ovyerus.com / dotfiles
Nix configurations for my personal machines (Linux & macOS)
fork atom
dotfiles / modules / networking.nix
at f7d40de2ef0df02e65cff5e7bac8da2365ffe734 1.1 kB view raw
1{ 2 delib, 3 host, 4 ... 5}: 6delib.module { 7 name = "networking"; 8 9 options.networking = with delib; { 10 nameservers = listOfOption str ["1.1.1.1" "1.0.0.1"]; 11 hosts = attrsOfOption (listOf str) {}; 12 }; 13 14 nixos.always = { 15 myconfig, 16 cfg, 17 ... 18 }: let 19 inherit (myconfig.constants) username; 20 in { 21 networking = { 22 hostName = host.name; 23 24 firewall.enable = true; 25 networkmanager.enable = true; 26 27 # dhcpcd.extraConfig = "nohook resolv.conf"; 28 # networkmanager.dns = "none"; 29 30 inherit (cfg) hosts nameservers; 31 }; 32 33 # TODO: necessary? 34 services.resolved = { 35 enable = true; 36 # dnssec = "true"; 37 domains = ["~."]; 38 fallbackDns = cfg.nameservers; 39 # dnsovertls = "trues"; 40 }; 41 42 services.tailscale = { 43 enable = true; 44 openFirewall = true; 45 useRoutingFeatures = "client"; 46 }; 47 48 # services.mullvad-vpn.enable = true; 49 # services.mullvad-vpn.package = pkgs.mullvad-vpn; 50 51 users.users.${username}.extraGroups = ["networkmanager"]; 52 }; 53}