system/modules/network.nix

{ pkgs, ... }:
{
  networking = {
    hostName = "launchpad";
    useDHCP = false;
    enableIPv6 = false;
    extraHosts = ''
    192.168.76.20   router.local

    192.168.1.1     gw.local
    192.168.1.25    dns1.local

    192.168.1.30    canon.local

    192.168.1.40    launchpad.local
    192.168.1.41    xeon.local
    192.168.1.41    legacy-node.local
    192.168.1.42    rover.local

    192.168.76.50   wayne-s-pixel-5
    192.168.76.55   fire-tablet

    192.168.1.60    toons.local
    192.168.1.61    tv.local

    192.168.76.80   robo.local
    192.168.1.81    nas.local
    192.168.1.83    homeassistant.local
    192.168.12.84   tests.local

    # containers .01 - .99 /27 255.255.255.128
    192.168.1.71   nextcloud.local
    192.168.1.72   livebook.local
    192.168.1.73   grocy.local
    192.168.1.74   openoffice.local
    192.168.1.75   laravel.local
    192.168.1.76   nginx.local
    192.168.1.77   glance.local
    192.168.1.78   vite.local
    192.168.1.79   node.local
    192.168.1.90   dmp.local
    192.168.1.91   docs.local

    # Networking .200 - .254 /27 255.255.255.192
    10.0.0.201      switch.local

    # WAN
    45.58.52.52     www
    172.245.111.249 est
    216.189.156.74  mail
    '';
    interfaces = {
      # enp4s0.ipv4.addresses = [ {
      #   address = "192.168.12.40";
      #   prefixLength = 24;
      # } ];
      br0 = {
        useDHCP = false;
        ipv4 = {
          addresses = [
            {
              address = "192.168.1.40";
              prefixLength = 24;
            }
          ];
        };
      };
    };
    defaultGateway = "192.168.1.1";
    nameservers = [ "10.0.0.25" ];
    firewall = {
      enable = true;
      # { from = 5000; to = 6000; }
      allowedTCPPorts = [ 80 443 11434 27017 ];
      allowedUDPPorts = [ 137 138 ]; # Samba
      allowedTCPPortRanges = [ { from = 137; to = 139; } { from = 35000; to = 36000; }  { from = 8000; to = 9000; } ];
      extraCommands = ''
        iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns
      '';
      trustedInterfaces = [ "br0" "tailscale0" "docker0" ];
      checkReversePath = "loose"; # Added for Tailscale
    };
    bridges = {
      br0 = {
        interfaces = [ "enp4s0" ];
      };
    };
    # Required to access containers
    nat = {
      enable = true;
      internalInterfaces = [ "enp4s0" "ve-+" "vb-+" "veth+" ];
      externalInterface = "br0";
      enableIPv6 = false;
    };
    # Dissable to prevent from managing containers
    networkmanager = {
      enable = true;
      unmanaged = [ "enp4s0" "interface-name:ve-*" "interface-name:vb-*" ];
    };

    # wireless.enable = true;  # Enables wireless support via wpa_supplicant.

    # Configure network proxy if necessary
    # proxy.default = "http://user:password@proxy:port/";
    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
  };
}
First build 2024-10-14 18:35:04 -04:00			`{ pkgs, ... }:`
Initial Commit 2024-10-14 17:28:31 -04:00			`{`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`networking = {`
			`hostName = "launchpad";`
			`useDHCP = false;`
			`enableIPv6 = false;`
			`extraHosts = ''`
25.05 2025-06-16 14:00:25 -04:00			`192.168.76.20 router.local`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00
25.05 2025-06-16 14:00:25 -04:00			`192.168.1.1 gw.local`
			`192.168.1.25 dns1.local`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00
25.05 2025-06-16 14:00:25 -04:00			`192.168.1.30 canon.local`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00
25.05 2025-06-16 14:00:25 -04:00			`192.168.1.40 launchpad.local`
			`192.168.1.41 xeon.local`
			`192.168.1.41 legacy-node.local`
			`192.168.1.42 rover.local`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00
25.05 2025-06-16 14:00:25 -04:00			`192.168.76.50 wayne-s-pixel-5`
			`192.168.76.55 fire-tablet`
First build 2024-10-14 18:35:04 -04:00
25.05 2025-06-16 14:00:25 -04:00			`192.168.1.60 toons.local`
			`192.168.1.61 tv.local`

