add fw-new

2024-09-27 23:10:58 +02:00
parent 92099bd1e9
commit b7bfb0f62a
99 changed files with 14973 additions and 319 deletions
--- a/hosts/fw-new.cloonar.com/modules/networking.nix
+++ b/hosts/fw-new.cloonar.com/modules/networking.nix
@@ -0,0 +1,120 @@
+{ ... }: {
+  boot.kernel.sysctl = {
+    # if you use ipv4, this is all you need
+    "net.ipv4.conf.all.forwarding" = true;
+    # If you want to use it for ipv6
+    "net.ipv6.conf.all.forwarding" = false;
+  };
+
+  systemd.network = {
+    enable = true;
+    wait-online.anyInterface = true;
+    links = {
+      "10-wan" = {
+        matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c1";
+        linkConfig.Name = "wan";
+      };
+      "20-lan" = {
+        matchConfig.PermanentMACAddress = "a8:b8:e0:00:43:c2";
+        linkConfig.Name = "lan";
+      };
+    };
+    netdevs = {
+      "30-server".netdevConfig = {
+        Kind = "bridge";
+        Name = "server";
+      };
+    };
+    networks = {
+      "31-server" = {
+        matchConfig.Name = [ "vserver" ];
+        # Attach to the bridge that was configured above
+        networkConfig.Bridge = "server";
+      };
+    };
+  };
+
+  networking = {
+    useDHCP = false;
+    # Define VLANS
+    nameservers = [ "10.42.97.1" ];
+    # resolvconf.enable = false;
+    vlans = {
+      infrastructure = {
+         id = 101;
+         interface = "enp5s0";
+      };
+      vserver = {
+         id = 97;
+         interface = "enp5s0";
+      };
+      multimedia = {
+         id = 99;
+         interface = "enp5s0";
+      };
+      smart = {
+        id = 100;
+        interface = "enp5s0";
+      };
+      guest = {
+        id = 254;
+        interface = "enp5s0";
+      };
+    };
+    # macvlans.server = {
+    #   interface = "vserver";
+    #   mode = "bridge";
+    # };
+    # bridges = {
+    #   server = {
+    #     interfaces = [ "vserver" ];
+    #   };
+    # };
+
+    interfaces = {
+      # Don't request DHCP on the physical interfaces
+      lan.useDHCP = false;
+      enp4s0.useDHCP = false;
+      enp5s0.useDHCP = false;
+      
+      # Handle the VLANs
+      wan.useDHCP = true;
+      lan = {
+        ipv4.addresses = [{
+          address = "10.42.96.1";
+          prefixLength = 24;
+        }];
+      };
+      server = {
+        ipv4.addresses = [{
+          address = "10.42.97.1";
+          prefixLength = 24;
+        }];
+      };
+      infrastructure = {
+        ipv4.addresses = [{
+          address = "10.42.101.1";
+          prefixLength = 24;
+        }];
+      };
+      multimedia = {
+        ipv4.addresses = [{
+          address = "10.42.99.1";
+          prefixLength = 24;
+        }];
+      };
+      smart = {
+        ipv4.addresses = [{
+          address = "10.42.100.1";
+          prefixLength = 24;
+        }];
+      };
+      guest = {
+        ipv4.addresses = [{
+          address = "10.42.254.1";
+          prefixLength = 24;
+        }];
+      };
+    };
+  };
+}