clan-core/nixosModules/clanCore/networking.nix

{ config, lib, ... }:
{
  options.clan.networking = {
    targetHost = lib.mkOption {
      description = ''
        The target SSH node for deployment.

        By default, the node's attribute name will be used.
        If set to null, only local deployment will be supported.

        format: user@host:port&SSH_OPTION=SSH_VALUE
        examples:
          - machine.example.com
          - user@machine2.example.com
          - root@example.com:2222&IdentityFile=/path/to/private/key
      '';
      default = null;
      type = lib.types.nullOr lib.types.str;
    };
    buildHost = lib.mkOption {
      description = ''
        The build SSH node where nixos-rebuild will be executed.

        If set to null, the targetHost will be used.

        format: user@host:port&SSH_OPTION=SSH_VALUE
        examples:
          - machine.example.com
          - user@machine2.example.com
          - root@example.com:2222&IdentityFile=/path/to/private/key
      '';
      type = lib.types.nullOr lib.types.str;
      default = null;
    };
  };
  imports = [
    (lib.mkRenamedOptionModule [ "clan" "networking" "deploymentAddress" ] [ "clan" "networking" "targetHost" ])
  ];
  config = {
    # conflicts with systemd-resolved
    networking.useHostResolvConf = false;

    # Allow PMTU / DHCP
    networking.firewall.allowPing = true;

    # The notion of "online" is a broken concept
    # https://github.com/systemd/systemd/blob/e1b45a756f71deac8c1aa9a008bd0dab47f64777/NEWS#L13
    systemd.services.NetworkManager-wait-online.enable = false;
    systemd.network.wait-online.enable = false;

    # Provide a default network configuration but don't compete with network-manager or dhcpcd
    systemd.network.networks."50-uplink" = lib.mkIf (!(config.networking.networkmanager.enable || config.networking.dhcpcd.enable)) {
      matchConfig.Type = "ether";
      networkConfig = {
        DHCP = "yes";
        LLDP = "yes";
        LLMNR = "yes";
        MulticastDNS = "yes";
        IPv6AcceptRA = "yes";
      };
    };

    # Use networkd instead of the pile of shell scripts
    networking.useNetworkd = lib.mkDefault true;
    networking.useDHCP = lib.mkDefault false;
  };
}
clan-cli: get deploymentAddress from clan.networking 2023-09-14 14:57:38 +00:00			`{ config, lib, ... }:`
			`{`
			`options.clan.networking = {`
rename deployment address to target address This is a prepares having a build server for deployment 2024-02-02 04:32:48 +00:00			`targetHost = lib.mkOption {`
clan-cli: get deploymentAddress from clan.networking 2023-09-14 14:57:38 +00:00			`description = ''`
			`The target SSH node for deployment.`

			`By default, the node's attribute name will be used.`
			`If set to null, only local deployment will be supported.`
document networking.deploymentAddress 2023-09-21 13:21:19 +00:00
			`format: user@host:port&SSH_OPTION=SSH_VALUE`
			`examples:`
			`- machine.example.com`
			`- user@machine2.example.com`
			`- root@example.com:2222&IdentityFile=/path/to/private/key`
clan-cli: get deploymentAddress from clan.networking 2023-09-14 14:57:38 +00:00			`'';`
move checks if targetHost/buildHost is set to cli 2024-02-06 13:45:21 +00:00			`default = null;`
			`type = lib.types.nullOr lib.types.str;`
rename deployment address to target address This is a prepares having a build server for deployment 2024-02-02 04:32:48 +00:00			`};`
			`buildHost = lib.mkOption {`
			`description = ''`
			`The build SSH node where nixos-rebuild will be executed.`

			`If set to null, the targetHost will be used.`

			`format: user@host:port&SSH_OPTION=SSH_VALUE`
			`examples:`
			`- machine.example.com`
			`- user@machine2.example.com`
			`- root@example.com:2222&IdentityFile=/path/to/private/key`
			`'';`
clan-cli: get deploymentAddress from clan.networking 2023-09-14 14:57:38 +00:00			`type = lib.types.nullOr lib.types.str;`
rename deployment address to target address This is a prepares having a build server for deployment 2024-02-02 04:32:48 +00:00			`default = null;`
clan-cli: get deploymentAddress from clan.networking 2023-09-14 14:57:38 +00:00			`};`
			`};`
rename deployment address to target address This is a prepares having a build server for deployment 2024-02-02 04:32:48 +00:00			`imports = [`
clanCore: fix deploymentAddress -> targetHost alias 2024-02-06 09:55:07 +00:00			`(lib.mkRenamedOptionModule [ "clan" "networking" "deploymentAddress" ] [ "clan" "networking" "targetHost" ])`
rename deployment address to target address This is a prepares having a build server for deployment 2024-02-02 04:32:48 +00:00			`];`
explicitly set networkd as the default 2023-11-15 05:54:29 +00:00			`config = {`
			`# conflicts with systemd-resolved`
			`networking.useHostResolvConf = false;`

clanCore/networking: allow ping unconditionally 2023-11-15 10:04:03 +00:00			`# Allow PMTU / DHCP`
			`networking.firewall.allowPing = true;`

explicitly set networkd as the default 2023-11-15 05:54:29 +00:00			`# The notion of "online" is a broken concept`
			`# https://github.com/systemd/systemd/blob/e1b45a756f71deac8c1aa9a008bd0dab47f64777/NEWS#L13`
			`systemd.services.NetworkManager-wait-online.enable = false;`
			`systemd.network.wait-online.enable = false;`

move resolved configuration to a dummy interface 2023-11-15 06:44:30 +00:00			`# Provide a default network configuration but don't compete with network-manager or dhcpcd`
			`systemd.network.networks."50-uplink" = lib.mkIf (!(config.networking.networkmanager.enable \|\| config.networking.dhcpcd.enable)) {`
			`matchConfig.Type = "ether";`
			`networkConfig = {`
			`DHCP = "yes";`
			`LLDP = "yes";`
			`LLMNR = "yes";`
			`MulticastDNS = "yes";`
			`IPv6AcceptRA = "yes";`
			`};`
			`};`

explicitly set networkd as the default 2023-11-15 05:54:29 +00:00			`# Use networkd instead of the pile of shell scripts`
			`networking.useNetworkd = lib.mkDefault true;`
			`networking.useDHCP = lib.mkDefault false;`
			`};`
clan-cli: get deploymentAddress from clan.networking 2023-09-14 14:57:38 +00:00			`}`