feat(hosts/potksed): add temporary host for my desktop

2023-09-04 16:19:55 +02:00 · 2023-09-04 16:19:55 +02:00 · cc3463b8f7
commit cc3463b8f7
parent 9a1a7be247
7 changed files with 144 additions and 0 deletions
--- a/hosts/potksed/net.nix
+++ b/hosts/potksed/net.nix
@ -0,0 +1,44 @@
+{
+  config,
+  lib,
+  ...
+}: {
+  networking = {
+    inherit (config.repo.secrets.local.networking) hostId;
+    wireless.iwd.enable = true;
+  };
+
+  boot.initrd.systemd.network = {
+    enable = true;
+    networks = {inherit (config.systemd.network.networks) "10-lan1";};
+  };
+
+  systemd.network.networks = {
+    "10-lan1" = {
+      DHCP = "yes";
+      matchConfig.MACAddress = config.repo.secrets.local.networking.interfaces.lan1.mac;
+      networkConfig = {
+        IPv6PrivacyExtensions = "yes";
+        MulticastDNS = true;
+      };
+      dhcpV4Config.RouteMetric = 10;
+      dhcpV6Config.RouteMetric = 10;
+    };
+    "10-wlan1" = {
+      DHCP = "yes";
+      matchConfig.MACAddress = config.repo.secrets.local.networking.interfaces.wlan1.mac;
+      networkConfig = {
+        IPv6PrivacyExtensions = "yes";
+        MulticastDNS = true;
+      };
+      dhcpV4Config.RouteMetric = 40;
+      dhcpV6Config.RouteMetric = 40;
+    };
+  };
+
+  networking.nftables.firewall = {
+    zones = lib.mkForce {
+      untrusted.interfaces = ["lan1" "wlan1"];
+    };
+  };
+}