diff --git a/common.nix b/common.nix index 58b0199..107b84e 100644 --- a/common.nix +++ b/common.nix @@ -62,11 +62,23 @@ in # allow all firmware hardware.enableAllFirmware = true; - # networking just with the dhcp client - networking.useDHCP = true; + # use systemd-networkd + networking.useDHCP = false; + systemd.network.enable = true; + systemd.network.networks."10-wan" = { + networkConfig = { + # start a DHCP Client for IPv4 Addressing/Routing + DHCP = "ipv4"; + # accept Router Advertisements for Stateless IPv6 Autoconfiguraton (SLAAC) + IPv6AcceptRA = true; + }; + # make routing on this interface a dependency for network-online.target + linkConfig.RequiredForOnline = "routable"; + }; # ensure firewall is up, allow ssh and http in networking.firewall.enable = true; + networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.logRefusedConnections = false; # OpenSSH daemon config diff --git a/mini/configuration.nix b/mini/configuration.nix index 70165b1..cf45190 100644 --- a/mini/configuration.nix +++ b/mini/configuration.nix @@ -16,4 +16,7 @@ # host name networking.hostName = "mini"; + + # main network interface + systemd.network.networks."10-wan".matchConfig.Name = "eno1"; } diff --git a/neko/configuration.nix b/neko/configuration.nix index 7b8f3e8..487e5a3 100644 --- a/neko/configuration.nix +++ b/neko/configuration.nix @@ -16,4 +16,7 @@ # host name networking.hostName = "neko"; + + # main network interface + systemd.network.networks."10-wan".matchConfig.Name = "enp9s0"; }