# Network and networking modules

This directory houses all network, firewall, DHCP, DNS, and all other related networking enablement.

## `core.nix`

This is where the firewall and NetworkManager live. For the firewall, you have pre-defined options that will open ports for you by enabling some network service.

For example:

```nix
tcpPorts.web.enable = true;
udpPorts.dns.enable = true;
```

Here's a more featureful example of how you would enable a firewall and set up NetworkManager:

```nix
  customNetworking = {
    firewall = {
      enable = true;

      # Open web service ports
      tcpPorts.web.enable = true;

      # Custom TCP ports
      tcpPorts.allowedPorts = [ 8080 22 ];

      # Custom UDP ports
      udpPorts.allowedPorts = [ 5000 ];
    };

    networkManager = {
      enable = true;
      extraPlugins = with pkgs; [
        # Additional NetworkManager plugins
        networkmanager-openvpn
        networkmanager-openconnect
      ];
    };
  };
```

As shown above, you'll have to open ports for services you would want to access remotely.

## DNS

There are two options here: BIND9 (or simply Bind) or Technitium DNS server. Enabling both DNS servers will throw an error and your configuration will not build.

You'll have to import `./dns.nix` for the services to be enabled.

Here's an example of what configuration might look like:

```nix
  dns.bind = {
    enable = true;
    settings = {
      interfaces = [ "127.0.0.1" "192.168.100.100" ];
      zones = [
        {
          name = "example.com";
          type = "master";
          file = "/etc/named/zones/example.com.zone";
        }
      ];
      extraConfig = ''
        // Additional BIND configuration
        options {
          directory "/var/named";
          recursion yes;
        }
      '';
    }
  };
```

_or_

```nix
  dns.technitium = {
    enable = true;
    settings = {
      address = "192.168.100.0";
      port = 5380;
      extraOptions = {
        LOG_LEVEL = "info";
      };
    }
  };
```