infrastructure/hosts/phoenix.lewd.wtf/networking.nix

{ config, ... }:
{
  networking.useDHCP = false;
  networking.bridges = {
    "br0" = {
      interfaces = [
        "eno2"
        "enp23s0"
      ];
    };
  };

  networking.interfaces.br0.ipv4.addresses = [
    {
      address = "192.168.0.42";
      prefixLength = 22;
    }
  ];

  networking.defaultGateway = "192.168.0.1";
  networking.nameservers =  [ "192.168.0.1" ];

  networking.nat = {
    enable = true;
    internalInterfaces = ["ve-+"];
    externalInterface = "wg0";
    enableIPv6 = true;
  };

  boot.extraModulePackages = [config.boot.kernelPackages.wireguard];
  systemd.network = {
    enable = true;
    netdevs = {
      "10-wg0" = {
        netdevConfig = {
          Kind = "wireguard";
          Name = "wg0";
          MTUBytes = "1300";
        };
        wireguardConfig = {
          PrivateKeyFile = "/run/secrets/services/wireguard/airvpn.private";
          ListenPort = 9918;
        };
        wireguardPeers = [
          {
            wireguardPeerConfig = {
              PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";
              PresharedKeyFile = "/run/secrets/services/wireguard/airvpn.psk";
              AllowedIPs = ["10.128.0.1/32"];
              Endpoint = "134.19.179.213:1637";
            };
          }
        ];
      };
    };
    networks.wg0 = {
      matchConfig.Name = "wg0";
      address = [ "10.175.197.82/32" ];
      DHCP = "no";
      dns = [ "10.128.0.1" ];
      gateway = [ "10.128.0.1" ];
      networkConfig = {
        IPv6AcceptRA = false;
      };
    };
  };
}
Allow all IPs for wireguard interface without routing them 2024-02-04 19:12:00 +00:00			`{ config, ... }:`
Add basic config for Phoenix 2024-02-04 00:11:26 +00:00			`{`
			`networking.useDHCP = false;`
			`networking.bridges = {`
			`"br0" = {`
			`interfaces = [`
			`"eno2"`
			`"enp23s0"`
			`];`
			`};`
			`};`

			`networking.interfaces.br0.ipv4.addresses = [`
			`{`
			`address = "192.168.0.42";`
			`prefixLength = 22;`
			`}`
			`];`

			`networking.defaultGateway = "192.168.0.1";`
			`networking.nameservers = [ "192.168.0.1" ];`
Configure Wireguard for Phoenix 2024-02-04 18:34:52 +00:00
			`networking.nat = {`
			`enable = true;`
			`internalInterfaces = ["ve-+"];`
			`externalInterface = "wg0";`
			`enableIPv6 = true;`
			`};`

Allow all IPs for wireguard interface without routing them 2024-02-04 19:12:00 +00:00			`boot.extraModulePackages = [config.boot.kernelPackages.wireguard];`
			`systemd.network = {`
			`enable = true;`
			`netdevs = {`
			`"10-wg0" = {`
			`netdevConfig = {`
			`Kind = "wireguard";`
			`Name = "wg0";`
			`MTUBytes = "1300";`
			`};`
			`wireguardConfig = {`
			`PrivateKeyFile = "/run/secrets/services/wireguard/airvpn.private";`
			`ListenPort = 9918;`
			`};`
			`wireguardPeers = [`
			`{`
			`wireguardPeerConfig = {`
			`PublicKey = "PyLCXAQT8KkM4T+dUsOQfn+Ub3pGxfGlxkIApuig+hk=";`
			`PresharedKeyFile = "/run/secrets/services/wireguard/airvpn.psk";`
			`AllowedIPs = ["10.128.0.1/32"];`
			`Endpoint = "134.19.179.213:1637";`
			`};`
			`}`
			`];`
			`};`
			`};`
			`networks.wg0 = {`
			`matchConfig.Name = "wg0";`
			`address = [ "10.175.197.82/32" ];`
			`DHCP = "no";`
			`dns = [ "10.128.0.1" ];`
			`gateway = [ "10.128.0.1" ];`
			`networkConfig = {`
			`IPv6AcceptRA = false;`
			`};`
Configure Wireguard for Phoenix 2024-02-04 18:34:52 +00:00			`};`
			`};`
Add basic config for Phoenix 2024-02-04 00:11:26 +00:00			`}`