Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I would highly recommend to use systemd-networkd based networking which should be able to do almost everything if configured correct.


Is there a nix config wrapper for systemd-networkd?

NixOS still does everything I need it too, but the parent comment sounded like they had a bit more complex of a setup.


Not sure what you mean by config wrapper, but yes, systems-networkd is quite nice. Here's my home router setup with vlan1 for uplink to ISP, a bunch of other vlans for internal networks, and IPv6 prefix delegation to internal networks, and of course fireguard. All configured using systemd-networkd:

{ pkgs, lib, ... }:{

  networking = {
    useNetworkd = true;
    useDHCP = false;
    enableIPv6 = true;
  };

   networking.wireguard.interfaces = {
     wireguard = {
       ips = [ "172.20.60.1/24" ];
       listenPort = 61891;
       privateKeyFile = "/etc/nixos/secrets/wireguard-privateKey";
       peers = [
         {
           publicKey = "897mRPejuv9yVnmTvcUL7ckQkIiM0wnSgHmgR15Evyw=";
           allowedIPs = [ "172.20.60.10/32" ];
           presharedKeyFile = "/etc/nixos/secrets/wireguard-presharedkey";
         }
...

  systemd.network.networks = {
    "10-eno1" = {
      matchConfig.Name = "eno1";
      networkConfig.LinkLocalAddressing = "no";
      networkConfig.DHCP = "no";
      extraConfig = ''
        VLAN=wan
        VLAN=vlan99
        VLAN=vlan30
        VLAN=vlan20
        VLAN=vlan1
        VLAN=podnet
        LLDP=no
        EmitLLDP=no
        IPv6AcceptRA=no
        IPv6SendRA=no
      '';
    };
    "11-vlan1" = {
      matchConfig.Name = "vlan1";
      linkConfig.RequiredForOnline = false;
      networkConfig.DHCP = "no";
      networkConfig.Address = "192.168.1.1/24";
      networkConfig.Domains = "tanso.net";
      networkConfig.ConfigureWithoutCarrier = "yes";
    };
    "11-podnet" = {
      matchConfig.Name = "podnet";
      linkConfig.RequiredForOnline = false;
      networkConfig.DHCP = "no";
      networkConfig.Address = "172.20.2.1/24";
      networkConfig.Domains = "tanso.net";
      networkConfig.ConfigureWithoutCarrier = "yes";
    };
    "11-vlan20" = {
      matchConfig.Name = "vlan20";
      networkConfig.DHCP = "no";
      networkConfig.Address = "172.20.20.1/24";
      networkConfig.Domains = "tanso.net";
      networkConfig.ConfigureWithoutCarrier = "yes";
      extraConfig = ''
      IPv6SendRA=yes
      DHCPv6PrefixDelegation=yes
      '';
    };
....

  systemd.network.netdevs = {
    "11-vlan1" = {
      netdevConfig = { Name = "vlan1"; Kind = "vlan"; };
      vlanConfig.Id = 1;
    };
    "11-podnet" = {
      netdevConfig = { Name = "podnet"; Kind = "vlan"; };
      vlanConfig.Id = 2;
    };
    "11-vlan20" = {
      netdevConfig = { Name = "vlan20"; Kind = "vlan"; };
      vlanConfig.Id = 20;
    };
    "11-vlan30" = {
      netdevConfig = { Name = "vlan30"; Kind = "vlan"; };
      vlanConfig.Id = 30;
    };


> Is there a nix config wrapper for systemd-networkd?

The options under systemd.network almost map 1:1 to systemd-networkd ones.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: