bind network interfaces II

.gitignore

@@ -2,3 +2,4 @@ vars.nix
 ssh
 hardware-configuration.nix
 tmp
+result

bond-network.nix

@@ -1,18 +0,0 @@
-{ pkgs, ... }: {
-  boot.kernelModules = [ "bonding" ];
-
-  networking.bonds.bond0 = {
-    interfaces = [ "enp1s0" "enp2s0" ];
-    driverOptions = {
-      mode = "802.3ad";
-      miimon = "100";
-      lacp_rate = "fast";
-      xmit_hash_policy = "layer3+4";
-    };
-  };
-
-  networking.interfaces.enp1s0.useDHCP = false;
-  networking.interfaces.enp2s0.useDHCP = false;
-  networking.interfaces.bond0.useDHCP = true;
-}
-

configuration.nix

@@ -47,40 +47,6 @@
         };
   };
 
-  networking = {
-    hostName = config.vars.hostname;
-    hostId = config.vars.hostid;
-    
-    # Enable IPv6 Stack
-    enableIPv6 = true;
-
-    interfaces = let
-      primaryInterface = lib.head config.vars.interfaces;
-      secondaryInterfaces = lib.tail config.vars.interfaces;
-    in
-    lib.foldr (name: acc: acc // {
-      # Secondary interfaces can keep using DHCP
-      ${name}.useDHCP = true;
-    }) (
-      { ${primaryInterface} = {
-          # PRIMARY INTERFACE: STATIC IPV4 ONLY
-          ipv4.addresses = [{
-            address = config.vars.local_ip;
-            prefixLength = 24;
-          }];
-          
-        };
-      }
-    ) secondaryInterfaces;
-
-    defaultGateway = {
-      address = "192.168.178.1";
-      interface = lib.head config.vars.interfaces;
-    };
-    nameservers = [ "192.168.178.10" "9.9.9.9" ];
-  };
-
-
   # Set your time zone.
   time.timeZone = "Europe/Berlin";
 

gbs-network.nix

@@ -1,14 +0,0 @@
-{ pkgs, ... }: {
-  systemd.services.force-gigabit-speed = {
-    description = "Force 1Gbps link speed on enp1s0";
-    # This service should run before the network is considered "up"
-    wantedBy = [ "network-pre.target" ];
-    before = [ "network-pre.target" ];
-    
-    # The command to execute
-    serviceConfig = {
-      Type = "oneshot";
-      ExecStart = "${pkgs.ethtool}/bin/ethtool -s enp1s0 speed 1000 duplex full autoneg on";
-    };
-  };
-}

network-base.nix

@@ -0,0 +1,57 @@
+{ config, pkgs, lib, ... }:
+
+let
+  # Filter interfaces that have a specific speed set
+  speedInterfaces = lib.filter (i: i.speed != null) config.vars.interfaces;
+  
+  # Find the interface designated as the "primary" (first one with an IP) for the gateway
+  # If none have IPs, we just pick the first interface in the list
+  primaryInterface = lib.findFirst (i: i.ip != null) (lib.head config.vars.interfaces) config.vars.interfaces;
+
+in
+{
+  networking.hostName = config.vars.hostname;
+  networking.hostId = config.vars.hostid;
+  
+  # Global DNS settings
+  networking.nameservers = [ "192.168.178.10" "9.9.9.9" ];
+  
+  # Default Gateway
+  networking.defaultGateway = {
+    address = "192.168.178.1";
+    # interface = primaryInterface.name;
+    interface = "bond0";
+  };
+
+  # 1. Generate Static IP Configurations
+  networking.interfaces = lib.listToAttrs (map (iface: {
+    name = iface.name;
+    value = {
+      # If an IP is provided, use it. Otherwise empty list.
+      ipv4.addresses = if iface.ip != null then [{
+        address = iface.ip;
+        prefixLength = iface.prefixLength;
+      }] else [];
+
+      # Logic: If we have a static IP, disable DHCP. If no IP, enable DHCP.
+      useDHCP = (iface.ip == null);
+    };
+  }) config.vars.interfaces);
+
+
+  # 2. Systemd Service for Link Speed
+  systemd.services.force-interface-speeds = lib.mkIf (speedInterfaces != []) {
+    description = "Force link speed on configured interfaces";
+    wantedBy = [ "network-pre.target" ];
+    before = [ "network-pre.target" ];
+  serviceConfig = {
+    Type = "oneshot";
+    ExecStart = pkgs.writeShellScript "force-interface-speeds" (
+      lib.concatMapStringsSep "\n" (iface: ''
+        ${pkgs.ethtool}/bin/ethtool -s ${iface.name} speed ${toString iface.speed} duplex full autoneg on
+        ${pkgs.ethtool}/bin/ethtool --set-eee ${iface.name} eee off || true
+        '') speedInterfaces
+      );
+    };
+  };
+}

