chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2026-01-12 04:39:23 +08:00
Code Issues Packages Projects Releases Wiki Activity

modules.system.networking: cleanup

Browse Source
This commit is contained in:
陈浩南
2024-10-27 14:04:13 +08:00
parent 824d32e0a3
commit b3ffaf1374
11 changed files with 94 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
devices/nas/default.nix
View File

@@ -41,7 +41,7 @@ inputs:
initrd.sshd.enable = true;
nixpkgs.march = "silvermont";
nix.substituters = [ "https://nix-store.chn.moe?priority=100" ];
networking.networkd = {};
networking = {};
};
hardware = { cpus = [ "intel" ]; gpu.type = "intel"; };
services =

2
devices/pi3b/default.nix
View File

@@ -18,7 +18,7 @@ inputs:
swap = [ "/nix/swap/swap" ];
rollingRootfs = {};
};
networking.networkd = {};
networking = {};
nixpkgs.arch = "aarch64";
kernel.variant = "nixos";
};

2
devices/srv1/node0/default.nix
View File

@@ -8,7 +8,7 @@ inputs:
system =
{
nixpkgs.march = "cascadelake";
networking.networkd.static =
networking.static =
{
eno145 = { ip = "192.168.1.10"; mask = 24; gateway = "192.168.1.1"; };
eno146 = { ip = "192.168.178.1"; mask = 24; };

2
devices/srv1/node1/default.nix
View File

@@ -8,7 +8,7 @@ inputs:
system =
{
nixpkgs.march = "broadwell";
networking.networkd.static.eno2 =
networking.static.eno2 =
{ ip = "192.168.178.2"; mask = 24; gateway = "192.168.178.1"; dns = "192.168.178.1"; };
fileSystems.mount.nfs."192.168.178.1:/home" = "/home";
};

2
devices/srv1/node2/default.nix
View File

@@ -8,7 +8,7 @@ inputs:
system =
{
nixpkgs.march = "broadwell";
networking.networkd.static =
networking.static =
{
br0 = { ip = "192.168.1.12"; mask = 24; gateway = "192.168.1.1"; dns = "192.168.1.1"; };
eno2 = { ip = "192.168.178.3"; mask = 24; };

2
devices/srv1/node3/default.nix
View File

@@ -8,7 +8,7 @@ inputs:
system =
{
nixpkgs.march = "broadwell";
networking.networkd.static.eno2 =
networking.static.eno2 =
{ ip = "192.168.178.4"; mask = 24; gateway = "192.168.178.1"; dns = "192.168.178.1"; };
fileSystems.mount.nfs."192.168.178.1:/home" = "/home";
};

2
devices/vps4/default.nix
View File

@@ -29,7 +29,7 @@ inputs:
nixpkgs.march = "znver2";
nix.substituters = [ "https://nix-store.chn.moe?priority=100" ];
initrd.sshd.enable = true;
networking.networkd = {};
networking = {};
binfmt = null;
};
services =

2
devices/vps6/default.nix
View File

@@ -29,7 +29,7 @@ inputs:
nixpkgs.march = "sandybridge";
nix.substituters = [ "https://nix-store.chn.moe?priority=100" ];
initrd.sshd.enable = true;
networking.networkd = {};
networking = {};
# do not use cachyos kernel, beesd + cachyos kernel + heavy io = system freeze, not sure why
};
services =

2
devices/vps7/default.nix
View File

@@ -29,7 +29,7 @@ inputs:
nixpkgs.march = "znver2";
nix.substituters = [ "https://nix-store.chn.moe?priority=100" ];
initrd.sshd.enable = true;
networking.networkd = {};
networking = {};
};
services =
{

2
modules/services/slurm.nix
View File

@@ -4,7 +4,7 @@ inputs:
{
enable = mkOption { type = types.bool; default = false; };
# 本机是否为控制节点,如果不是,填写控制节点的主机名
master = mkOption { type = types.nonEmptyStr; default = inputs.config.nixos.system.networking.hostname; };
master = mkOption { type = types.nonEmptyStr; default = inputs.config.nixos.model.hostname; };
node = mkOption { type = types.attrsOf (types.submodule (submoduleInputs: { options =
{
# slurm 中使用的节点名称

