From baba43ea8216132489c321ef3b503f30062a2eef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= Date: Wed, 8 Nov 2023 18:52:09 +0100 Subject: [PATCH] chore: dhcpv6 still not working --- hosts/biolimo/networking.nix | 2 -- hosts/chocolatebar/networking.nix | 3 +- hosts/default.nix | 1 + hosts/droppie/networking.nix | 7 +++-- hosts/pie/dhcpd.nix | 47 +++++++++++++++---------------- hosts/pie/networking.nix | 2 +- modules/default.nix | 1 + modules/wireshark/default.nix | 17 +++++++++++ users/b12f/default.nix | 2 ++ users/b12f/home.nix | 5 ---- 10 files changed, 50 insertions(+), 37 deletions(-) create mode 100644 modules/wireshark/default.nix diff --git a/hosts/biolimo/networking.nix b/hosts/biolimo/networking.nix index 18bb406..fc828ae 100644 --- a/hosts/biolimo/networking.nix +++ b/hosts/biolimo/networking.nix @@ -6,8 +6,6 @@ ... }: { config = { - networking.useDHCP = lib.mkDefault true; - age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-biolimo.age"; pub-solar.wireguard-client = { diff --git a/hosts/chocolatebar/networking.nix b/hosts/chocolatebar/networking.nix index 5bfea46..0064af7 100644 --- a/hosts/chocolatebar/networking.nix +++ b/hosts/chocolatebar/networking.nix @@ -2,11 +2,10 @@ flake, config, pkgs, + lib, ... }: { config = { - networking.useDHCP = lib.mkDefault true; - age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-chocolatebar.age"; pub-solar.wireguard-client = { diff --git a/hosts/default.nix b/hosts/default.nix index 552c60e..d7d4e1b 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -39,6 +39,7 @@ self.nixosModules.printing self.nixosModules.virtualisation self.nixosModules.wireguard-client + self.nixosModules.wireshark ]; }; diff --git a/hosts/droppie/networking.nix b/hosts/droppie/networking.nix index 1e49dfa..7b28885 100644 --- a/hosts/droppie/networking.nix +++ b/hosts/droppie/networking.nix @@ -11,10 +11,11 @@ # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault false; - networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault false; - networking.interfaces.enp2s0f1.useDHCP = lib.mkDefault false; + #networking.useDHCP = true; + #networking.interfaces.enp2s0f0.useDHCP = true; + #networking.interfaces.enp2s0f1.useDHCP = true; + networking.useDHCP = false; networking.interfaces.enp2s0f0 = { ipv4.addresses = [ { address = "192.168.178.3"; prefixLength = 32; } ]; ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 128; } ]; diff --git a/hosts/pie/dhcpd.nix b/hosts/pie/dhcpd.nix index 8da0b55..d9c3350 100644 --- a/hosts/pie/dhcpd.nix +++ b/hosts/pie/dhcpd.nix @@ -1,6 +1,9 @@ { pkgs, adblock-unbound, ... }: { - networking.firewall.allowedUDPPorts = [ 67 ]; + networking.firewall.allowedUDPPorts = [ 67 547 ]; + networking.firewall.extraInputRules = '' + ip6 daddr ff02::1:2/128 udp dport 547 accept comment "DHCPv6 client" + ''; services.kea.dhcp4 = { enable = true; @@ -48,24 +51,20 @@ reservations = [ # Pie should set ip itself { - hostname = "droppie.local"; hw-address = "08:f1:ea:97:0f:0c"; ip-address = "192.168.178.3"; } { - hostname = "brwb8763f64a364.local"; hw-address = "b8:76:3f:64:a3:64"; ip-address = "192.168.178.4"; } - # { - # hostname = "chocolatebar.local"; - # hw-address = "48:a4:72:1d:29:32"; - # ip-address = "192.168.178.5"; - # } { - hostname = "biolimo.local"; - hw-address = "48:a4:72:1d:29:32"; - ip-address = "192.168.178.6"; + hw-address = "04:d9:f5:fa:35:f5"; + ip-address = "192.168.178.5"; + } + { + hw-address = "48:a4:72:1d:29:32"; + ip-address = "192.168.178.6"; } ]; } @@ -97,36 +96,36 @@ subnet = "2a02:908:5b1:e3c0::/64"; pools = [ - { pool = "2a02:908:5b1:e3c0::/64"; } + { pool = "2a02:908:5b1:e3c0::/72"; } ]; + ddns-qualifying-suffix = "local."; + option-data = [ { name = "dns-servers"; - code = 23; - space = "dhcp6"; - csv-format = true; data = "2a02:908:5b1:e3c0:2::"; } + { + name = "domain-search"; + data = "local"; + } ]; reservations = [ { - hostname = "droppie.local"; hw-address = "08:f1:ea:97:0f:0c"; ip-addresses = [ "2a02:908:5b1:e3c0:3::" ]; } - # { - # hostname = "chocolatebar.local"; - # hw-address = "08:f1:ea:97:0f:0c"; - # ip-addresses = [ - # "2a02:908:5b1:e3c0:5::" - # ]; - # } { - hostname = "biolimo.local"; + hw-address = "04:d9:f5:fa:35:f5"; + ip-addresses = [ + "2a02:908:5b1:e3c0:5::" + ]; + } + { hw-address = "48:a4:72:1d:29:32"; ip-addresses = [ "2a02:908:5b1:e3c0:6::" diff --git a/hosts/pie/networking.nix b/hosts/pie/networking.nix index 82131ca..9eae49e 100644 --- a/hosts/pie/networking.nix +++ b/hosts/pie/networking.nix @@ -5,7 +5,7 @@ lib, ... }: { - networking.useDHCP = lib.mkDefault false; + networking.useDHCP = false; networking.hostId = "34234773"; networking.hostName = "pie"; diff --git a/modules/default.nix b/modules/default.nix index 6b1e456..3219541 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -26,6 +26,7 @@ user = import ./user; virtualisation = import ./virtualisation; wireguard-client = import ./wireguard-client; + wireshark = import ./wireshark; base.imports = [ self.nixosModules.home-manager diff --git a/modules/wireshark/default.nix b/modules/wireshark/default.nix new file mode 100644 index 0000000..e04b232 --- /dev/null +++ b/modules/wireshark/default.nix @@ -0,0 +1,17 @@ +{ + config, + pkgs, + lib, + flake, + ... +}: let + psCfg = config.pub-solar; +in { + programs.wireshark.enable = true; + + users.users."${psCfg.user.name}" = { + extraGroups = ["wireshark"]; + + packages = [ pkgs.wireshark ]; + }; +} diff --git a/users/b12f/default.nix b/users/b12f/default.nix index 1f0bc0f..6d423c6 100644 --- a/users/b12f/default.nix +++ b/users/b12f/default.nix @@ -10,6 +10,8 @@ in { imports = [ ./home.nix + ./session-variables.nix + ./concepts-and-training.nix ]; config = { diff --git a/users/b12f/home.nix b/users/b12f/home.nix index 9b194a8..197cd30 100644 --- a/users/b12f/home.nix +++ b/users/b12f/home.nix @@ -9,11 +9,6 @@ with lib; let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; in { - imports = [ - ./session-variables.nix - ./concepts-and-training.nix - ]; - home-manager.users."${psCfg.user.name}" = { programs.ssh = { enable = true;