network-bond.nix

@@ -0,0 +1,35 @@
+{ config, lib, pkgs, ... }: 
+
+{
+  boot.kernelModules = [ "bonding" ];
+
+  networking.bonds.bond0 = {
+    interfaces = map (i: i.name) config.vars.interfaces;
+    driverOptions = {
+      mode = "802.3ad";
+      miimon = "100";
+      lacp_rate = "fast";
+      xmit_hash_policy = "layer2+3";
+    };
+  };
+
+  # 1. Generate the physical interfaces config (slaves)
+  # 2. Merge it with the bond0 config
+  networking.interfaces = lib.listToAttrs (map (iface: {
+    name = iface.name;
+    value = {
+      useDHCP = lib.mkForce false;
+      ipv4.addresses = lib.mkForce [];
+    };
+  }) config.vars.interfaces) // {
+    
+    # Bond Interface Configuration
+    bond0 = {
+      useDHCP = false;
+      ipv4.addresses = [{
+        address = "192.168.178.8";
+        prefixLength = 24;
+      }];
+    };
+  };
+}

var_reg.nix

@@ -1,9 +1,40 @@
 { lib, ... }:
 with lib;
+let
+  interfaceSubmodule = types.submodule {
+    options = {
+      name = mkOption {
+        type = types.str;
+        description = "Name of the network interface (e.g., enp1s0)";
+      };
+      ip = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = "Static IP address (optional). If null, no static IP is assigned.";
+      };
+      speed = mkOption {
+        type = types.nullOr types.int;
+        default = null;
+        description = "Link speed in Mbps (optional). If null, auto-negotiation is used.";
+      };
+      prefixLength = mkOption {
+        type = types.int;
+        default = 24;
+        description = "Subnet prefix length (default 24).";
+      };
+    };
+  };
+in
 {
   options.vars = {
     
     # WIREGUARD
+    wg_interface = mkOption {
+      type = types.str;
+    };
+    wg_local_ip = mkOption {
+      type = types.str;
+    };
     wg_adress = mkOption {
       type = types.str;
     };
@@ -46,9 +77,9 @@ with lib;
       type = types.str;
     };
     interfaces = mkOption {
-      type = types.listOf types.str;
+      type = types.listOf interfaceSubmodule;
-    };   
+      default = [];
-    
+    };    
     # KEEPALIVED
     ka_addr_v4 = mkOption {
       type = types.str;

wireguard.nix

@@ -1,8 +1,8 @@
 { config, lib, pkgs, ... }: {
 
   networking.nat.enable = true;
-  networking.nat.externalInterface = lib.head config.vars.interfaces;
+  networking.nat.externalInterface = (lib.head config.vars.interfaces).name;
-  networking.nat.internalInterfaces = [ "wg0" ] ++ config.vars.interfaces;
+  networking.nat.internalInterfaces = [ "wg0" ] ++ (map (i: i.name) config.vars.interfaces);
   
   networking.wg-quick.interfaces = {
     wg0 = {
@@ -11,10 +11,10 @@
       autostart = true;
       postUp = ''
         ${pkgs.procps}/bin/sysctl -w net.ipv4.conf.wg0.rp_filter=2
-        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o wg0 -d ${config.vars.wg_range} -j SNAT --to-source ${config.vars.local_ip}
+        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o wg0 -d ${config.vars.wg_range} -j SNAT --to-source ${config.vars.wg_local_ip}
       '';
       postDown = ''
-        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o wg0 -d ${config.vars.wg_range} -j SNAT --to-source ${config.vars.local_ip}
+        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -o wg0 -d ${config.vars.wg_range} -j SNAT --to-source ${config.vars.wg_local_ip}
       '';
       privateKey = config.vars.wg_privateKey;
       peers = [{