CHANGES: NetworkManager to systemd-networkd

hosts/terre-neuvas/configuration.nix

@@ -20,7 +20,6 @@
   boot.loader.efi.canTouchEfiVariables = true;
 
   networking.hostName = "terre-neuvas"; # Define your hostname.
-  networking.networkmanager.enable = true;
 
   # Configure keymap in X11
   services.xserver.xkb = {
@@ -33,7 +32,7 @@
 
   users.users.lomig = {
     isNormalUser = true;
-    extraGroups = ["networkmanager" "lp" "wheel" "docker" ];
+    extraGroups = [ "lp" "wheel" "docker" ];
     shell = pkgs.zsh;
   };
 
@@ -50,8 +49,40 @@
      hugo
   ];
   networking = {
-    firewall.allowedTCPPorts = [ 80 5900 5901 5902 ];
+    useNetworkd = true ;
+    firewall.allowedTCPPorts = [ 22 80 5900 5901 5902 ];
+    interfaces.eno1.useDHCP = false ;
+    interfaces.br0 = {
+      useDHCP = false ;
+      ipv4.addresses = [
+        {
+          address = "192.168.0.3";
+          prefixLength = 24 ;
+        }
+      ];
+    };
+    defaultGateway = {
+      interface = "br0" ;
+      address = "192.168.0.254" ;
+    };
+    nameservers = [ "192.168.0.254" "1.1.1.1" ];
     bridges.br0.interfaces = [ "eno1" ];
   };
+  systemd.network = {
+    enable = true ;
+    netdevs."br0" = {
+      netdevConfig = {
+        Name = "br0";
+        Kind = "bridge";
+      };
+    };
+    networks."br0" = {
+      matchConfig.Name = "br0" ;
+    };
+    networks."eno1" = {
+      matchConfig.Name = "eno1";
+      networkConfig.Bridge = "br0";
+    };
+  };
   system.stateVersion = "25.05"; # Did you read the comment?
 }

hosts/terre-neuvas/hardware.nix

@@ -10,7 +10,7 @@
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.kernelModules = lib.mkAfter [ "kvm-intel" "tun" ];
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =
@@ -37,7 +37,7 @@
   # (the default) this is the recommended approach. When using systemd-networkd it's
   # still possible to use this option, but it's recommended to use it in conjunction
   # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
+  # networking.useDHCP = lib.mkDefault true;
   # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
   # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
 

modules/common/networking.nix

@@ -1,8 +1,7 @@
 _: {
   networking = {
-    networkmanager.enable = true;
     nameservers = ["1.1.1.1" "8.8.8.8"];
-    dhcpcd.extraConfig = "nohook resolv.conf";
+#    dhcpcd.extraConfig = "nohook resolv.conf";
     firewall.enable = true;
     interfaces.enp11s0.wakeOnLan.enable = true ;
   };

modules/common/qemu.nix

@@ -28,14 +28,6 @@
   };
 
   users.users.lomig.extraGroups = ["libvirtd" "kvm" "input"];
-  networking = {
-    useDHCP = false;
-  };
-
-  systemd.network.networks."10-br0" = {
-    matchConfig.Name = "br0";
-    networkConfig.DHCP = "yes";
-  };
 
   environment.etc."qemu/bridge.conf".text = ''
     allow br0

modules/sites/levr.porzh.me.nix

@@ -42,8 +42,8 @@
 # -----------------------------------------------------------------
 # 3️⃣ Ouverture du firewall (ports 80 et 443)
 # -----------------------------------------------------------------
-  networking.firewall.allowedTCPPorts = [
+#  networking.firewall.allowedTCPPorts = [
-    80   # HTTP (pour la redirection ACME)
+#    80   # HTTP (pour la redirection ACME)
-      443  # HTTPS (site final)
+#      443  # HTTPS (site final)
-  ];
+#  ];
 }

profiles/server-selfhosted.nix

@@ -2,7 +2,6 @@
   imports = [
     ../modules/roles/server.nix
     ../modules/common/base.nix
-    ../modules/common/networking.nix
     ../modules/common/qemu.nix
     ../modules/services/printing.nix
 #    ../modules/services/goaccess.nix