diff --git a/nixos/flake.lock b/nixos/flake.lock index d57f6a0..dfb03a3 100644 --- a/nixos/flake.lock +++ b/nixos/flake.lock @@ -327,11 +327,11 @@ "locked": { "lastModified": 1, "narHash": "sha256-rADqSJu492bURPi5fmvPyeG1B5bV3k2hfGR+VfHn1Ig=", - "path": "/nix/store/yij96zw3v76xkxzaa1zrp6nw69ih0axh-source/nixos/programs/shadps4", + "path": "/nix/store/d3cg1qhfmhwqd8jyba3x1h2n8siw5gvr-source/nixos/programs/shadps4", "type": "path" }, "original": { - "path": "/nix/store/yij96zw3v76xkxzaa1zrp6nw69ih0axh-source/nixos/programs/shadps4", + "path": "/nix/store/d3cg1qhfmhwqd8jyba3x1h2n8siw5gvr-source/nixos/programs/shadps4", "type": "path" } }, diff --git a/nixos/hosts/nixos/configuration.nix b/nixos/hosts/nixos/configuration.nix index 3b7e3e1..e7280fa 100644 --- a/nixos/hosts/nixos/configuration.nix +++ b/nixos/hosts/nixos/configuration.nix @@ -33,7 +33,7 @@ # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Enable networking - networking.networkmanager.enable = true; + # networking.networkmanager.enable = true; i18n = { diff --git a/nixos/hosts/nixos/hardware-configuration.nix b/nixos/hosts/nixos/hardware-configuration.nix index 7a05a03..1eb57b7 100644 --- a/nixos/hosts/nixos/hardware-configuration.nix +++ b/nixos/hosts/nixos/hardware-configuration.nix @@ -184,11 +184,43 @@ # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; + # networking.useDHCP = lib.mkDefault true; # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true; + systemd.network.enable = true; + + networking.nameservers = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; + + systemd.network.networks."10-wan" = { + # match the interface by name + matchConfig.Name = "enp4s0"; + address = [ + # configure addresses including subnet mask + "192.168.20.2/24" + ]; + routes = [ + { Gateway = "192.168.20.1"; } + ]; + # make the routes on this interface a dependency for network-online.target + linkConfig.RequiredForOnline = "routable"; + }; + + systemd.network.networks."20-work-line" = { + # match the interface by name + matchConfig.Name = "enp6s0"; + networkConfig = { + # start a DHCP Client for IPv4 Addressing/Routing + DHCP = "ipv4"; + }; + # make routing on this interface a dependency for network-online.target + linkConfig.RequiredForOnline = "routable"; + }; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware = { diff --git a/nixos/hosts/nixos/services.nix b/nixos/hosts/nixos/services.nix index cae8f13..cd01a2f 100644 --- a/nixos/hosts/nixos/services.nix +++ b/nixos/hosts/nixos/services.nix @@ -56,10 +56,23 @@ tailscale.enable = true; - tailscale.extraSetFlags = [ - "--advertise-exit-node" - "--exit-node-allow-lan-access" - ]; + # tailscale.extraSetFlags = [ + # "--advertise-exit-node" + # "--exit-node-allow-lan-access" + # ]; + + resolved = { + enable = true; + dnssec = "true"; + domains = [ "~." ]; + fallbackDns = [ + "1.1.1.1#one.one.one.one" + "1.0.0.1#one.one.one.one" + ]; + dnsovertls = "true"; + }; + + # blocky = { # enable = true;