modules/common/networking.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35

{ config, lib, pkgs, ... }:

{
  networking = {
    usePredictableInterfaceNames = false;
    enableIPv6 = true;
    tempAddresses = "disabled";
    interfaces.eth0.useDHCP = true;
    nameservers = [ "1.1.1.1" "8.8.8.8" ];

    dhcpcd.extraConfig = ''
      nohook resolv.conf
    '';
  };

  systemd.services = {
    "netns@" = {
      description = "%I network namespace";
      # Delay network.target until this unit has finished starting up.
      before = [ "network.target" ];
      serviceConfig = {
        Type = "oneshot";
        RemainAfterExit = true;
        PrivateNetwork = true;
        ExecStart = "${pkgs.writers.writeDash "netns-up" ''
          ${pkgs.iproute}/bin/ip netns add $1
          ${pkgs.utillinux}/bin/umount /var/run/netns/$1
          ${pkgs.utillinux}/bin/mount --bind /proc/self/ns/net /var/run/netns/$1
        ''} %I";
        ExecStop = "${pkgs.iproute}/bin/ip netns del %I";
        PrivateMounts = false;
      };
    };
  };
}