modules/nixos/networking/default.nix at main

isabelroses.com / dotfiles

fork atom

my over complex system configurations dotfiles.isabelroses.com/

nixos nix flake dotfiles linux

fork atom

dotfiles / modules / nixos / networking / default.nix

at main 54 lines 1.4 kB view raw

wrap content

isabelroses.com nixos/networking/tcpcrypt: remove 3w ago

92b3e121

 1{
 2  lib,
 3  config,
 4  ...
 5}:
 6let
 7  inherit (lib) mkIf mkDefault mkForce;
 8in
 9{
10  imports = [
11    # keep-sorted start
12    ./blocker.nix
13    ./fail2ban.nix
14    ./firewall.nix
15    ./networkmanager.nix
16    ./openssh.nix
17    ./optimise.nix
18    ./systemd.nix
19    ./tailscale.nix
20    ./vpn.nix
21    ./wireless.nix
22    # keep-sorted end
23  ];
24
25  networking = {
26    # generate a host ID by hashing the hostname
27    hostId = builtins.substring 0 8 (builtins.hashString "md5" config.networking.hostName);
28
29    # this is setup to use the hostname the system builder provides, this is left here
30    # as a note for readers to know this is how it works, and why hostName is never set
31    # hostName = "nixos";
32
33    # global dhcp has been deprecated upstream, so we use networkd instead
34    # however individual interfaces are still managed through dhcp in hardware configurations
35    useDHCP = mkForce false;
36    useNetworkd = mkForce true;
37
38    # interfaces are assigned names that contain topology information (e.g. wlp3s0) and thus should be consistent across reboots
39    # this already defaults to true, we set it in case it changes upstream
40    usePredictableInterfaceNames = mkDefault true;
41
42    # dns
43    nameservers = mkIf (!(config ? wsl)) [
44      "1.1.1.1"
45      "1.0.0.1"
46      "9.9.9.9"
47      "2606:4700:4700::1111"
48      "2606:4700:4700::1001"
49      "2620:fe::fe"
50    ];
51
52    enableIPv6 = true;
53  };
54}