feat: idols-ai - set ipv6 routes & link-local address

2026-03-22 17:09:02 +01:00 · 2025-06-02 17:28:56 +08:00
parent 34297e2cd6
commit fa2e7ae0a4
2 changed files with 41 additions and 3 deletions
--- a/hosts/idols-ai/default.nix
+++ b/hosts/idols-ai/default.nix
@@ -6,6 +6,11 @@
 #############################################################
 let
  hostName = "ai"; # Define your hostname.
+
+  inherit (myvars.networking) defaultGateway defaultGateway6 nameservers;
+  inherit (myvars.networking.hostsAddr.${hostName}) iface ipv4 ipv6;
+  ipv4WithMask = "${ipv4}/24";
+  ipv6WithMask = "${ipv6}/64";
 in {
  imports = [
    ./netdev-mount.nix
@@ -19,13 +24,38 @@ in {

  networking = {
    inherit hostName;
-    inherit (myvars.networking) defaultGateway nameservers;
-    inherit (myvars.networking.hostsInterface.${hostName}) interfaces;

-    # desktop need its cli for status bar
+    # desktop need its cli for status bar & wifi network.
    networkmanager.enable = true;
  };

+  networking.useNetworkd = true;
+  systemd.network.enable = true;
+
+  # Add ipv4 address to the bridge.
+  systemd.network.networks."10-${iface}" = {
+    matchConfig.Name = [iface];
+    networkConfig = {
+      DHCP = "ipv6"; # enable DHCPv6 only, so we can get a GUA.
+      Address = [ipv4WithMask ipv6WithMask];
+      DNS = nameservers;
+      IPv6AcceptRA = true;
+      LinkLocalAddressing = "ipv6";
+    };
+    routes = [
+      {
+        Destination = "0.0.0.0/0";
+        Gateway = defaultGateway;
+      }
+      {
+        Destination = "::/0";
+        Gateway = defaultGateway6;
+        GatewayOnLink = true; # it's a gateway on local link.
+      }
+    ];
+    linkConfig.RequiredForOnline = "routable";
+  };
+
  # conflict with feature: containerd-snapshotter
  # virtualisation.docker.storageDriver = "btrfs";

--- a/vars/networking.nix
+++ b/vars/networking.nix
@@ -1,11 +1,17 @@
 {lib}: rec {
  mainGateway = "192.168.5.1"; # main router
+  mainGateway6 = "fe80::5"; # main router's link-local address
  # use suzi as the default gateway
  # it's a subrouter with a transparent proxy
  defaultGateway = "192.168.5.178";
+  defaultGateway6 = "fe80::8";
  nameservers = [
+    # IPv4
    "119.29.29.29" # DNSPod
    "223.5.5.5" # AliDNS
+    # IPv6
+    "2400:3200::1" # Alidns
+    "2606:4700:4700::1111" # Cloudflare
  ];
  prefixLength = 24;

@@ -33,6 +39,7 @@
      # Desktop PC
      iface = "enp5s0";
      ipv4 = "192.168.5.100";
+      ipv6 = "fe80::10"; # Link-local Address
    };
    aquamarine = {
      # VM
@@ -79,6 +86,7 @@
    suzi = {
      iface = "enp2s0"; # fake iface, it's not used by the host
      ipv4 = "192.168.5.178";
+      ipv6 = "fe80::8"; # Link-local Address, can be used as default gateway
    };
    mitsuha = {
      iface = "enp2s0"; # fake iface, it's not used by the host