2023-08-10 01:13:23 +02:00
|
|
|
{ lib, pkgs, ... }: {
|
2023-08-01 15:35:09 +02:00
|
|
|
networking = {
|
|
|
|
|
firewall = {
|
|
|
|
|
allowedTCPPorts = [ 1234 1337 8000 8080 ];
|
|
|
|
|
allowedUDPPorts = [ 1234 1337 8000 8080 ];
|
|
|
|
|
};
|
2023-08-11 17:45:48 +02:00
|
|
|
nameservers = [ "127.0.0.53" ]; # resolved stub resolver
|
2023-08-01 15:35:09 +02:00
|
|
|
networkmanager = {
|
|
|
|
|
enable = true;
|
2023-08-10 01:13:23 +02:00
|
|
|
dns = lib.mkForce "none";
|
2023-08-01 15:35:09 +02:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-08-11 18:02:36 +02:00
|
|
|
# TODO: these systemd networkd settings will be the default once
|
|
|
|
|
# https://github.com/NixOS/nixpkgs/pull/202488 is merged.
|
|
|
|
|
networking.useNetworkd = true;
|
|
|
|
|
systemd.network = {
|
|
|
|
|
enable = true;
|
|
|
|
|
wait-online.anyInterface = true;
|
|
|
|
|
};
|
|
|
|
|
|
2023-08-01 15:35:09 +02:00
|
|
|
services.resolved = {
|
|
|
|
|
enable = true;
|
|
|
|
|
dnssec = "true";
|
2023-08-11 17:45:48 +02:00
|
|
|
fallbackDns = [ "159.69.4.2#dns.caspervk.net" "2a01:4f8:1c0c:70d1::1#dns.caspervk.net" ];
|
2023-08-01 15:35:09 +02:00
|
|
|
extraConfig = ''
|
2023-08-11 17:45:48 +02:00
|
|
|
DNS=159.69.4.2#dns.caspervk.net 2a01:4f8:1c0c:70d1::1#dns.caspervk.net
|
2023-08-01 15:35:09 +02:00
|
|
|
DNSOverTLS=yes
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.vnstat.enable = true;
|
|
|
|
|
}
|
