refactor(hosts/orion): overhaul networking

hosts/orion/modules/networking.nix

@@ -1,56 +1,29 @@
-{ hostname, lib, ... }:
-
-let
-  default-network-cfg =
-    let
-      use-dhcp-dns = "no";
-    in
-    {
-      networkConfig = {
-        DHCP = "yes";
-        MulticastDNS = "yes";
-        IPv6PrivacyExtensions = "yes";
-        IPv6AcceptRA = "yes";
-      };
-      dhcpV4Config = {
-        RouteMetric = 600;
-        UseDNS = use-dhcp-dns;
-      };
-      ipv6AcceptRAConfig = {
-        RouteMetric = 600;
-        UseDNS = use-dhcp-dns;
-      };
-    };
-in
+{ hostname, ... }:
 {
-  systemd.network = {
-    enable = true;
-    networks = lib.attrsets.mapAttrs (name: value: value // default-network-cfg) {
-      "10-wlan".matchConfig.Name = [ "wl*" ];
-      "10-ethernet".matchConfig.name = [
-        "en*"
-        "eth*"
-      ];
-      "10-wwan".matchConfig.name = [ "ww*" ];
-    };
-  };
-
   services.resolved = {
     enable = true;
     domains = [ "~." ];
-    extraConfig = ''
-      DNS=2a07:e340::2#dns.mullvad.net 194.242.2.2#dns.mullvad.net
-      FallbackDNS=1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
-      Cache=yes
-      CacheFromLocalhost=no
-      DNSSEC=no
-      DNSOverTLS=opportunistic
-      MulticastDNS=yes
-    '';
+    dnsovertls = "true";
+    dnssec = "true";
   };
   networking = {
+    wireless.iwd = {
+      enable = true;
+      settings = {
+        Settings = {
+          AutoConnect = true;
+          AlwaysRandomizeAddress = true;
+          Hidden = true;
+        };
+      };
+    };
     hostName = hostname;
-    wireless.iwd.enable = true;
+    nameservers = [
+      "194.242.2.2#dns.mullvad.net"
+      "2a07:e340::2#dns.mullvad.net"
+      "91.239.100.100#anycast.uncensoreddns.org"
+      "2001:67c:28a4::#anycast.uncensoreddns.org"
+    ];
     useNetworkd = true;
   };
 }