{ pkgs, ... }: { networking = { hostName = "launchpad"; useDHCP = false; enableIPv6 = false; extraHosts = '' 192.168.12.20 router.local 192.168.12.21 switch.local 192.168.12.25 dhcpd.local 192.168.12.30 canon.local 192.168.12.40 launchpad.local 192.168.12.41 xeon.local 192.168.12.50 wayne-s-pixel-5 192.168.12.60 toons.local 192.168.12.61 tv.local 192.168.12.80 robo.local 192.168.12.81 nas.local 192.168.12.83 homeassistant.local # containers 192.168.12.71 nextcloud 192.168.12.72 livebook 192.168.12.73 grocy 192.168.12.74 openoffice 45.58.52.52 www 172.245.111.249 est 216.189.156.74 mail ''; interfaces = { # enp4s0.ipv4.addresses = [ { # address = "192.168.12.40"; # prefixLength = 24; # } ]; br0 = { useDHCP = false; ipv4 = { addresses = [ { address = "192.168.12.40"; prefixLength = 24; } ]; }; }; }; defaultGateway = "192.168.12.20"; nameservers = [ "192.168.12.25" ]; firewall = { enable = true; # { from = 5000; to = 6000; } allowedTCPPorts = [ 80 443 ]; allowedTCPPortRanges = [ { from = 35000; to = 36000; } { from = 8000; to = 9000; } ]; extraCommands = '' iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns ''; }; bridges = { br0 = { interfaces = [ "enp4s0" ]; }; }; # Required to access containers nat = { enable = true; internalInterfaces = [ "eth0" "enp4s0" "ve-+" "vb-+" ]; externalInterface = "br0"; enableIPv6 = false; }; # Dissable to prevent from managing containers networkmanager = { enable = true; unmanaged = [ "eth0" "interface-name:ve-*" "interface-name:vb-*" ]; }; # wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary # proxy.default = "http://user:password@proxy:port/"; # proxy.noProxy = "127.0.0.1,localhost,internal.domain"; }; }