From 0aeae6ffcd682696883713a13c8237b152fcec7d Mon Sep 17 00:00:00 2001 From: Steffen Date: Sun, 18 Jan 2026 17:12:40 +0100 Subject: [PATCH] ipv6 stack enabled --- configuration.nix | 76 +++++++++++++++++++++++------------------------ 1 file changed, 38 insertions(+), 38 deletions(-) diff --git a/configuration.nix b/configuration.nix index 4e5b245..43f0ad6 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,7 +1,3 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - { config, lib, pkgs, ... }: { @@ -31,53 +27,63 @@ boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - # Enable IP forwarding for NAT (used in wireguard.nix) and load specific modules. + # --- KERNEL NETWORK CONFIGURATION --- + # CRITICAL FOR DOCKER + IPV6 + # 1. Enable Forwarding (Required for Docker) + # 2. Force Accept RA = 2 (Required to get IPv6 address even if forwarding is on) boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; "net.ipv6.conf.all.forwarding" = 1; - }; + "net.ipv6.conf.all.accept_ra" = 2; + "net.ipv6.conf.default.accept_ra" = 2; + "net.ipv6.conf.${lib.head config.vars.interfaces}.accept_ra" = 2; + }; + boot.kernelModules = [ "rbd" "nbd" ]; hardware.bluetooth.enable = true; hardware.bluetooth.settings = { - General = { - Experimental = true; - }; + General = { + Experimental = true; + }; }; - - networking.hostName = config.vars.hostname; - networking.hostId = config.vars.hostid; networking = { + hostName = config.vars.hostname; + hostId = config.vars.hostid; + + # Enable IPv6 Stack + enableIPv6 = true; + interfaces = let primaryInterface = lib.head config.vars.interfaces; secondaryInterfaces = lib.tail config.vars.interfaces; in lib.foldr (name: acc: acc // { + # Secondary interfaces can keep using DHCP ${name}.useDHCP = true; }) ( - { ${primaryInterface}.ipv4.addresses = [{ - address = config.vars.local_ip; - prefixLength = 24; - }]; + { ${primaryInterface} = { + # PRIMARY INTERFACE: STATIC IPV4 ONLY + ipv4.addresses = [{ + address = config.vars.local_ip; + prefixLength = 24; + }]; + + }; } ) secondaryInterfaces; - }; - networking.defaultGateway = { - address = "192.168.178.1"; - interface = lib.head config.vars.interfaces; # Sticking with the primary interface + defaultGateway = { + address = "192.168.178.1"; + interface = lib.head config.vars.interfaces; + }; + nameservers = [ "192.168.178.10" "9.9.9.9" ]; }; - networking.nameservers = [ "192.168.178.10" "9.9.9.9" ]; # Set your time zone. time.timeZone = "Europe/Berlin"; - # services.localtimed.enable = true; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Enable the X11 windowing system. services.xserver.enable = false; @@ -98,8 +104,7 @@ # Allow unfree software and packages nixpkgs.config.allowUnfree = true; - # List packages installed in system profile. To search, run: - # $ nix search wget + # List packages installed in system profile. environment.systemPackages = with pkgs; [ wget htop @@ -111,19 +116,14 @@ fzf ]; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. + # Firewall settings + # Your firewall is DISABLED, so we don't need to manually add allowedUDPPorts for DHCPv6. networking.firewall.enable = false; - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. + # Copy the NixOS configuration file system.copySystemConfiguration = true; # DO NOT TOUCH!!!!!!!!!!!!!!!!!!!!!!!!!! - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = config.vars.stateVersion; # Set via host-specific vars.nix - # DO NOT TOUCH!!!!!!!!!!!!!!!!!!!!!!!!!! + system.stateVersion = config.vars.stateVersion; + # DO NOT TOUCH!!!!!!!!!!!!!!!!!!!!!!!!!! }