Richie/dotfiles
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
c0d5e848b878bbfdb6327846dd8ddc91b55d972f
dotfiles/systems/jeeves/networking.nix
T
Richie c0d5e848b8
treefmt / nix fmt (pull_request) Successful in 6s
Details
pytest / pytest (pull_request) Successful in 56s
Details
build_systems / build-brain (pull_request) Successful in 59s
Details
build_systems / build-rhapsody-in-green (pull_request) Successful in 1m34s
Details
build_systems / build-bob (pull_request) Successful in 1m0s
Details
build_systems / build-leviathan (pull_request) Successful in 1m30s
Details
build_systems / build-jeeves (pull_request) Successful in 2m42s
Details
updated Primary nic
2026-06-04 17:36:45 -04:00

77 lines
1.9 KiB
Nix
Raw Blame History

{
# Docker loads br_netfilter on jeeves. Disable bridge netfilter so
# br-nix-builder behaves like a pure L2 bridge and bridged traffic
# does not hit the host firewall/rpfilter path.
boot.kernel.sysctl = {
"net.bridge.bridge-nf-call-arptables" = 0;
"net.bridge.bridge-nf-call-ip6tables" = 0;
"net.bridge.bridge-nf-call-iptables" = 0;
};
networking = {
hostName = "jeeves";
hostId = "0e15ce35";
firewall = {
enable = true;
interfaces.br-nix-builder = {
allowedTCPPorts = [ ];
allowedUDPPorts = [ ];
};
};
useNetworkd = true;
};
systemd.network = {
enable = true;
wait-online = {
enable = false;
anyInterface = true;
};
netdevs = {
"20-br-nix-builder" = {
netdevConfig = {
Kind = "bridge";
Name = "br-nix-builder";
};
};
"30-internet-vlan" = {
netdevConfig = {
Kind = "vlan";
Name = "internet-vlan";
};
vlanConfig.Id = 100;
};
};
networks = {
"10-Primary" = {
matchConfig.Name = "enp97s0";
address = [ "192.168.99.14/24" ];
dns = [
"192.168.99.1"
"2600:4040:abfb:d700::1"
];
routes = [ { Gateway = "192.168.99.1"; } ];
vlan = [ "internet-vlan" ];
dhcpV4Config.UseDNS = false;
dhcpV6Config.UseDNS = false;
ipv6AcceptRAConfig.UseDNS = false;
linkConfig.RequiredForOnline = "routable";
};
"50-internet-vlan" = {
matchConfig.Name = "internet-vlan";
bridge = [ "br-nix-builder" ];
linkConfig.RequiredForOnline = "no";
};
"60-br-nix-builder" = {
matchConfig.Name = "br-nix-builder";
bridgeConfig = { };
networkConfig = {
IPv6AcceptRA = false;
LinkLocalAddressing = "no";
};
linkConfig.RequiredForOnline = "no";
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink