idk prolly smt ig

2026-02-21 15:59:08 +01:00
parent 0647d9a8e0
commit de1879b9a0
14 changed files with 151 additions and 666 deletions
--- a/modules/nixos/networking/networks/109-199-104-83.nix
+++ b/modules/nixos/networking/networks/109-199-104-83.nix
@@ -1,6 +1,6 @@
 {
  networking = {
-    useDHCP = false;
+    useNetworkd = true;
    hostName = "109-199-104-83";
    firewall = {
      enable = true;
@@ -8,6 +8,36 @@
      allowedUDPPorts = [80 443];
    };
  };
+
+  # the following is from nixos-bite
+
+  # netif=$(ip -6 route show default | sed -r 's|.*default.+?dev ([a-z0-9]+).*|\1|' | head -n1)
+  # netifx=enx$(ip link show dev "$netif" | grep link/ether | sed -r 's|.*link/ether ([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}).*|\1\2\3\4\5\6|')
+  # netip6=$(ip -6 address show dev "$netif" scope global | sed -z -r 's|.*inet6 ([0-9a-f:]+)/([0-9]+).*|"\1/\2"|')
+  # netgw6=$(ip -6 route show dev "$netif" default | sed -r 's|.*default.+?via ([0-9a-f:]+).*|"\1"|' | head -n1)
+  # netip4=$(ip -4 address show dev "$netif" scope global | sed -z -r 's|.*inet ([0-9.]+)/([0-9]+).*|"\1/\2"|')
+  # netgw4=$(ip -4 route show dev "$netif" default | sed -r 's|.*default.+?via ([0-9.]+).*|"\1"|' | head -n1)
+
+  # route=""
+  # [[ -n "${netgw4}" ]] && route="$route { Gateway = $netgw4; GatewayOnLink = true; }"
+  # [[ -n "${netgw6}" ]] && route="$route { Gateway = $netgw6; }"
+
+  # dns='"2620:fe::fe" "9.9.9.9"'
+
+  #  systemd.network = {
+  #    enable = true;
+  #    networks."40-wan" = {
+  #      matchConfig.name = "enx0050565f4fff";
+  #      address = ["2a02:c207:2299:8419::1/64" "109.199.104.83/20"];
+  #      routes = [
+  #        {
+  #          Gateway = ["109.199.96.1" "fe80::1"];
+  #          GatewayOnLink = true;
+  #        }
+  #      ];
+  #      dns = ["9.9.9.9" "2620:fe::fe"];
+  #    };
+  #  };
  services.cloud-init = {
    enable = true;
    network.enable = true;
--- a/modules/nixos/phoenix.nix
+++ b/modules/nixos/phoenix.nix
@@ -1,45 +0,0 @@
-{
-  pkgs,
-  config,
-  lib,
-  ...
-}: {
-  options.programs.firefox.phoenix = {
-    enable =
-      lib.mkEnableOption "Enable privacy & security hardening of Firefox using the Phoenix configs"
-      // {
-        default = true;
-      };
-    firefoxPackages = lib.mkOption {
-      type = lib.types.listOf lib.types.str;
-      default = ["firefox"];
-      description = "The name of Firefox packages of current pkgs to patch with phoenix config and policy.";
-    };
-  };
-  config = let
-    cfg = config.programs.firefox.phoenix;
-  in
-    lib.mkIf cfg.enable {
-      assertions = [
-        {
-          assertion = !pkgs.stdenv.isDarwin;
-          message = "Phoenix module has not been ported to nix-darwin yet. Contributions welcomed.";
-        }
-      ];
-      environment.etc."firefox/defaults/pref/phoenix-desktop.js".source = "${pkgs.phoenix}/pref/phoenix-desktop.js";
-      environment.etc."firefox/phoenix/userjs".source = "${pkgs.phoenix}/userjs";
-      environment.etc."firefox/phoenix/configs".source = "${pkgs.phoenix}/configs";
-      environment.etc."firefox/phoenix/assets".source = "${pkgs.phoenix}/assets";
-      programs.firefox.policies =
-        (builtins.fromJSON (builtins.readFile "${pkgs.phoenix}/policies.json")).policies;
-      nixpkgs.overlays = [
-        (import ../../overlays/phoenix.nix)
-        (
-          final: prev:
-            builtins.listToAttrs (
-              map (p: lib.nameValuePair p (final.withPhoenix prev.${p})) cfg.firefoxPackages
-            )
-        )
-      ];
-    };
-}