infrastructure/machines/nixos/bridge01/network.nix

# SPDX-FileCopyrightText: 2024 Lubin Bailly <lubin.bailly@dgnum.eu>
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2

{
  pkgs,
  utils,
  lib,
  ...
}:
let
  inherit (lib)
    getExe'
    ;
in
{
  networking = {
    useNetworkd = true;
    useDHCP = false;

    nftables.enable = true;
    firewall.allowedUDPPorts = [ 67 ];
  };

  systemd = {
    services."arp-resolve-router" = {
      wantedBy = [ "systemd-networkd.service" ];
      after = [ "systemd-networkd-wait-online.service" ];
      bindsTo = [ "systemd-networkd-wait-online.service" ];
      serviceConfig.ExecStart = utils.escapeSystemdExecArgs [
        (getExe' pkgs.iputils "ping")
        "-c"
        1
        "10.120.33.245"
      ];

    };
    network = {
      wait-online.anyInterface = true;
      networks = {
        "10-enp1s0f0" = {
          name = "enp1s0f0";
          # description = "To the switch";
          networkConfig = {
            VLAN = [
              "vlan-admin"
            ];

            LinkLocalAddressing = false;
            LLDP = false;
            EmitLLDP = false;
            IPv6AcceptRA = false;
            IPv6SendRA = false;
          };
        };

        "10-eno1" = {
          name = "eno1";
          # description = "Uplink cri";
          address = [
            "10.120.33.246/30"
            "129.199.195.158/32"
          ];
          routes = [
            {
              PreferredSource = "129.199.195.158";
              Gateway = "10.120.33.245";
            }
          ];
        };

        "10-vlan-admin" = {
          name = "vlan-admin";
          # DHCP for the BMC
          networkConfig.DHCPServer = "yes";

          dhcpServerConfig = {
            PoolOffset = 128;
            EmitDNS = false;
            EmitNTP = false;
            EmitSIP = false;
            EmitPOP3 = false;
            EmitSMTP = false;
            EmitLPR = false;
            UplinkInterface = ":none";
          };

          address = [
            "fd26:baf9:d250:8000::ffff/64"
            "192.168.222.1/24"
          ];
        };
      };

      netdevs = {
        "10-vlan-admin" = {
          netdevConfig = {
            Name = "vlan-admin";
            Kind = "vlan";
          };
          vlanConfig.Id = 3000;
        };
      };
    };
  };
}