flake-nixinator/lib/networking.nix

# TODO: OpenVPN
{
  inputs,
  pkgs,
  lib,
  ...
}: rec {
  mkSystemdNetwork = interface: routable: {
    # name = "enp0s31f6"; # Network interface name?
    enable = true;

    # See man systemd.link, man systemd.netdev, man systemd.network
    matchConfig = {
      # This corresponds to the [MATCH] section
      Name = interface; # Match ethernet interface
    };

    # See man systemd.network
    networkConfig = {
      # This corresponds to the [NETWORK] section
      DHCP = "yes";

      # TODO: What does this all do?
      # IPv6AcceptRA = true;
      # MulticastDNS = "yes"; # Needed?
      # LLMNR = "no"; # Needed?
      # LinkLocalAddressing = "no"; # Needed?
    };

    linkConfig = {
      # This corresponds to the [LINK] section
      # RequiredForOnline = "routable";
      RequiredForOnline =
        if routable
        then "routable"
        else "no"; # Don't make nixos-rebuild wait for systemd-networkd-wait-online.service
    };
  };

  mkStaticSystemdNetwork = {
    interface,
    ips,
    routers,
    nameservers,
    routable,
  }: {
    enable = true;

    # See man systemd.link, man systemd.netdev, man systemd.network
    matchConfig = {
      # This corresponds to the [MATCH] section
      Name = interface; # Match ethernet interface
    };

    # Static IP + DNS + Gateway
    address = ips;
    gateway = routers;
    dns = nameservers;
    routes = builtins.map (r: {Gateway = r;}) routers;

    # See man systemd.network
    networkConfig = {
      # This corresponds to the [NETWORK] section
      DHCP = "no";

      # IPv6AcceptRA = "no";
      # MulticastDNS = "no";
      # LLMNR = "no";
      # LinkLocalAddressing = "ipv6";
    };

    linkConfig = {
      # This corresponds to the [LINK] section
      # RequiredForOnline = "routable";
      RequiredForOnline =
        if routable
        then "routable"
        else "no"; # Don't make nixos-rebuild wait for systemd-networkd-wait-online.service
    };
  };

  mkStaticNetworkManagerProfile = {
    id,
    interface,
    ip,
    router,
    nameserver ? "8.8.8.8;8.8.4.4;",
    autoconnect ? true,
    priority ? 0,
  }: {
    connection = {
      inherit id autoconnect;
      autoconnect-priority = "${builtins.toString priority}";
      type = "ethernet";
      interface-name = interface;
    };

    ipv4 = {
      method = "manual";
      addresses = ip;
      gateway = router;
      dns = nameserver;
    };

    ipv6 = {
      method = "disabled";
    };
  };
}