Declarative networkmanager + fix container DNS properly this time

2025-01-06 14:29:41 -07:00 · 2025-01-06 14:29:41 -07:00 · 9ee785acfe
commit 9ee785acfe
parent 426a2d5814
5 changed files with 44 additions and 5 deletions
--- a/home-manager/config/default.nix
+++ b/home-manager/config/default.nix
@ -20,4 +20,4 @@
        ./vscode.nix
        ./zed.nix
    ];
-}
+}
--- a/hosts/laptop-server/config/networking.nix
+++ b/hosts/laptop-server/config/networking.nix
@ -10,7 +10,41 @@
        };

        # Enable NetworkManager
-        networkmanager.enable = true;
+        networkmanager = {
+            enable = true;
+
+            ensureProfiles = {
+                # secrets.entries = [
+                #     {
+                #         file = "/run/";
+                #     }
+                # ];
+
+                profiles = {
+                    eduroam = {
+                        "802-1x" = {
+                            eap = "peap;";
+                            identity = "tyler_beckman@mines.edu";
+                            password-flags = "1";
+                            phase2-auth = "mschapv2";
+                        };
+                        connection = {
+                            autoconnect-priority = "99";
+                            id = "eduroam";
+                            permissions = "user:ty:;";
+                            type = "wifi";
+                        };
+                        ipv4.method = "auto";
+                        ipv6.method = "disabled"; # I hate mines IT
+                        wifi = {
+                            mode = "infrastructure";
+                            ssid = "eduroam";
+                        };
+                        wifi-security.key-mgmt = "wpa-eap";
+                    };
+                };
+            };
+        };
    };

    # Tailscale overlay network configuration
@ -20,4 +54,4 @@
        openFirewall = true;
    };
    networking.firewall.trustedInterfaces = [ "tailscale0" ];
-}
+}
--- a/hosts/laptop-server/config/services/jellyfin/default.nix
+++ b/hosts/laptop-server/config/services/jellyfin/default.nix
@ -11,7 +11,7 @@

            # Firewall on the host system is enough + this firewall seems to break networking
            networking.firewall.enable = false;
-            networking.useHostResolvConf = true;
+            networking.resolvconf.enable = false;
        };
        autoStart = true;

--- a/hosts/laptop-server/config/services/jellyseerr/default.nix
+++ b/hosts/laptop-server/config/services/jellyseerr/default.nix
@ -11,7 +11,7 @@

            # Firewall on the host system is enough + this firewall seems to break networking
            networking.firewall.enable = false;
-            networking.useHostResolvConf = true;
+            networking.resolvconf.enable = false;
        };
        autoStart = true;
    };
--- a/hosts/laptop-server/config/services/networking.nix
+++ b/hosts/laptop-server/config/services/networking.nix
@ -25,6 +25,11 @@ in {
            # This appears to be necessary as both having addresses the same seems to cause issues
            hostAddress = "172.30.0.${builtins.toString services.${serviceName}.hostByte}";
            localAddress = "172.30.1.${builtins.toString services.${serviceName}.hostByte}";
+
+            bindMounts."/etc/resolv.conf" = {
+                hostPath = "/etc/resolv.conf";
+                isReadOnly = true;
+            };
        };

        networking = {