mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 03:18:45 +08:00
system.networking: rewrite
This commit is contained in:
parent
d97a5a4ada
commit
1a5b81a317
@ -44,7 +44,7 @@ inputs:
|
||||
nixpkgs.march = "silvermont";
|
||||
nix.substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
|
||||
kernel.patches = [ "cjktty" "lantian" ];
|
||||
networking = { hostname = "nas"; networkd.dhcp = [ "enp3s0" ]; };
|
||||
networking = { hostname = "nas"; networkd = {}; };
|
||||
gui.preferred = false;
|
||||
};
|
||||
hardware = { cpus = [ "intel" ]; gpu.type = "intel"; };
|
||||
|
@ -29,7 +29,7 @@ inputs:
|
||||
nixpkgs.march = "sandybridge";
|
||||
nix.substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
|
||||
initrd.sshd.enable = true;
|
||||
networking = { hostname = "vps6"; networkd.dhcp = [ "ens18" ]; };
|
||||
networking = { hostname = "vps6"; networkd = {}; };
|
||||
};
|
||||
packages.packageSet = "server";
|
||||
services =
|
||||
|
@ -29,7 +29,7 @@ inputs:
|
||||
nixpkgs.march = "broadwell";
|
||||
nix.substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
|
||||
initrd.sshd.enable = true;
|
||||
networking = { hostname = "vps7"; networkd.dhcp = [ "ens18" ]; };
|
||||
networking = { hostname = "vps7"; networkd = {}; };
|
||||
gui.preferred = false;
|
||||
};
|
||||
packages.packageSet = "desktop";
|
||||
|
@ -4,11 +4,27 @@ inputs:
|
||||
{
|
||||
hostname = mkOption { type = types.nonEmptyStr; };
|
||||
networkManager.enable = mkOption
|
||||
{ type = types.bool; default = inputs.config.nixos.system.networking.networkd.dhcp == []; };
|
||||
networkd =
|
||||
{ type = types.bool; default = inputs.config.nixos.system.networking.networkd == null; };
|
||||
networkd = mkOption
|
||||
{
|
||||
dhcp = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
|
||||
type = types.nullOr (types.submodule { options =
|
||||
{
|
||||
dhcp = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
|
||||
static = mkOption
|
||||
{
|
||||
type = types.attrsOf (types.submodule { options =
|
||||
{
|
||||
ip = mkOption { type = types.nonEmptyStr; };
|
||||
mask = mkOption { type = types.ints.unsigned; };
|
||||
gateway = mkOption { type = types.nonEmptyStr; };
|
||||
dns = mkOption { type = types.nonEmptyStr; default = null; };
|
||||
};});
|
||||
default = {};
|
||||
};
|
||||
};});
|
||||
default = null;
|
||||
};
|
||||
wireless = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
|
||||
};
|
||||
config = let inherit (inputs.config.nixos.system) networking; in inputs.lib.mkMerge
|
||||
[
|
||||
@ -52,29 +68,66 @@ inputs:
|
||||
};
|
||||
})
|
||||
# networkd
|
||||
(inputs.lib.mkIf (networking.networkd.dhcp != [])
|
||||
(inputs.lib.mkIf networking.networkd != null
|
||||
{
|
||||
systemd.network =
|
||||
{
|
||||
enable = true;
|
||||
networks = builtins.listToAttrs
|
||||
(
|
||||
(builtins.map
|
||||
(network:
|
||||
{
|
||||
name = "10-${network.ssid}";
|
||||
value =
|
||||
{
|
||||
matchConfig.Name = network.ssid;
|
||||
networkConfig = { DHCP = "yes"; IPv6AcceptRA = true; };
|
||||
linkConfig.RequiredForOnline = "routable";
|
||||
};
|
||||
})
|
||||
networking.networkd.dhcp)
|
||||
++ (builtins.map
|
||||
(network:
|
||||
{
|
||||
name = "10-${network.name}";
|
||||
value =
|
||||
{
|
||||
matchConfig.Name = network.name;
|
||||
address = [ "${network.ip}/${builtins.toString network.mask}" ];
|
||||
routes = [{ routeConfig.Gateway = network.gateway; }];
|
||||
linkConfig.RequiredForOnline = "routable";
|
||||
};
|
||||
})
|
||||
(inputs.localLib.attrsToList networking.networkd.static))
|
||||
);
|
||||
};
|
||||
networking.networkmanager.unmanaged = with networking.networkd; dhcp ++ (builtins.attrNames static);
|
||||
})
|
||||
# wpa_supplicant
|
||||
(inputs.lib.mkIf (networking.wireless != [])
|
||||
{
|
||||
services.wpa_supplicant =
|
||||
{
|
||||
enable = true;
|
||||
networks = builtins.listToAttrs (builtins.map
|
||||
(network:
|
||||
{
|
||||
name = "10-${network}";
|
||||
value =
|
||||
{
|
||||
matchConfig.Name = network;
|
||||
networkConfig =
|
||||
{
|
||||
DHCP = "yes";
|
||||
IPv6AcceptRA = true;
|
||||
};
|
||||
linkConfig.RequiredForOnline = "routable";
|
||||
};
|
||||
name = network;
|
||||
value.psk = "@${builtins.hashString "md5" network}_PSK@";
|
||||
})
|
||||
networking.networkd.dhcp);
|
||||
networking.wireless);
|
||||
environmentFile = inputs.config.sops.templates."wireless.env".path;
|
||||
};
|
||||
sops =
|
||||
{
|
||||
templates."wireless.env".content = builtins.concatStringsSep "\n" (builtins.map
|
||||
(network: "${builtins.hashString "md5" network}_PSK=${inputs.config.sops.placeholder."wireless/${network}"}")
|
||||
networking.wireless);
|
||||
secrets = builtins.listToAttrs (builtins.map
|
||||
(network: { name = "wireless/${network}"; value = {}; })
|
||||
networking.wireless);
|
||||
};
|
||||
networking = { useDHCP = false; networkmanager.unmanaged = networking.networkd.dhcp; };
|
||||
})
|
||||
];
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user