trustmeim.gay / nix
Personal Nix flake
nixos home-manager nix
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat: Networking module revamp

Add actual options, enable IPv6 networking by default

Add my.networking.trusted, have tailscale follow it by default

Move spotify ports to graphical profile

Luna Perroni 847f5014 faab682f

+52 -32
+1 -1
nix/nixos/configs/desktop/default.nix
··· 9 9 my = { 10 10 ci.build = true; 11 11 gaming.enable = true; 12 - networking.tailscale.trusted = true; 12 + networking.trusted = true; 13 13 users.emily.enable = true; 14 14 virtualization.oci.enable = true; 15 15 profiles = {
+1 -1
nix/nixos/configs/laptop/default.nix
··· 9 9 my = { 10 10 ci.build = true; 11 11 gaming.steam.enable = true; 12 - networking.tailscale.trusted = true; 12 + networking.trusted = true; 13 13 virtualization.oci.enable = true; 14 14 profiles = { 15 15 formfactor.laptop = true;
+1 -1
nix/nixos/configs/raspberrypi/default.nix
··· 12 12 13 13 my = { 14 14 ci.build = true; 15 - networking.tailscale.trusted = true; 15 + networking.trusted = true; 16 16 security.u2f.relaxed = true; 17 17 profiles = { 18 18 headless = true;
+2
nix/nixos/modules/default.nix
··· 51 51 52 52 my = { 53 53 kernel.enable = lib.mkDefault true; 54 + networking.enable = lib.mkDefault true; 55 + networking.ipv6.enable = lib.mkDefault true; 54 56 networking.tailscale.enable = lib.mkDefault true; 55 57 nix.enable = lib.mkDefault true; 56 58 pipewire.enable = lib.mkDefault true;
+40 -25
nix/nixos/modules/networking/default.nix
··· 1 1 { 2 - networking = { 3 - firewall = { 4 - enable = true; 5 - allowedTCPPorts = [ 6 - 57621 # spotify local discovery 7 - 5353 # spotify cast discovery 8 - ]; 2 + config, 3 + lib, 4 + self, 5 + ... 6 + }: let 7 + inherit (self.vars) networks; 8 + cfg = config.my.networking; 9 + in { 10 + options.my.networking = { 11 + enable = lib.mkEnableOption "networking tweaks"; 12 + ipv6.enable = lib.mkEnableOption "IPv6 networking"; 13 + trusted = lib.mkOption { 14 + description = "Whether this is a trusted device"; 15 + type = lib.types.bool; 16 + default = false; 9 17 }; 10 - dhcpcd.extraConfig = let 11 - wifiOffset = 2000; 12 - in '' 13 - ssid Lpchaim5G 14 - metric ${toString (wifiOffset - 20)} 18 + }; 15 19 16 - ssid Lpchaim 17 - metric ${toString (wifiOffset - 10)} 18 - ''; 19 - networkmanager = { 20 - enable = true; 21 - settings = { 22 - connection-ethernet = { 23 - "match-device" = "type:ethernet"; 24 - "connection.autoconnect-priority" = 150; 25 - }; 26 - connection-wifi = { 27 - "match-device" = "type:wifi"; 28 - "connection.autoconnect-priority" = 50; 20 + config = lib.mkIf cfg.enable { 21 + networking = { 22 + enableIPv6 = cfg.ipv6.enable; 23 + firewall.enable = true; 24 + networkmanager = { 25 + enable = true; 26 + settings = { 27 + connection-ethernet = { 28 + "match-device" = "type:ethernet"; 29 + "connection.autoconnect-priority" = 150; 30 + }; 31 + connection-wifi = { 32 + "match-device" = "type:wifi"; 33 + "connection.autoconnect-priority" = 50; 34 + }; 29 35 }; 30 36 }; 37 + }; 38 + 39 + services.avahi = { 40 + enable = cfg.trusted; 41 + nssmdns4 = true; 42 + domainName = networks.home.domain; 43 + publish.enable = true; 44 + publish.addresses = true; 45 + reflector = true; 31 46 }; 32 47 }; 33 48 }
+3 -3
nix/nixos/modules/tailscale/default.nix
··· 20 20 trusted = lib.mkOption { 21 21 description = "Whether to tag this device as trusted"; 22 22 type = lib.types.bool; 23 - default = false; 23 + default = config.my.networking.trusted; 24 24 }; 25 25 advertise.exitNode = lib.mkOption { 26 26 description = "Whether to advertise an exit node"; 27 - default = false; 28 27 type = lib.types.bool; 28 + default = false; 29 29 }; 30 30 advertise.routes = lib.mkOption { 31 - description = "routes to advertise"; 31 + description = "Routes to advertise"; 32 32 default = []; 33 33 type = with lib.types; listOf str; 34 34 };
+4
nix/nixos/profiles/graphical.nix
··· 17 17 graphics.enable = true; 18 18 graphics.enable32Bit = true; 19 19 }; 20 + networking.firewall.allowedTCPPorts = [ 21 + 57621 # spotify local discovery 22 + 5353 # spotify cast discovery 23 + ]; 20 24 services.xserver.enable = lib.mkDefault true; 21 25 xdg.portal = { 22 26 enable = true;
-1
nix/nixos/profiles/server.nix
··· 12 12 my = { 13 13 networking.tailscale = { 14 14 enable = true; 15 - trusted = true; 16 15 advertise.exitNode = true; 17 16 advertise.routes = [routingPrefix]; 18 17 };