System/ServeNix: Enable IPv6 networking
This commit is contained in:
@ -50,7 +50,12 @@
|
|||||||
{
|
{
|
||||||
name = "behind-nginx";
|
name = "behind-nginx";
|
||||||
disable_masquerade = false;
|
disable_masquerade = false;
|
||||||
|
|
||||||
|
# We have 4 IPv6 prefixes, one is used for LAN, one is used for ThinkNix behind-nginx docker network (for DNS).
|
||||||
|
# Questionable if we should enable it here aswell...
|
||||||
ipv6.enable = false;
|
ipv6.enable = false;
|
||||||
|
# ipv6.gateway = "fd00::5";
|
||||||
|
# ipv6.subnet = "2001:7d8:8023:a00a::/64";
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
@ -58,12 +63,52 @@
|
|||||||
useNetworkManager = false;
|
useNetworkManager = false;
|
||||||
|
|
||||||
networks = {
|
networks = {
|
||||||
"10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
|
# "10-ether-1G" = mylib.networking.mkStaticSystemdNetwork {
|
||||||
interface = "ens18";
|
# interface = "ens18";
|
||||||
ips = ["192.168.86.25/24"];
|
# ips = ["192.168.86.25/24" "fd00::19/64"];
|
||||||
routers = ["192.168.86.5"];
|
# routers = ["192.168.86.5" "fd00::5"];
|
||||||
nameservers = ["8.8.8.8"]; # NOTE: Use reliable DNS for servers instead of 192.168.86.26
|
# nameservers = ["8.8.8.8" "2001:4860:4860::8888"]; # NOTE: Use reliable DNS for servers instead of 192.168.86.26
|
||||||
routable = true;
|
# routable = true;
|
||||||
|
# };
|
||||||
|
|
||||||
|
# TODO: mylib.networking.mkStaticSystemdNetwork needs improvement to accomodate for this
|
||||||
|
"10-ether-1G" = rec {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
# See man systemd.link, man systemd.netdev, man systemd.network
|
||||||
|
matchConfig = {
|
||||||
|
# This corresponds to the [MATCH] section
|
||||||
|
Name = "ens18"; # Match ethernet interface
|
||||||
|
};
|
||||||
|
|
||||||
|
# Static IP + DNS + Gateway
|
||||||
|
address = ["192.168.86.25/24"];
|
||||||
|
gateway = ["192.168.86.5"]; # Don't add IPv6 gateway, rely on router advertisement instead
|
||||||
|
dns = ["8.8.8.8" "8.8.4.4" "2001:4860:4860:8888" "2001:4860:4860:8844"];
|
||||||
|
routes = builtins.map (r: {Gateway = r;}) gateway;
|
||||||
|
|
||||||
|
# See man systemd.network
|
||||||
|
networkConfig = {
|
||||||
|
# This corresponds to the [NETWORK] section
|
||||||
|
DHCP = "no";
|
||||||
|
|
||||||
|
IPv6AcceptRA = "yes"; # Accept Router Advertisements
|
||||||
|
# MulticastDNS = "no";
|
||||||
|
# LLMNR = "no";
|
||||||
|
# LinkLocalAddressing = "ipv6";
|
||||||
|
};
|
||||||
|
|
||||||
|
addresses = [
|
||||||
|
{
|
||||||
|
# Don't add this to address, we don't want to create any routes with this
|
||||||
|
Address = "fd00::19/64";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
|
||||||
|
linkConfig = {
|
||||||
|
# This corresponds to the [LINK] section
|
||||||
|
RequiredForOnline = "routable";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -89,6 +134,8 @@
|
|||||||
|
|
||||||
3000 # Gitea (runner needs to reach local gitea instance)
|
3000 # Gitea (runner needs to reach local gitea instance)
|
||||||
|
|
||||||
|
5520 # HyTale
|
||||||
|
|
||||||
30033 # Teamspeak
|
30033 # Teamspeak
|
||||||
9987 # Teamspeak
|
9987 # Teamspeak
|
||||||
];
|
];
|
||||||
|
|||||||
Reference in New Issue
Block a user