nixos: networking: simplify

2023-12-28 01:28:28 +08:00 · 2023-12-28 01:28:28 +08:00 · 88e6cea3f3
commit 88e6cea3f3
parent 429d9c9fa7
7 changed files with 39 additions and 121 deletions
--- a/nixos/modules/myFlake/default.nix
+++ b/nixos/modules/myFlake/default.nix
@ -2,6 +2,5 @@
  imports = [
    ./boot
    ./hardware
    ./networking
  ];
 }
--- a/nixos/modules/myFlake/networking/default.nix
+++ b/nixos/modules/myFlake/networking/default.nix
@ -1,6 +0,0 @@
 {...}: {
  imports = [
    ./dns.nix
    ./network-configuration-daemon.nix
  ];
 }
--- a/nixos/modules/myFlake/networking/dns.nix
+++ b/nixos/modules/myFlake/networking/dns.nix
@ -1,45 +0,0 @@
 {
  lib,
  config,
  ...
 }: let
  cfg = config.myFlake.networking.dns;
 in {
  options = {
    myFlake.networking.dns = {
      provider = lib.mkOption {
        type = lib.types.enum ["dhcp" "google" "alidns"];
        default =
          {
            "Asia/Shanghai" = "alidns";
          }
          .${config.time.timeZone}
          or "google";
        example = "alidns";
        description = "Select desired DNS provider.";
      };
    };
  };
  config = {
    networking.nameservers =
      {
        dhcp = [];
        google = [
          ### Google DNS
          "8.8.8.8"
          "8.8.4.4"
          "2001:4860:4860::8888"
          "2001:4860:4860::8844"
        ];
        alidns = [
          ### AliDNS
          "223.5.5.5"
          "223.6.6.6"
          "2400:3200::1"
          "2400:3200:baba::1"
        ];
      }
      .${cfg.provider};
  };
 }
--- a/nixos/modules/myFlake/networking/network-configuration-daemon.nix
+++ b/nixos/modules/myFlake/networking/network-configuration-daemon.nix
@ -1,37 +0,0 @@
 {
  lib,
  config,
  ...
 }: let
  cfg = config.myFlake.networking;
 in {
  options = {
    myFlake = {
      networking = {
        network-configuration-daemon = lib.mkOption {
          type = lib.types.enum ["iwd" "networkmanager" "networkmanager-iwd"];
          default = "iwd";
          example = "networkmanager";
          description = "Select desired network configuration daemon.";
        };
      };
    };
  };
  config = lib.mkMerge [
    (lib.mkIf (cfg.network-configuration-daemon == "iwd") {
      networking.wireless.iwd.enable = true;
    })
    (lib.mkIf (cfg.network-configuration-daemon == "networkmanager" || cfg.network-configuration-daemon == "networkmanager-iwd") {
      networking.networkmanager = {
        enable = true;
        ethernet.macAddress = "random";
        wifi.macAddress = "random";
      };
    })
    (lib.mkIf (cfg.network-configuration-daemon == "networkmanager-iwd") {
      networking.wireless.iwd.enable = true;
      networking.networkmanager.wifi.backend = "iwd";
    })
  ];
 }
--- a/nixos/profiles/core/default.nix
+++ b/nixos/profiles/core/default.nix
@ -7,6 +7,7 @@
 }: {
  imports = [
    ./hardening
    ./networking
    ./nix
    ./packages
@ -82,18 +83,4 @@
  #               this shouldn't affect non-nvidia machines.
  nixpkgs.config.nvidia.acceptLicense = true;
  hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.legacy_470;
  ### https://wiki.archlinux.org/title/Sysctl#Improving_performance
  boot.kernelModules = ["tcp_bbr"];
  boot.kernel.sysctl = {
    "net.ipv4.tcp_fastopen" = "3";
    "net.ipv4.tcp_keepalive_time" = "80";
    "net.ipv4.tcp_keepalive_intvl" = "10";
    "net.ipv4.tcp_keepalive_probes" = "6";
    "net.ipv4.tcp_mtu_probing" = "1";
    "net.core.default_qdisc" = "cake";
    "net.ipv4.tcp_congestion_control" = "bbr";
  };
 }
--- a/nixos/profiles/core/networking/default.nix
+++ b/nixos/profiles/core/networking/default.nix
@ -0,0 +1,38 @@
 _: {
  networking.wireless.iwd.enable = true;
  networking.nameservers = [
    ### Google DNS
    "8.8.8.8#dns.google"
    "8.8.4.4#dns.google"
    "2001:4860:4860::8888#dns.google"
    "2001:4860:4860::8844#dns.google"
  ];
  ### systemd-resolved
  services.resolved = {
    enable = true;
    domains = ["~."];
    dnssec = "true";
    extraConfig = "DNSOverTLS=yes";
    fallbackDns = [
      #"8.8.8.8#dns.google"
      #"8.8.4.4#dns.google"
      #"2001:4860:4860::8888#dns.google"
      #"2001:4860:4860::8844#dns.google"
    ];
  };
  ### https://wiki.archlinux.org/title/Sysctl#Improving_performance
  boot.kernelModules = ["tcp_bbr"];
  boot.kernel.sysctl = {
    "net.ipv4.tcp_fastopen" = "3";
    "net.ipv4.tcp_keepalive_time" = "80";
    "net.ipv4.tcp_keepalive_intvl" = "10";
    "net.ipv4.tcp_keepalive_probes" = "6";
    "net.ipv4.tcp_mtu_probing" = "1";
    "net.core.default_qdisc" = "cake";
    "net.ipv4.tcp_congestion_control" = "bbr";
  };
 }
--- a/nixos/profiles/opt-in/systemd-resolved.nix
+++ b/nixos/profiles/opt-in/systemd-resolved.nix
@ -1,18 +0,0 @@
 _: {
  ### systemd-resolved
  services.resolved = {
    enable = true;
    dnssec = "true";
    domains = ["~."];
    fallbackDns = [
      "8.8.8.8#dns.google"
      "8.8.4.4#dns.google"
      "2001:4860:4860::8888#dns.google"
      "2001:4860:4860::8844#dns.google"
    ];
    extraConfig = "DNSOverTLS=yes";
  };
  ### NetworkManager integration
  networking.networkmanager.dns = "systemd-resolved";
 }