meta: Add options for networking module

Now it's possible to use the system without mullvad vpn.
2025-01-09 15:38:12 +01:00 · 2024-04-04 05:28:50 -04:00 · 2024-04-04 05:28:50 -04:00 · 3da9c62869
commit 3da9c62869
parent ecb2463ee7
2 changed files with 63 additions and 35 deletions
--- a/flake.nix
+++ b/flake.nix
@ -57,10 +57,16 @@
            home-manager.sharedModules = builtins.attrValues self.homeManagerModules;
            environment.systemPackages = builtins.attrValues self.packages.x86_64-linux;

-            modules.hardware = {
-              disableLaptopKeyboard = true;
-              lidIgnore = true;
-              powerIgnore = true;
+            modules = {
+              hardware = {
+                disableLaptopKeyboard = true;
+                lidIgnore = true;
+                powerIgnore = true;
+              };
+
+              networking = {
+                mullvad = true;
+              };
            };
          }
        ];
--- a/modules/networking.nix
+++ b/modules/networking.nix
@ -1,40 +1,62 @@
+{ config, lib, ... }:
+
+let
+  inherit (lib) mkEnableOption mkOption mkIf;
+  inherit (lib.types) string;
+
+  cfg = config.modules.networking;
+in
 {
-  networking = {
-    hostName = "nixos";
+  options.modules.networking = {
+    mullvad = mkEnableOption "mullvad vpn";

-    networkmanager = {
-      enable = true;
-      wifi.macAddress = "random";
-      ethernet.macAddress = "random";
-
-      unmanaged = [ "interface-name:ve-*" ];
+    hostName = mkOption {
+      type = string;
+      default = "nixos";
    };

-    useHostResolvConf = true;
-
-    resolvconf.enable = false;
-
-    nat = {
-      enable = true;
-      internalInterfaces = [ "ve-+" ];
-      externalInterface = "wg-mullvad";
-    };
-
-    firewall = {
-      allowedUDPPorts = [
-        5029
-      ];
-
-      allowedTCPPorts = [
-        1111
-      ];
-    };
+    allowSRB2Port = mkEnableOption "port for srb2";
+    allowZolaPort = mkEnableOption "port for zola";
  };

-  services.resolved.llmnr = "false";
+  config = with cfg; {
+    networking = {
+      inherit hostName;

-  services.mullvad-vpn = {
-    enable = true;
-    enableExcludeWrapper = false;
+      networkmanager = {
+        enable = true;
+        wifi.macAddress = "random";
+        ethernet.macAddress = "random";
+
+        unmanaged = [ "interface-name:ve-*" ];
+      };
+
+      useHostResolvConf = true;
+
+      resolvconf.enable = mkIf mullvad false;
+
+      nat = mkIf mullvad {
+        enable = true;
+        internalInterfaces = [ "ve-+" ];
+        externalInterface = "wg-mullvad";
+      };
+
+      firewall = {
+        allowedUDPPorts = mkIf allowSRB2Port [
+          5029
+        ];
+
+        allowedTCPPorts = mkIf allowZolaPort [
+          1111
+        ];
+      };
+    };
+
+    services.resolved.llmnr = "false";
+
+    services.mullvad-vpn = mkIf mullvad {
+      enable = true;
+      enableExcludeWrapper = false;
+    };
  };
 }