nix/hosts/prefect/networking.nix

{lib, pkgs, ...}: {
  networking = {
    hostName = "prefect";
    nameservers = lib.mkForce [
      "172.20.0.53"
      "172.23.0.53"
      "fd42:d42:d42:53::1"
      "fd42:d42:d42:54::1"
      "2a01:4ff:ff00::add:2"
      "2a01:4ff:ff00::add:1"
      "185.12.64.1"
      "185.12.64.2"
      "100.123.15.72"
    ];
    resolvconf.extraConfig = ''
      name_servers="172.20.0.53 172.23.0.53 fd42:d42:d42:53::1 fd42:d42:d42:54::1 2a01:4ff:ff00::add:2 2a01:4ff:ff00::add:1 185.12.64.1 185.12.64.2 100.64.0.3 45.11.45.11"
      # name_servers="100.64.0.3"
    '';
    interfaces.enp1s0 = {
      ipv6.addresses = [
        {
          address = "2a01:4ff:f0:98bf::1";
          prefixLength = 64;
        }
      ];
    };
    defaultGateway6 = {
      address = "fe80::1";
      interface = "enp1s0";
    };
    # wireguard = {
    #   enable = true;
    #   interfaces = {
    #     wg0 = {
    #       privateKeyFile = "/run/agenix/dn42-privkey";
    #       listenPort = 480;
    #       allowedIPsAsRoutes = false;
    #       peers = [
    #         {
    #           publicKey = "wW5iNQcNa9VphZWicMdc8k7lJbVrXPMtzmWsHBwPqE0=";
    #           persistentKeepalive = 15;
    #           dynamicEndpointRefreshSeconds = 5;
    #           allowedIPs = [
    #             "172.20.43.96/27"
    #             "172.20.0.0/24"
    #             "172.21.0.0/24"
    #             "172.22.0.0/24"
    #             "172.23.0.0/24"
    #             "172.20.0.0/14"
    #             "10.100.0.0/14"
    #             "10.127.0.0/16"
    #             "10.0.0.0/8"
    #             "172.31.0.0/16"
    #           ];
    #         }
    #       ];
    #       postSetup = ''
    #         ${pkgs.iproute}/bin/ip addr add 172.20.43.96/32 peer 172.20.43.97/32 dev wg0
    #         ${pkgs.iproute}/bin/ip -6 addr add fe80::1/64 peer fe80::2/64 dev wg0
    #         # ${pkgs.iproute}/bin/ip route del default dev wg0
    #       '';
    #     };
    #   };
    # };
  };
}