diff --git a/nix/deuxfleurs.nix b/nix/deuxfleurs.nix index b910a79..82111ed 100644 --- a/nix/deuxfleurs.nix +++ b/nix/deuxfleurs.nix @@ -133,36 +133,38 @@ in }) cfg.admin_accounts; # Configure network interfaces - networking.interfaces = - let ip4config = { - useDHCP = false; - ipv4.addresses = [ - { - address = cfg.lan_ip; - prefixLength = cfg.lan_ip_prefix_length; - } - ]; + networking.useDHCP = false; + networking.useNetworkd = true; + systemd.network.networks = { + "10-uplink" = { + matchConfig = { + # We could preprend "en* eth*" to match all ethernet interfaces + Name = "${cfg.network_interface}"; }; - ip6config = { - tempAddress = "disabled"; - ipv6.addresses = [ + networkConfig = { + IPv6AcceptRA = false; + LinkLocalAddressing = "no"; + }; + address = [ + "${cfg.lan_ip}/${toString cfg.lan_ip_prefix_length}" + "${cfg.ipv6}/${toString cfg.ipv6_prefix_length}" + ]; + routes = [ { - address = cfg.ipv6; - prefixLength = cfg.ipv6_prefix_length; + routeConfig = { + Gateway = cfg.lan_default_gateway; + # GatewayOnLink - Takes a boolean. If set to true, the kernel does not have to check if the gateway is reachable directly by the current machine (i.e., attached to the local network), so that we can insert the route in the kernel table without it being complained about. Defaults to "no". + GatewayOnLink = true; + }; + } + { + routeConfig = { + Gateway = cfg.ipv6_default_gateway; + GatewayOnLink = true; + }; } ]; }; - in - (attrsets.setAttrByPath [ cfg.network_interface ] (ip4config // ip6config)); - - networking.defaultGateway = { - address = cfg.lan_default_gateway; - interface = cfg.network_interface; - }; - - networking.defaultGateway6 = { - address = cfg.ipv6_default_gateway; - interface = cfg.network_interface; }; # Configure Unbound DNS to redirect to Consul queries under .consul