refactor: complete rewrite

2024-10-23 23:46:25 +13:00 · 2024-10-23 23:46:25 +13:00 · 8e81943cf9
commit 8e81943cf9
parent 19a4bbda3c
399 changed files with 3396 additions and 8042 deletions
--- a/modules/nixos/base/networking.nix
+++ b/modules/nixos/base/networking.nix
@ -0,0 +1,45 @@
+{lib, ...}: let
+  inherit (lib) mkForce mkDefault;
+in {
+  imports = [
+    ./openssh.nix
+    ./tailscale.nix
+  ];
+
+  networking = {
+    enableIPv6 = true;
+    # disable global dhcp
+    useDHCP = mkForce false;
+    usePredictableInterfaceNames = mkDefault true;
+    nameservers = [
+      #quad9 IPv6
+      "2620:fe::fe"
+      "2620:fe::9"
+
+      #quad9 IPv4
+      "9.9.9.9"
+      "149.112.112.112"
+    ];
+    networkmanager = {
+      enable = true;
+      dns = "systemd-resolved";
+      wifi = {
+        macAddress = "random";
+        scanRandMacAddress = true;
+        powersave = true;
+      };
+      unmanaged = ["interface-name:tailscale*"];
+    };
+  };
+  services = {
+    resolved = {
+      enable = true;
+
+      domains = ["~."];
+      fallbackDns = ["9.9.9.9"]; #quad9
+
+      #dnsovertls = "true";
+    };
+  };
+  systemd.services.NetworkManager-wait-online.enable = false;
+}