system/modules/network.nix

{ pkgs, ... }:
{
  networking = {
    hostName = "launchpad";
    useDHCP = false;
    enableIPv6 = false;
    extraHosts = ''
    192.168.12.20   router.local
    192.168.12.21   switch.local
    192.168.12.25   dhcpd.local

    192.168.12.30   canon.local

    192.168.12.40   launchpad.local
    192.168.12.41   xeon.local

    192.168.12.50   wayne-s-pixel-5

    192.168.12.60   toons.local
    192.168.12.61   tv.local

    192.168.12.80   robo.local
    192.168.12.81   nas.local
    192.168.12.83   homeassistant.local

    # containers
    192.168.12.71   nextcloud
    192.168.12.72   livebook
    192.168.12.73   grocy
    192.168.12.74   openoffice

    45.58.52.52     www
    172.245.111.249 est
    216.189.156.74  mail
    '';
    interfaces = {
      # enp4s0.ipv4.addresses = [ {
      #   address = "192.168.12.40";
      #   prefixLength = 24;
      # } ];
      br0 = {
        useDHCP = false;
        ipv4 = {
          addresses = [
            {
              address = "192.168.12.40";
              prefixLength = 24;
            }
          ];
        };
      };
    };
    defaultGateway = "192.168.12.20";
    nameservers = [ "192.168.12.25" ];
    firewall = {
      enable = true;
      # { from = 5000; to = 6000; }
      allowedTCPPorts = [ 80 443 ];
      allowedTCPPortRanges = [ { from = 35000; to = 36000; }  { from = 8000; to = 9000; } ];
      extraCommands = ''
      iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns
      '';
    };
    bridges = {
      br0 = {
        interfaces = [ "enp4s0" ];
      };
    };
    # Required to access containers
    nat = {
      enable = true;
      internalInterfaces = [ "eth0" "enp4s0" "ve-+" "vb-+" ];
      externalInterface = "br0";
      enableIPv6 = false;
    };
    # Dissable to prevent from managing containers
    networkmanager = {
      enable = true;
      unmanaged = [ "eth0" "interface-name:ve-*" "interface-name:vb-*" ];
    };

    # wireless.enable = true;  # Enables wireless support via wpa_supplicant.

    # Configure network proxy if necessary
    # proxy.default = "http://user:password@proxy:port/";
    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";
  };
}
First build 2024-10-14 18:35:04 -04:00			`{ pkgs, ... }:`
Initial Commit 2024-10-14 17:28:31 -04:00			`{`
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`networking = {`
			`hostName = "launchpad";`
			`useDHCP = false;`
			`enableIPv6 = false;`
			`extraHosts = ''`
			`192.168.12.20 router.local`
			`192.168.12.21 switch.local`
			`192.168.12.25 dhcpd.local`

			`192.168.12.30 canon.local`

			`192.168.12.40 launchpad.local`
			`192.168.12.41 xeon.local`

			`192.168.12.50 wayne-s-pixel-5`

			`192.168.12.60 toons.local`
			`192.168.12.61 tv.local`
First build 2024-10-14 18:35:04 -04:00
Containers and Refinements Oh my 2024-11-01 12:04:24 -04:00			`192.168.12.80 robo.local`
			`192.168.12.81 nas.local`
			`192.168.12.83 homeassistant.local`

			`# containers`
			`192.168.12.71 nextcloud`
			`192.168.12.72 livebook`
			`192.168.12.73 grocy`
			`192.168.12.74 openoffice`

			`45.58.52.52 www`
			`172.245.111.249 est`
			`216.189.156.74 mail`
			`'';`
			`interfaces = {`
			`# enp4s0.ipv4.addresses = [ {`
			`# address = "192.168.12.40";`
			`# prefixLength = 24;`
			`# } ];`
			`br0 = {`
			`useDHCP = false;`
			`ipv4 = {`
			`addresses = [`
			`{`
			`address = "192.168.12.40";`
			`prefixLength = 24;`
			`}`
			`];`
			`};`
			`};`
			`};`
			`defaultGateway = "192.168.12.20";`
			`nameservers = [ "192.168.12.25" ];`
			`firewall = {`
			`enable = true;`
			`# { from = 5000; to = 6000; }`
			`allowedTCPPorts = [ 80 443 ];`
			`allowedTCPPortRanges = [ { from = 35000; to = 36000; } { from = 8000; to = 9000; } ];`
			`extraCommands = ''`
			`iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns`
			`'';`
			`};`
			`bridges = {`
			`br0 = {`
			`interfaces = [ "enp4s0" ];`
			`};`
			`};`
			`# Required to access containers`
			`nat = {`
			`enable = true;`
			`internalInterfaces = [ "eth0" "enp4s0" "ve-+" "vb-+" ];`
			`externalInterface = "br0";`
			`enableIPv6 = false;`
			`};`
			`# Dissable to prevent from managing containers`
			`networkmanager = {`
			`enable = true;`
			`unmanaged = [ "eth0" "interface-name:ve-" "interface-name:vb-" ];`
			`};`

			`# wireless.enable = true; # Enables wireless support via wpa_supplicant.`

			`# Configure network proxy if necessary`
			`# proxy.default = "http://user:password@proxy:port/";`
			`# proxy.noProxy = "127.0.0.1,localhost,internal.domain";`
			`};`
Initial Commit 2024-10-14 17:28:31 -04:00			`}`