modules/darwin/common: ipv6 config

2024-07-31 15:41:40 +10:00 · 2024-07-31 15:41:40 +10:00 · 9a13e2e3b9
commit 9a13e2e3b9
parent d486e79e48
4 changed files with 29 additions and 7 deletions
--- a/hosts/darwin01/configuration.nix
+++ b/hosts/darwin01/configuration.nix
@ -7,6 +7,8 @@
    inputs.self.darwinModules.community-builder
  ];

+  nixCommunity.darwin.ipv6 = "2a09:9340:808:630::1 64 fe80::1";
+
  nix.settings.sandbox = "relaxed";
  nix.settings.extra-platforms = [ "x86_64-darwin" ];

--- a/hosts/darwin02/configuration.nix
+++ b/hosts/darwin02/configuration.nix
@ -8,6 +8,8 @@
    inputs.self.darwinModules.remote-builder
  ];

+  nixCommunity.darwin.ipv6 = "2a09:9340:808:60b::1 64 fe80::1";
+
  nixCommunity.remote-builder.key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmdo1x1QkRepZf7nSe+OdEWX+wOjkBLF70vX9F+xf68 builder";

  nix.settings.sandbox = "relaxed";
--- a/modules/darwin/common/default.nix
+++ b/modules/darwin/common/default.nix
@ -10,6 +10,7 @@ in
 {
  imports = [
    ./apfs-cleanup.nix
+    ./network.nix
    ./optimise.nix
    ./reboot.nix
    ./telegraf.nix
@ -49,9 +50,6 @@ in

  system.includeUninstaller = false;

-  # disable application layer firewall, telegraf needs an incoming connection
-  system.defaults.alf.globalstate = 0;
-
  # srvos
  environment.etc."ssh/sshd_config.d/darwin.conf".text = ''
    AuthorizedKeysFile none
@ -60,11 +58,7 @@ in
    PasswordAuthentication no
  '';

-  # Make sure to disable netbios on activation
  system.activationScripts.postActivation.text = ''
-    echo disabling netbios... >&2
-    launchctl disable system/netbiosd
-    launchctl unload -w /System/Library/LaunchDaemons/com.apple.netbiosd.plist 2>/dev/null || true
    echo disabling spotlight indexing... >&2
    mdutil -a -i off -d &> /dev/null
    mdutil -a -E &> /dev/null
--- a/modules/darwin/common/network.nix
+++ b/modules/darwin/common/network.nix
@ -0,0 +1,24 @@
+{ config, lib, ... }:
+{
+  options.nixCommunity.darwin.ipv6 = lib.mkOption {
+    type = lib.types.singleLineStr;
+    default = null;
+    description = ''
+      <address> <prefixlength> <router>
+    '';
+  };
+
+  config = {
+    # disable application layer firewall, telegraf needs an incoming connection
+    system.defaults.alf.globalstate = 0;
+
+    # Make sure to disable netbios on activation
+    system.activationScripts.postActivation.text = lib.mkBefore ''
+      echo disabling netbios... >&2
+      launchctl disable system/netbiosd
+      launchctl unload -w /System/Library/LaunchDaemons/com.apple.netbiosd.plist 2>/dev/null || true
+      echo setting ipv6... >&2
+      networksetup -setv6manual Ethernet ${config.nixCommunity.darwin.ipv6}
+    '';
+  };
+}