179
modules/system/networking.nix
View File

@@ -1,29 +1,25 @@
inputs:
{
options.nixos.system.networking = let inherit (inputs.lib) mkOption types; in
options.nixos.system.networking = let inherit (inputs.lib) mkOption types; in mkOption
{
networkManager.enable = mkOption
{ type = types.bool; default = inputs.config.nixos.system.networking.networkd == null; };
networkd = mkOption
# null: use network-manager; otherwise use networkd
type = types.nullOr (types.submodule { options =
{
type = types.nullOr (types.submodule { options =
dhcp = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
static = mkOption
{
dhcp = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
static = mkOption
type = types.attrsOf (types.submodule { options =
{
type = types.attrsOf (types.submodule { options =
{
ip = mkOption { type = types.nonEmptyStr; };
mask = mkOption { type = types.ints.unsigned; };
gateway = mkOption { type = types.nullOr types.nonEmptyStr; default = null; };
dns = mkOption { type = types.nullOr types.nonEmptyStr; default = null; };
};});
default = {};
};
};});
default = null;
};
wireless = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
ip = mkOption { type = types.nonEmptyStr; };
mask = mkOption { type = types.ints.unsigned; };
gateway = mkOption { type = types.nullOr types.nonEmptyStr; default = null; };
dns = mkOption { type = types.nullOr types.nonEmptyStr; default = null; };
};});
default = {};
};
wireless = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
};});
default = null;
};
config = let inherit (inputs.config.nixos.system) networking; in inputs.lib.mkMerge
[
@@ -51,86 +47,79 @@ inputs:
"net.bridge.bridge-nf-call-arptables" = false;
};
}
# networkManager
(inputs.lib.mkIf networking.networkManager.enable
{
networking.networkmanager =
(inputs.localLib.mkConditional (networking == null)
{
enable = true;
settings.device.keep-configuration = "no";
};
environment.persistence."${inputs.config.nixos.system.impermanence.persistence}".directories =
[{ directory = "/etc/NetworkManager/system-connections"; mode = "0700"; }];
})
# networkd
(inputs.lib.mkIf (networking.networkd != null)
{
systemd.network =
networking.networkmanager =
{
enable = true;
settings.device.keep-configuration = "no";
};
environment.persistence."${inputs.config.nixos.system.impermanence.persistence}".directories =
[{ directory = "/etc/NetworkManager/system-connections"; mode = "0700"; }];
}
{
enable = true;
networks = builtins.listToAttrs
(
(builtins.map
(network:
{
name = "10-${network}";
value =
systemd.network =
{
enable = true;
networks = builtins.listToAttrs
(
(builtins.map
(network:
{
matchConfig.Name = network;
networkConfig = { DHCP = "yes"; IPv6AcceptRA = true; };
linkConfig.RequiredForOnline = "routable";
};
})
networking.networkd.dhcp)
++ (builtins.map
(network:
{
name = "10-${network.name}";
value =
name = "10-${network}";
value =
{
matchConfig.Name = network;
networkConfig = { DHCP = "yes"; IPv6AcceptRA = true; };
linkConfig.RequiredForOnline = "routable";
};
})
networking.dhcp)
++ (builtins.map
(network:
{
matchConfig.Name = network.name;
address = [ "${network.value.ip}/${builtins.toString network.value.mask}" ];
routes = inputs.lib.mkIf (network.value.gateway != null)
[{ Gateway = network.value.gateway; Destination = "0.0.0.0/0"; }];
linkConfig.RequiredForOnline = "routable";
dns = inputs.lib.mkIf (network.value.dns != null) [ network.value.dns ];
};
})
(inputs.localLib.attrsToList networking.networkd.static))
);
};
networking =
{
networkmanager.unmanaged = with networking.networkd; dhcp ++ (builtins.attrNames static);
useNetworkd = true;
};
# dnsable dns fallback, use provided dns servers or no dns
services.resolved.fallbackDns = [];
})
# wpa_supplicant
(inputs.lib.mkIf (networking.wireless != [])
{
networking.wireless =
{
enable = true;
networks = builtins.listToAttrs (builtins.map
(network:
name = "10-${network.name}";
value =
{
matchConfig.Name = network.name;
address = [ "${network.value.ip}/${builtins.toString network.value.mask}" ];
routes = inputs.lib.mkIf (network.value.gateway != null)
[{ Gateway = network.value.gateway; Destination = "0.0.0.0/0"; }];
linkConfig.RequiredForOnline = "routable";
dns = inputs.lib.mkIf (network.value.dns != null) [ network.value.dns ];
};
})
(inputs.localLib.attrsToList networking.static))
);
};
networking =
{
useNetworkd = true;
wireless = inputs.lib.mkIf (networking.wireless or [] != [])
{
name = network;
value.psk = "@${builtins.hashString "md5" network}_PSK@";
})
networking.wireless);
environmentFile = inputs.config.sops.templates."wireless.env".path;
};
sops =
{
templates."wireless.env".content = builtins.concatStringsSep "\n" (builtins.map
(network: "${builtins.hashString "md5" network}_PSK=${inputs.config.sops.placeholder."wireless/${network}"}")
networking.wireless);
secrets = builtins.listToAttrs (builtins.map
(network: { name = "wireless/${network}"; value = {}; })
networking.wireless);
};
enable = true;
networks = builtins.listToAttrs (builtins.map
(network:
{
name = network;
value.psk = "@${builtins.hashString "md5" network}_PSK@";
})
networking.wireless);
environmentFile = inputs.config.sops.templates."wireless.env".path;
};
};
# dnsable dns fallback, use provided dns servers or no dns
services.resolved.fallbackDns = [];
sops = inputs.lib.mkIf (networking.wireless or [] != [])
{
templates."wireless.env".content = builtins.concatStringsSep "\n" (builtins.map
(network:
"${builtins.hashString "md5" network}_PSK=${inputs.config.sops.placeholder."wireless/${network}"}")
networking.wireless);
secrets = builtins.listToAttrs (builtins.map
(network: { name = "wireless/${network}"; value = {}; })
networking.wireless);
};
})
];
}