			`192.168.76.80 robo.local`
			`192.168.1.81 nas.local`
			`192.168.1.83 homeassistant.local`
Resolved kwallet and dolphin SMB issues 2025-03-13 17:41:05 -04:00			`192.168.12.84 tests.local`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00
25.05 2025-06-16 14:00:25 -04:00			`# containers .01 - .99 /27 255.255.255.128`
			`192.168.1.71 nextcloud.local`
			`192.168.1.72 livebook.local`
			`192.168.1.73 grocy.local`
			`192.168.1.74 openoffice.local`
			`192.168.1.75 laravel.local`
			`192.168.1.76 nginx.local`
			`192.168.1.77 glance.local`
			`192.168.1.78 vite.local`
			`192.168.1.79 node.local`
			`192.168.1.90 dmp.local`
			`192.168.1.91 docs.local`

			`# Networking .200 - .254 /27 255.255.255.192`
			`10.0.0.201 switch.local`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00
25.05 2025-06-16 14:00:25 -04:00			`# WAN`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`45.58.52.52 www`
			`172.245.111.249 est`
			`216.189.156.74 mail`
			`'';`
			`interfaces = {`
			`# enp4s0.ipv4.addresses = [ {`
			`# address = "192.168.12.40";`
			`# prefixLength = 24;`
			`# } ];`
			`br0 = {`
			`useDHCP = false;`
			`ipv4 = {`
			`addresses = [`
			`{`
25.05 2025-06-16 14:00:25 -04:00			`address = "192.168.1.40";`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`prefixLength = 24;`
			`}`
			`];`
			`};`
			`};`
			`};`
25.05 2025-06-16 14:00:25 -04:00			`defaultGateway = "192.168.1.1";`
			`nameservers = [ "10.0.0.25" ];`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`firewall = {`
			`enable = true;`
			`# { from = 5000; to = 6000; }`
Resolved kwallet and dolphin SMB issues 2025-03-13 17:41:05 -04:00			`allowedTCPPorts = [ 80 443 11434 27017 ];`
			`allowedUDPPorts = [ 137 138 ]; # Samba`
			`allowedTCPPortRanges = [ { from = 137; to = 139; } { from = 35000; to = 36000; } { from = 8000; to = 9000; } ];`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`extraCommands = ''`
Resolved kwallet and dolphin SMB issues 2025-03-13 17:41:05 -04:00			`iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`'';`
Resolved kwallet and dolphin SMB issues 2025-03-13 17:41:05 -04:00			`trustedInterfaces = [ "br0" "tailscale0" "docker0" ];`
Tailscale added. 2024-12-01 14:11:41 -05:00			`checkReversePath = "loose"; # Added for Tailscale`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`};`
			`bridges = {`
			`br0 = {`
			`interfaces = [ "enp4s0" ];`
			`};`
			`};`
			`# Required to access containers`
			`nat = {`
			`enable = true;`
Resolved kwallet and dolphin SMB issues 2025-03-13 17:41:05 -04:00			`internalInterfaces = [ "enp4s0" "ve-+" "vb-+" "veth+" ];`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`externalInterface = "br0";`
			`enableIPv6 = false;`
			`};`
			`# Dissable to prevent from managing containers`
			`networkmanager = {`
			`enable = true;`
Misnux added. 2024-11-29 18:31:17 -05:00			`unmanaged = [ "enp4s0" "interface-name:ve-" "interface-name:vb-" ];`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`};`

			`# wireless.enable = true; # Enables wireless support via wpa_supplicant.`

			`# Configure network proxy if necessary`
			`# proxy.default = "http://user:password@proxy:port/";`
			`# proxy.noProxy = "127.0.0.1,localhost,internal.domain";`
			`};`
Initial Commit 2024-10-14 17:28:31 -04:00			`}`