{ pkgs, lib, ... }: with lib; { imports = [ ./dsl.nix ./bifrost ./dhcp ]; config = { networking = { hostName = "vidhar"; domain = "yggdrasil"; search = [ "yggdrasil" ]; useDHCP = false; useNetworkd = true; interfaces."lan" = { ipv4.addresses = [ { address = "10.141.0.1"; prefixLength = 24; } ]; }; interfaces."mgmt" = { ipv4.addresses = [ { address = "10.141.1.1"; prefixLength = 24; } ]; }; interfaces."wifibh" = { ipv4.addresses = [ { address = "10.141.2.1"; prefixLength = 24; } ]; }; vlans = { mgmt = { id = 2; interface = "eno2"; }; lan = { id = 3; interface = "eno2"; }; wifibh = { id = 4; interface = "eno2"; }; printer = { id = 5; interface = "eno2"; }; modem = { id = 6; interface = "eno2"; }; }; firewall.enable = false; nftables = { enable = true; rulesetFile = ./ruleset.nft; }; resolvconf = { enable = true; useLocalResolver = true; }; }; services.resolved.enable = false; systemd.services."systemd-networkd-wait-online".enable = mkForce false; environment.etc."dnssec-trust-anchors.d/root.positive".source = "${pkgs.dns-root-data}/root.ds"; systemd.network.networks = { "eno1" = { matchConfig.Name = "eno1"; linkConfig = { ActivationPolicy = "down"; }; }; "eno2" = { matchConfig.Name = "eno2"; networkConfig.LinkLocalAddressing = "no"; }; }; services.nfs.server = { enable = true; createMountPoints = true; statdPort = 4000; lockdPort = 4001; mountdPort = 4002; extraNfsdConfig = '' vers3=off ''; exports = '' /srv/nfs 10.141.0.0/24(ro,async,root_squash,fsid=0) 2a03:4000:52:ada:1::/80(ro,async,root_squash,fsid=0) /srv/nfs/nix-store 10.141.0.0/24(ro,async,root_squash) 2a03:4000:52:ada:1::/80(ro,async,root_squash) ''; }; fileSystems = { "/srv/nfs/nix-store" = { device = "/nix/store"; options = [ "bind" ]; }; }; }; }