diff --git a/hosts/micronix/default.nix b/hosts/micronix/default.nix index 8d28420..e9f78cc 100644 --- a/hosts/micronix/default.nix +++ b/hosts/micronix/default.nix @@ -9,6 +9,7 @@ ./searxng.nix ./energy.nix ./ssh.nix + ./networking.nix ]; config = { @@ -25,41 +26,6 @@ libinput.enable = true; }; - networking.networkmanager = { - enable = true; - dns = "systemd-resolved"; - ethernet = { - macAddress = "random"; - }; - wifi = { - backend = "iwd"; - macAddress = "random"; - }; - }; - - networking.nameservers = [ - "9.9.9.9#dns.quad9.net" - "149.112.112.112#dns.quad9.net" - "2620:fe::fe#dns.quad9.net" - "2620:fe::9#dns.quad9.net" - ]; - - services.resolved = { - enable = true; - dnssec = "true"; - domains = ["~."]; - fallbackDns = [ - "9.9.9.9#dns.quad9.net" - "149.112.112.112#dns.quad9.net" - "2620:fe::fe#dns.quad9.net" - "2620:fe::9#dns.quad9.net" - ]; - dnsovertls = "true"; - llmnr = "true"; - }; - - networking.firewall.enable = true; - time.timeZone = "America/Montevideo"; i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { diff --git a/hosts/micronix/networking.nix b/hosts/micronix/networking.nix new file mode 100644 index 0000000..5614870 --- /dev/null +++ b/hosts/micronix/networking.nix @@ -0,0 +1,42 @@ +{...}: { + networking = { + networkmanager = { + enable = true; + dns = "systemd-resolved"; + ethernet = { + macAddress = "random"; + }; + wifi = { + backend = "iwd"; + macAddress = "random"; + }; + }; + + nameservers = [ + "9.9.9.9#dns.quad9.net" + "149.112.112.112#dns.quad9.net" + "2620:fe::fe#dns.quad9.net" + "2620:fe::9#dns.quad9.net" + ]; + firewall = { + enable = true; + }; + nftables = { + enable = true; + }; + + services.resolved = { + enable = true; + dnssec = "true"; + domains = ["~."]; + fallbackDns = [ + "9.9.9.9#dns.quad9.net" + "149.112.112.112#dns.quad9.net" + "2620:fe::fe#dns.quad9.net" + "2620:fe::9#dns.quad9.net" + ]; + dnsovertls = "true"; + llmnr = "true"; + }; + }; +}