Personal Nix setup
Add static IPv6 setup
+45
-21
+2
machines/ramune/configuration.nix
+2
machines/ramune/configuration.nix
···
25
25
name = "extern0";
26
26
macAddress = "ec:75:0c:2e:93:b0";
27
27
adoptMacAddress = "64:20:9f:16:70:a6";
28
+
address = "2a11:2646:11e9::1/48";
28
29
};
29
30
internal = {
30
31
name = "intern0";
31
32
macAddress = "ec:75:0c:2e:92:1c";
32
33
cidr = "10.0.0.1/24";
34
+
cidrV6 = "2a11:2646:11e9:1::1/64";
33
35
};
34
36
};
35
37
leases = [
+41
-14
modules/router/network.nix
+41
-14
modules/router/network.nix
···
33
33
type = types.nullOr types.str;
34
34
example = "00:00:00:00:00:00";
35
35
};
36
+
address = mkOption {
37
+
type = types.nullOr types.str;
38
+
default = null;
39
+
example = "1.2.3.4";
40
+
};
41
+
addressV6 = mkOption {
42
+
type = types.nullOr types.str;
43
+
default = null;
44
+
example = "fe80::1/48";
45
+
};
36
46
cidr = mkOption {
37
47
type = types.str;
38
48
default = "0.0.0.0/0";
39
49
example = "10.0.0.1/24";
50
+
};
51
+
cidrV6 = mkOption {
52
+
type = types.nullOr types.str;
53
+
default = null;
54
+
example = "fe80::1/48";
40
55
};
41
56
};
42
57
};
···
67
82
in {
68
83
address = mkOption {
69
84
type = types.str;
70
-
default = defaultAddress;
85
+
default = if intern != null
86
+
then ipv4.prettyIp (ipv4.cidrToIpAddress intern.cidr)
87
+
else "127.0.0.1";
71
88
example = "127.0.0.1";
72
89
};
73
90
mdns = mkOption {
···
159
176
systemd.network = {
160
177
enable = true;
161
178
inherit links;
162
-
networks = let
163
-
gatewayAddress = ipv4.prettyIp (ipv4.cidrToIpAddress intern.cidr);
164
-
in {
179
+
networks = {
165
180
"10-${extern.name}" = {
166
181
name = extern.name;
167
182
networkConfig = {
···
170
185
else if cfg.ipv6 then "yes" else "ipv4";
171
186
IPv4Forwarding = true;
172
187
IPv6Forwarding = true;
173
-
IPv6AcceptRA = mkIf cfg.ipv6 true;
174
-
LinkLocalAddressing = mkIf cfg.ipv6 "ipv6";
188
+
IPv6AcceptRA = mkIf (cfg.ipv6 && extern.addressV6 == null) true;
189
+
LinkLocalAddressing = mkIf (cfg.ipv6 && extern.addressV6 != null) "ipv6";
175
190
KeepConfiguration = mkIf ppp.enable "static";
176
191
DefaultRouteOnDevice = mkIf ppp.enable true;
192
+
Address = let
193
+
addresses = filter (x: x != null) [ extern.address extern.addressV6 ];
194
+
in mkIf (addresses != []) addresses;
177
195
};
178
196
cakeConfig = {
179
197
Parent = "root";
···
183
201
UseDomains = false;
184
202
UseNTP = !cfg.timeserver.enable;
185
203
};
186
-
dhcpV6Config = mkIf cfg.ipv6 {
204
+
dhcpV6Config = mkIf (cfg.ipv6 && extern.addressV6 == null) {
187
205
WithoutRA = "solicit";
188
206
UseNTP = true;
189
207
UseDNS = false;
···
192
210
DUIDType = "link-layer";
193
211
DUIDRawData = mkIf (extern.adoptMacAddress != null) "00:01:${extern.adoptMacAddress}";
194
212
};
195
-
dhcpPrefixDelegationConfig = mkIf cfg.ipv6 {
213
+
dhcpPrefixDelegationConfig = mkIf (cfg.ipv6 && extern.addressV6 == null) {
196
214
UplinkInterface = ":self";
197
215
SubnetId = 0;
198
216
Announce = false;
199
217
};
200
-
ipv6AcceptRAConfig = mkIf cfg.ipv6 {
218
+
ipv6AcceptRAConfig = mkIf (cfg.ipv6 && extern.addressV6 == null) {
201
219
UseDNS = false;
202
220
UseDomains = false;
203
221
UseMTU = false;
···
213
231
"11-${intern.name}" = {
214
232
name = intern.name;
215
233
networkConfig = {
216
-
Address = intern.cidr;
234
+
Address = filter (x: x != null) [ intern.cidr intern.cidrV6 ];
217
235
DHCPServer = true;
218
236
IPv4Forwarding = true;
219
237
IPv6Forwarding = cfg.ipv6;
220
238
IPMasquerade = "ipv4";
221
239
ConfigureWithoutCarrier = true;
222
240
MulticastDNS = cfg.mdns;
223
-
DHCPPrefixDelegation = cfg.ipv6;
241
+
DHCPPrefixDelegation = cfg.ipv6 && intern.cidrV6 == null;
224
242
IPv6SendRA = cfg.ipv6;
225
243
IPv6AcceptRA = mkIf cfg.ipv6 false;
226
244
};
···
234
252
dhcpServerConfig = {
235
253
EmitDNS = true;
236
254
EmitNTP = true;
237
-
DNS = gatewayAddress;
238
-
NTP = gatewayAddress;
255
+
DNS = cfg.address;
256
+
NTP = cfg.address;
239
257
DefaultLeaseTimeSec = 43200;
240
258
MaxLeaseTimeSec = 86400;
241
259
};
242
-
dhcpPrefixDelegationConfig = mkIf cfg.ipv6 {
260
+
dhcpPrefixDelegationConfig = mkIf (cfg.ipv6 && intern.cidrV6 == null) {
243
261
UplinkInterface = extern.name;
244
262
Token = "static:::1";
245
263
Announce = true;
246
264
};
265
+
ipv6Prefixes = mkIf (cfg.ipv6 && intern.cidrV6 != null) [
266
+
{
267
+
Prefix = intern.cidrV6;
268
+
PreferredLifetimeSec = 3600;
269
+
ValidLifetimeSec = 7200;
270
+
OnLink = "yes";
271
+
AddressAutoconfiguration = "yes";
272
+
}
273
+
];
247
274
};
248
275
}) // (optionalAttrs ppp.enable {
249
276
"10-ppp" = {
+2
-7
modules/server/caddy.nix
+2
-7
modules/server/caddy.nix
···
2
2
3
3
with lib;
4
4
let
5
-
inherit (import ../../lib/ipv4.nix inputs) ipv4;
6
-
7
5
cfg = config.modules.server;
6
+
cfgRouter = config.modules.router;
8
7
9
8
domain = config.networking.domain;
10
9
knotEnabled = cfg.tangled.enable;
···
102
101
enable = true;
103
102
email = "phil@kitten.sh";
104
103
extraConfig = let
105
-
intern = config.modules.router.interfaces.internal;
106
-
gateway = if config.modules.router.enable && intern != null
107
-
then ipv4.prettyIp (ipv4.cidrToIpAddress intern.cidr)
108
-
else null;
109
-
addresses = filter (x: x != null) [ gateway "127.0.0.1" "[::1]" ];
104
+
addresses = filter (x: x != null) [ cfgRouter.address "127.0.0.1" "[::1]" ];
110
105
in ''
111
106
(network_paths) {
112
107
${vaultwardenHandlerConfig}