wymiller/nix-config-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
nix-config-v2/modules/networking/README.md

91 lines
2.0 KiB
Markdown
Raw Permalink Normal View History

modularized all the things part one (?)
2024-12-15 17:22:36 -06:00
# Network and networking modules
This directory houses all network, firewall, DHCP, DNS, and all other related networking enablement.
## `core.nix`
This is where the firewall and NetworkManager live. For the firewall, you have pre-defined options that will open ports for you by enabling some network service.
For example:
```nix
tcpPorts.web.enable = true;
udpPorts.dns.enable = true;
```
Here's a more featureful example of how you would enable a firewall and set up NetworkManager:
```nix
customNetworking = {
firewall = {
enable = true;
# Open web service ports
tcpPorts.web.enable = true;
# Custom TCP ports
tcpPorts.allowedPorts = [ 8080 22 ];
# Custom UDP ports
udpPorts.allowedPorts = [ 5000 ];
};
networkManager = {
enable = true;
extraPlugins = with pkgs; [
# Additional NetworkManager plugins
networkmanager-openvpn
networkmanager-openconnect
];
};
};
```
As shown above, you'll have to open ports for services you would want to access remotely.
## DNS
There are two options here: BIND9 (or simply Bind) or Technitium DNS server. Enabling both DNS servers will throw an error and your configuration will not build.
You'll have to import `./dns.nix` for the services to be enabled.
Here's an example of what configuration might look like:
```nix
dns.bind = {
enable = true;
settings = {
interfaces = [ "127.0.0.1" "192.168.100.100" ];
zones = [
{
name = "example.com";
type = "master";
file = "/etc/named/zones/example.com.zone";
}
];
extraConfig = ''
// Additional BIND configuration
options {
directory "/var/named";
recursion yes;
}
'';
}
};
```
_or_
```nix
dns.technitium = {
enable = true;
settings = {
address = "192.168.100.0";
port = 5380;
extraOptions = {
LOG_LEVEL = "info";
};
}
};
```
Reference in New Issue Copy Permalink