nixos-server-config/networking.nix

{ config, pkgs, ... }:

{
  networking = {
    hostName = "nixos-server";
    defaultGateway = {
      address = "10.0.20.1";
      interface = "bond0";
    };    
    nameservers = [ "10.0.20.1" ];

    bonds.bond0 = {
      interfaces = [ "enp3s0f0" "enp3s0f1" ];
      driverOptions = {
        mode = "802.3ad";
      };
    };

    interfaces = {
      enp2s0.useDHCP = false;
      bond0 = {
        ipv4.addresses = [ {
          address = "10.0.20.28";
          prefixLength = 24;
        } ];
        ipv6.addresses = [ {
          address = "2001:470:6a49:2a:31ad:b70d:49f4:75f2";
          prefixLength = 128;
        } ];
      };
      internal.useDHCP = true;
    };

    vlans = {
      internal = {
        id = 10;
        interface = "bond0";
      };
    };

  wireguard.interfaces = {
    wg0 = {
      ips = [ "10.0.24.1" ];
      privateKeyFile = "/home/michael/wireguard/privkey";
      listenPort = 45904;
    };
  };

    firewall = {
      enable = true;
      allowPing = true;
      allowedTCPPorts = [
        22  # ssh
      ];
      interfaces = {
        internal = {
          allowedTCPPorts = [
            873  # rsync
            139  # samba
            445  # samba
            2049 # nfs
          ];
          allowedUDPPorts = [
            137 # samba
            138 # samba
          ];
        };
      };
    };

    /*proxy = {
      default = "http://10.0.20.1:8118";
      noProxy = "127.0.0.1,localhost,internal.domain";
    };*/
  };
}