63 lines
1.5 KiB
Nix
63 lines
1.5 KiB
Nix
{
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
renameLink = macAddr: newName: {
|
|
matchConfig = {
|
|
MACAddress = macAddr;
|
|
Type = "ether";
|
|
};
|
|
linkConfig = {
|
|
Name = newName;
|
|
};
|
|
};
|
|
in
|
|
{
|
|
imports = [ ];
|
|
|
|
# configure static IP address
|
|
networking.useDHCP = false;
|
|
systemd.network = {
|
|
enable = true;
|
|
links = {
|
|
"10-ethMgmt" = renameLink "BC:24:11:61:E3:D9" "ethMgmt";
|
|
"10-ethPubUser" = renameLink "BC:24:11:AD:52:B1" "ethPubUsr";
|
|
};
|
|
networks = {
|
|
"10-mgmtNet" = {
|
|
matchConfig.Name = "ethMgmt";
|
|
address = [ "10.20.25.5/24" ];
|
|
gateway = [ "10.20.25.2" ];
|
|
};
|
|
"10-pubUsr" = {
|
|
matchConfig.Name = "ethPubUsr";
|
|
address = [ "10.0.0.2/24" ];
|
|
gateway = [ "10.0.0.1" ];
|
|
};
|
|
};
|
|
};
|
|
|
|
# configure remaining network to work
|
|
services.resolved.enable = false;
|
|
networking.firewall = {
|
|
allowedTCPPorts = [ 53 ];
|
|
allowedUDPPorts = [ 53 ];
|
|
};
|
|
|
|
# enable knot resolv server
|
|
# ref: https://search.nüschtos.de/?query=services.kresd
|
|
# https://www.knot-resolver.cz/documentation/stable/
|
|
services.kresd = {
|
|
enable = true;
|
|
instances = 4;
|
|
listenPlain = [ "53" ];
|
|
extraConfig = builtins.readFile ./kresd-config.lua;
|
|
};
|
|
|
|
# DO NOT CHANGE
|
|
# this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
|
|
home-manager.users.noc.home.stateVersion = "24.11";
|
|
system.stateVersion = "24.11";
|
|
}
|