09 +08:00
|
|
|
}
|