rico1: use common network config

2024-07-07 00:24:14 +05:30 · 2024-07-07 00:24:14 +05:30 · 97dcd239a5
commit 97dcd239a5
parent 4fbb2b229f
2 changed files with 24 additions and 65 deletions
--- a/hosts/rico1/network.nix
+++ b/hosts/rico1/network.nix
@ -1,45 +1,31 @@
-{ lib, ... }: {
-  imports = [ ./wireguard.nix ];
-  networking = {
-    nameservers = [
-      "2620:fe::fe#dns.quad9.net"
-      "9.9.9.9#dns.quad9.net"
-      "2620:fe::9#dns.quad9.net"
-      "149.112.112.112#dns.quad9.net"
-    ];
-    useDHCP = lib.mkDefault false;
-    useNetworkd = true;
-  };
+{ config, ... }: {
+  imports = [
+    ../shared/network.nix
+    ../shared/networkd.nix
+    ../shared/wireguard.nix
+  ];

-  systemd.network = {
-    enable = true;
-    networks = {
-      "41-ether" = {
-        enable = true;
-        matchConfig = {
-          Type = "ether";
-        };
-        networkConfig = {
-          DHCP = "yes";
-        };
-        dhcpV4Config = {
-          UseDomains = true;
-        };
-        ipv6AcceptRAConfig = {
-          UseDomains = true;
-        };
-        linkConfig = {
-          RequiredForOnline = "yes";
-        };
-      };
+  sops.secrets = {
+    "wireguard/rico1/pk" = {
+      mode = "400";
+      owner = config.users.users.root.name;
+      group = config.users.users.root.group;
+    };
+    "wireguard/rico1/psk" = {
+      mode = "400";
+      owner = config.users.users.root.name;
+      group = config.users.users.root.group;
    };
  };

-  services.resolved = {
+  nodeconfig.wireguard = {
    enable = true;
-    dnssec = "true";
-    dnsovertls = "true";
-    domains = [ "~." ];
-    fallbackDns = [ ];
+    listen-port = 51831;
+    pk-file = config.sops.secrets."wireguard/rico1/pk".path;
+    psk-file = config.sops.secrets."wireguard/rico1/psk".path;
+    node-ips = [
+      "10.10.10.11/24"
+      "fd7c:585c:c4ae::11/64"
+    ];
  };
 }
--- a/hosts/rico1/wireguard.nix
+++ b/hosts/rico1/wireguard.nix
@ -1,27 +0,0 @@
-{ config, ... }: {
-  imports = [ ../shared/wireguard.nix ];
-
-  sops.secrets = {
-    "wireguard/rico1/pk" = {
-      mode = "400";
-      owner = config.users.users.root.name;
-      group = config.users.users.root.group;
-    };
-    "wireguard/rico1/psk" = {
-      mode = "400";
-      owner = config.users.users.root.name;
-      group = config.users.users.root.group;
-    };
-  };
-
-  nodeconfig.wireguard = {
-    enable = true;
-    listen-port = 51831;
-    pk-file = config.sops.secrets."wireguard/rico1/pk".path;
-    psk-file = config.sops.secrets."wireguard/rico1/psk".path;
-    node-ips = [
-      "10.10.10.11/24"
-      "fd7c:585c:c4ae::11/64"
-    ];
-  };
-}