diff --git a/lib/default.nix b/lib/default.nix index 9195c5a1..9e2abde4 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -30,7 +30,6 @@ modules = [ ../home-manager/${type}.nix ]; }; - # Helper function for generating container configs mkContainer = { hostname, username ? "albert", @@ -40,17 +39,21 @@ type ? "default", repo ? "nixpkgs", unfree ? false, - pkgs ? import inputs.${repo} - { inherit system; config.allowUnfree = unfree; hostPlatform = system; }, + tskey ? null, + pkgs ? import inputs.${repo} + { inherit system; config.allowUnfree = unfree; hostPlatform = system; }, pkgs-unstable ? import inputs.nixpkgs-unstable - {inherit system; config.allowUnfree = unfree; hostPlatform = system; } + { inherit system; config.allowUnfree = unfree; hostPlatform = system; } }: { autoStart = true; - privateNetwork = false; - specialArgs = { inherit pkgs pkgs-unstable hostname username desktop theme system repo unfree stateVersion; }; - config = { lib, config, pkgs, pkgs-unstable, hostname, username, desktop, theme, system, repo, stateVersion, ... }: { + privateNetwork = true; + hostBridge = "br0"; + specialArgs = { inherit pkgs pkgs-unstable hostname username desktop theme system repo unfree stateVersion tskey; }; + config = { lib, config, pkgs, pkgs-unstable, hostname, username, desktop, theme, system, repo, stateVersion, tskey, ... }: { system.stateVersion = stateVersion; - imports = [ ../nixos/containers ]; + imports = [ + ../nixos/containers + ]; }; }; diff --git a/nixos/common/modules/networking.nix b/nixos/common/modules/networking.nix index b0f53eeb..9d2336e5 100644 --- a/nixos/common/modules/networking.nix +++ b/nixos/common/modules/networking.nix @@ -7,16 +7,11 @@ }; useDHCP = lib.mkDefault true; - # enableIPv6 = lib.mkForce false; + enableIPv6 = lib.mkForce false; firewall = { enable = true; allowedTCPPorts = [ ]; allowedUDPPorts = [ ]; }; }; - -# boot.kernel.sysctl = { -# "net.ipv6.conf.all.disable_ipv6" = true; -# }; - } diff --git a/nixos/containers/default.nix b/nixos/containers/default.nix index e8803591..594bd98e 100644 --- a/nixos/containers/default.nix +++ b/nixos/containers/default.nix @@ -1,11 +1,10 @@ { hostname, username, ... }: { - import = [ + imports = [ ./${hostname} ../users/${username} ../common/modules/nixos.nix ../common/modules/networking.nix - ../common/services/tailscale-autoconnect.nix ]; - networking.hostname = "${hostname}"; + networking.hostName = "${hostname}"; } diff --git a/nixos/containers/rdesktop/default.nix b/nixos/containers/rdesktop/default.nix index 7a424730..0faf3f32 100644 --- a/nixos/containers/rdesktop/default.nix +++ b/nixos/containers/rdesktop/default.nix @@ -1,9 +1,8 @@ -{ hostname, username, desktop, ... }: { +{ hostname, username, desktop, tailscalekey, ... }: { imports = [ ../../common/desktops/${desktop} ]; - networking.hostName = "${hostname}"; networking.firewall.allowedTCPPorts = [ 3389 ]; services.xrdp = { diff --git a/nixos/hosts/framework-server/containers.nix b/nixos/hosts/framework-server/containers.nix index e470214b..a58b46dc 100644 --- a/nixos/hosts/framework-server/containers.nix +++ b/nixos/hosts/framework-server/containers.nix @@ -2,7 +2,15 @@ let libx = import ../../../lib {inherit self inputs outputs stateVersion hmStateVersion pkgs-unstable pkgs; }; in { - containers = { - rdesktop = libx.mkContainer { hostname = "rdesktop"; desktop = "xfce"; unfree = true;}; + # TODO: Set up Tailscale key + + # Set up the bridge network: + networking = { + bridges.br0.interfaces = [ "enp0s13f0u4" ]; # nmcli con show | grep Wired\ connection\ 2 + interfaces.br0.useDHCP = true; }; -} + + containers = { + rdesktop = libx.mkContainer { hostname = "rdesktop"; desktop = "xfce"; unfree = true; }; + }; +}