nix/os-mods/network/default.nix

{ config
, lib
, pkgs
, ...
}: {
  networking = {
    networkmanager.enable = true;
    networkmanager.dispatcherScripts = [
      {
        source = import ./moz-nm-hook.fish.nix {
          inherit pkgs;
          vpn_interface = "tailscale0";
          vpn_network = "100.64.0.0/16";
        };
        type = "basic";
      }
      {
        source = import ./moz-nm-hook.fish.nix {
          inherit pkgs;
          vpn_interface = "netmaker";
          vpn_network = "10.231.190.0/24";
        };
        type = "basic";
      }
    ];

    useDHCP = lib.mkDefault true;

    nameservers = [
      "23.88.68.113#dns.vlt81.de"
      "2a01:4f8:272:5917::baad:c0de#dns.vlt81.de"
      "45.90.28.0#921984.dns.nextdns.io"
      "45.90.30.0#921984.dns.nextdns.io"
      "2a07:a8c0::#921984.dns.nextdns.io"
      "2a07:a8c1::#921984.dns.nextdns.io"
      # "100.64.0.8#dns.vlt81.de"
    ];
  };

  # security.wrappers.keybase-redirector = {
  # setuid = true;
  # owner = "root";
  # group = "root";
  # source = "${pkgs.kbfs}/bin/redirector";
  # };

  environment.systemPackages = with pkgs; [
    keybase-gui
  ];
  services = {
    keybase.enable = true;
    kbfs.enable = true;
    # kbfs.enableRedirector = true;
    resolved = {
      enable = true;
      dnssec = "true";
      domains = [ "~." ];
      fallbackDns = [
        "1.1.1.1#one.one.one.one"
        "1.0.0.1#one.one.one.one"
      ];
      extraConfig = ''
        DNSOverTLS=yes
      '';
    };

    netclient = {
      enable = true;
      package = pkgs.netclient;
    };

    tailscale = {
      enable = true;
      useRoutingFeatures = "both";
    };

    mozillavpn = {
      enable = true;
    };
  };
}
Another reformatting & refactor - fix all statix lints - format with nixpkgs-fmt instead of alejandro 2023-10-17 14:12:26 +02:00			`{ config`
			`, lib`
			`, pkgs`
			`, ...`
Add basic modularization 2023-10-05 17:45:31 +02:00			`}: {`
WIP: Rename nixos-docker to nixos-karl-kvm-guest 2023-12-08 01:57:30 +01:00			`networking = {`
			`networkmanager.enable = true;`
Make MozillaVPN work with tailscale/netmaker/etc - make a network manager hook template - use for tailscale & netmaker 2024-01-23 00:41:55 +01:00			`networkmanager.dispatcherScripts = [`
			`{`
			`source = import ./moz-nm-hook.fish.nix {`
			`inherit pkgs;`
			`vpn_interface = "tailscale0";`
			`vpn_network = "100.64.0.0/16";`
			`};`
			`type = "basic";`
			`}`
			`{`
			`source = import ./moz-nm-hook.fish.nix {`
			`inherit pkgs;`
			`vpn_interface = "netmaker";`
fix: Fix VPN network range 2024-10-11 02:06:46 +02:00			`vpn_network = "10.231.190.0/24";`
Make MozillaVPN work with tailscale/netmaker/etc - make a network manager hook template - use for tailscale & netmaker 2024-01-23 00:41:55 +01:00			`};`
			`type = "basic";`
			`}`
			`];`

WIP: Rename nixos-docker to nixos-karl-kvm-guest 2023-12-08 01:57:30 +01:00			`useDHCP = lib.mkDefault true;`
Make MozillaVPN work with tailscale/netmaker/etc - make a network manager hook template - use for tailscale & netmaker 2024-01-23 00:41:55 +01:00
WIP: Rename nixos-docker to nixos-karl-kvm-guest 2023-12-08 01:57:30 +01:00			`nameservers = [`
			`"23.88.68.113#dns.vlt81.de"`
			`"2a01:4f8:272:5917::baad:c0de#dns.vlt81.de"`
			`"45.90.28.0#921984.dns.nextdns.io"`
			`"45.90.30.0#921984.dns.nextdns.io"`
			`"2a07:a8c0::#921984.dns.nextdns.io"`
			`"2a07:a8c1::#921984.dns.nextdns.io"`
			`# "100.64.0.8#dns.vlt81.de"`
			`];`
			`};`
Add basic modularization 2023-10-05 17:45:31 +02:00
WIP: Add nixinate 2023-12-11 20:47:22 +01:00			`# security.wrappers.keybase-redirector = {`
WIP: Update & fix keybase 2023-12-14 19:13:03 +01:00			`# setuid = true;`
			`# owner = "root";`
			`# group = "root";`
			`# source = "${pkgs.kbfs}/bin/redirector";`
WIP: Add nixinate 2023-12-11 20:47:22 +01:00			`# };`

WIP: Update & fix keybase 2023-12-14 19:13:03 +01:00			`environment.systemPackages = with pkgs; [`
			`keybase-gui`
			`];`
Another reformatting & refactor - fix all statix lints - format with nixpkgs-fmt instead of alejandro 2023-10-17 14:12:26 +02:00			`services = {`
WIP: Add nixinate 2023-12-11 20:47:22 +01:00			`keybase.enable = true;`
WIP: Update & fix keybase 2023-12-14 19:13:03 +01:00			`kbfs.enable = true;`
			`# kbfs.enableRedirector = true;`
Another reformatting & refactor - fix all statix lints - format with nixpkgs-fmt instead of alejandro 2023-10-17 14:12:26 +02:00			`resolved = {`
			`enable = true;`
			`dnssec = "true";`
			`domains = [ "~." ];`
Various squashed tweaks 2023-10-21 03:33:27 +02:00			`fallbackDns = [`
Fix DNS conf 2023-12-04 20:05:09 +01:00			`"1.1.1.1#one.one.one.one"`
			`"1.0.0.1#one.one.one.one"`
Various squashed tweaks 2023-10-21 03:33:27 +02:00			`];`
Another reformatting & refactor - fix all statix lints - format with nixpkgs-fmt instead of alejandro 2023-10-17 14:12:26 +02:00			`extraConfig = ''`
			`DNSOverTLS=yes`
			`'';`
			`};`
Add basic modularization 2023-10-05 17:45:31 +02:00
Various tweaks - update flakes - use overlay2 as docker volume driver for no btrfs dep - add xwayland 2024-01-11 07:24:44 +01:00			`netclient = {`
			`enable = true;`
WIP Switch to unstable 2024-02-02 16:13:55 +01:00			`package = pkgs.netclient;`
Various tweaks - update flakes - use overlay2 as docker volume driver for no btrfs dep - add xwayland 2024-01-11 07:24:44 +01:00			`};`

Another reformatting & refactor - fix all statix lints - format with nixpkgs-fmt instead of alejandro 2023-10-17 14:12:26 +02:00			`tailscale = {`
			`enable = true;`
			`useRoutingFeatures = "both";`
			`};`
Add basic modularization 2023-10-05 17:45:31 +02:00
Another reformatting & refactor - fix all statix lints - format with nixpkgs-fmt instead of alejandro 2023-10-17 14:12:26 +02:00			`mozillavpn = {`
			`enable = true;`
			`};`
Add basic modularization 2023-10-05 17:45:31 +02:00			`};`
			`}`