From 267cb91ee8866a636b9ad4ed9f03d3c7866f496b Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Sun, 29 Dec 2024 04:12:40 -0600
Subject: [PATCH] static lacp bond for 10g interfaces

---
 nixos/hosts/shadowfax/default.nix     |  7 ----
 nixos/profiles/global.nix             |  1 -
 nixos/profiles/hw-threadripperpro.nix | 48 ++++++++++++++++++++++++++-
 3 files changed, 47 insertions(+), 9 deletions(-)

diff --git a/nixos/hosts/shadowfax/default.nix b/nixos/hosts/shadowfax/default.nix
index 38cd09c..5a2ef65 100644
--- a/nixos/hosts/shadowfax/default.nix
+++ b/nixos/hosts/shadowfax/default.nix
@@ -53,13 +53,6 @@ in
   networking = {
     hostName = "shadowfax";
     hostId = "a885fabe";
-    useDHCP = false; # needed for bridge
-    networkmanager.enable = true;
-    firewall.enable = false;
-    interfaces = {
-      "enp36s0f0".useDHCP = true;
-      "enp36s0f1".useDHCP = false;
-    };
   };
 
   # Home Manager
diff --git a/nixos/profiles/global.nix b/nixos/profiles/global.nix
index 9021418..02a4b74 100644
--- a/nixos/profiles/global.nix
+++ b/nixos/profiles/global.nix
@@ -40,7 +40,6 @@ with lib;
       smartmontools
     ];
 
-    networking.useDHCP = lib.mkDefault true;
     networking.domain = config.mySystem.domain;
   };
 
diff --git a/nixos/profiles/hw-threadripperpro.nix b/nixos/profiles/hw-threadripperpro.nix
index c43bd6e..c175873 100644
--- a/nixos/profiles/hw-threadripperpro.nix
+++ b/nixos/profiles/hw-threadripperpro.nix
@@ -23,6 +23,52 @@
     security.wheelNeedsSudoPassword = false;
   };
 
-  networking.useDHCP = lib.mkDefault true;
+  systemd.network = {
+    enable = true;
+    # Create bond0 device
+    netdevs = {
+      "10-bond0" = {
+        netdevConfig = {
+          Kind = "bond";
+          Name = "bond0";
+        };
+        bondConfig = {
+          Mode = "802.3ad";
+          TransmitHashPolicy = "layer3+4";
+          LACPTransmitRate = "fast";
+          MIIMonitorSec = "100ms";
+        };
+      };
+    };
+    # Attach nics to bond0
+    networks = {
+      "30-enp36s0f0" = {
+        matchConfig.Name = "enp36s0f0";
+        networkConfig.Bond = "bond0";
+      };
+      "30-enp36s0f1" = {
+        matchConfig.Name = "enp36s0f1";
+        networkConfig.Bond = "bond0";
+      };
+      "40-bond0" = {
+        matchConfig.Name = "bond0";
+        address = [ "10.1.1.61/24" ];
+        routes = [
+          { Gateway = "10.1.1.1"; }
+        ];
+        networkConfig = {
+          LinkLocalAddressing = "no";
+          DNS = "10.1.1.1";
+          Domains = "hsn.internal";
+        };
+        linkConfig.RequiredForOnline = "routable";
+      };
+    };
+  };
+
+  networking = {
+    useDHCP = lib.mkDefault false;
+    nftables.enable = true;
+  };
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }