hosts/astatine,hosts/beryllium,hosts/tungsten: Migrate to

systemd-networkd

Policy routing clashed with the fallback dhcp on any interface module
for some unknown reason, therefore wg-clerie is disabled on all of these
devices

hosts/astatine/configuration.nix

@@ -6,6 +6,8 @@
       ./hardware-configuration.nix
     ];
 
+  profiles.clerie.network-fallback-dhcp.enable = true;
+
   boot.kernelParams = [ "console=ttyS0,115200n8" ];
 
   boot.loader.grub.enable = true;
@@ -16,11 +18,15 @@
     terminal_output serial
   ";
 
-  services.wg-clerie = {
+  networking.useDHCP = false;
-    enable = true;
+
-    ipv6s = [ "2a01:4f8:c0c:15f1::8108/128" ];
+  systemd.network.enable = true;
-    ipv4s = [ "10.20.30.108/32" ];
+
-  };
+  #services.wg-clerie = {
+  #  enable = true;
+  #  ipv6s = [ "2a01:4f8:c0c:15f1::8108/128" ];
+  #  ipv4s = [ "10.20.30.108/32" ];
+  #};
 
   clerie.monitoring = {
     enable = true;

hosts/beryllium/configuration.nix

@@ -6,6 +6,8 @@
       ./hardware-configuration.nix
     ];
 
+  profiles.clerie.network-fallback-dhcp.enable = true;
+
   boot.kernelParams = [ "console=ttyS0,115200n8" ];
 
   boot.loader.grub.enable = true;
@@ -18,42 +20,45 @@
 
   networking.hostName = "beryllium";
 
+  networking.useDHCP = false;
+  systemd.network.enable = true;
+
   networking.firewall.enable = false;
 
-  networking.iproute2.enable = true;
+  #networking.iproute2.enable = true;
-  networking.iproute2.rttablesExtraConfig = ''
+  #networking.iproute2.rttablesExtraConfig = ''
-    200 wg-clerie
+  #  200 wg-clerie
-  '';
+  #'';
 
-  petabyte.policyrouting = {
+  #petabyte.policyrouting = {
-    enable = true;
+  #  enable = true;
-    rules6 = [
+  #  rules6 = [
-      { rule = "from 2a01:4f8:c0c:15f1::8107/128 lookup wg-clerie"; prio = 20000; }
+  #    { rule = "from 2a01:4f8:c0c:15f1::8107/128 lookup wg-clerie"; prio = 20000; }
-      { rule = "from 2a01:4f8:c0c:15f1::8107/128 unreachable"; prio = 20001; }
+  #    { rule = "from 2a01:4f8:c0c:15f1::8107/128 unreachable"; prio = 20001; }
-    ];
+  #  ];
-    rules4 = [
+  #  rules4 = [
-      { rule = "from 10.20.30.107/32 lookup wg-clerie"; prio = 20000; }
+  #    { rule = "from 10.20.30.107/32 lookup wg-clerie"; prio = 20000; }
-      { rule = "from 10.20.30.107/32 unreachable"; prio = 20001; }
+  #    { rule = "from 10.20.30.107/32 unreachable"; prio = 20001; }
-    ];
+  #  ];
-  };
+  #};
 
 
-  networking.wireguard.enable = true;
+  #networking.wireguard.enable = true;
-  networking.wireguard.interfaces = {
+  #networking.wireguard.interfaces = {
-    wg-clerie = {
+  #  wg-clerie = {
-      ips = [ "2a01:4f8:c0c:15f1::8107/128" "10.20.30.107/32" ];
+  #    ips = [ "2a01:4f8:c0c:15f1::8107/128" "10.20.30.107/32" ];
-      table = "wg-clerie";
+  #    table = "wg-clerie";
-      peers = [
+  #    peers = [
-        {
+  #      {
-          endpoint = "vpn.clerie.de:51820";
+  #        endpoint = "vpn.clerie.de:51820";
-          persistentKeepalive = 25;
+  #        persistentKeepalive = 25;
-          allowedIPs = [ "0.0.0.0/0" "::/0" "10.20.30.0/24" "2a01:4f8:c0c:15f1::/113" ];
+  #        allowedIPs = [ "0.0.0.0/0" "::/0" "10.20.30.0/24" "2a01:4f8:c0c:15f1::/113" ];
-          publicKey = "2p1Jqs3bkXbXHFWE6vp1yxHIFoUaZQEARS2nJzbkuBA=";
+  #        publicKey = "2p1Jqs3bkXbXHFWE6vp1yxHIFoUaZQEARS2nJzbkuBA=";
-        }
+  #      }
-      ];
+  #    ];
-      privateKeyFile = "/var/src/secrets/wireguard/wg-clerie";
+  #    privateKeyFile = "/var/src/secrets/wireguard/wg-clerie";
-    };
+  #  };
-  };
+  #};
 
   clerie.monitoring = {
     enable = true;

hosts/tungsten/configuration.nix

@@ -6,6 +6,8 @@
       ./hardware-configuration.nix
     ];
 
+  profiles.clerie.network-fallback-dhcp.enable = true;
+
   boot.kernelParams = [ "console=ttyS0,115200n8" ];
 
   boot.loader.grub.enable = true;
@@ -16,14 +18,16 @@
     terminal_output serial
   ";
 
+  networking.useDHCP = false;
+  systemd.network.enable = true;
 
   networking.hostName = "tungsten";
 
-  services.wg-clerie = {
+  #services.wg-clerie = {
-    enable = true;
+  #  enable = true;
-    ipv6s = [ "2a01:4f8:c0c:15f1::8112/128" ];
+  #  ipv6s = [ "2a01:4f8:c0c:15f1::8112/128" ];
-    ipv4s = [ "10.20.30.112/32" ];
+  #  ipv4s = [ "10.20.30.112/32" ];
-  };
+  #};
 
   clerie.monitoring = {
     enable = true;

profiles/default.nix

@@ -8,6 +8,7 @@
     ./hetzner-cloud
     ./mercury-vm
     ./netcup
+    ./network-fallback-dhcp
   ];
 
 }

profiles/network-fallback-dhcp/default.nix

@@ -0,0 +1,22 @@
+{ config, lib, ... }:
+
+with lib;
+
+{
+
+  options.profiles.clerie.network-fallback-dhcp = {
+    enable = mkEnableOption "Profile for systemd-network falling back to DHCP on all interfaces";
+  };
+
+  config = mkIf config.profiles.clerie.network-fallback-dhcp.enable {
+
+    systemd.network.wait-online.anyInterface = true;
+
+    systemd.network.networks."90-lan-dhcp" = {
+      matchConfig.Type = "ether";
+      networkConfig.DHCP = true;
+      linkConfig.RequiredForOnline = "routable";
+    };
+
+  };
+}