From 9c19cdf131377f8e93862578bd0d68b24a934099 Mon Sep 17 00:00:00 2001
From: Nick <nickjhiebert@proton.me>
Date: Thu, 6 Nov 2025 18:20:03 -0600
Subject: [PATCH] fix: unfucked the network

---
 modules/nixos/default.nix           |  4 ++--
 systems/ceres/config/bridge.nix     |  7 -------
 systems/ceres/config/networking.nix | 12 ++++--------
 3 files changed, 6 insertions(+), 17 deletions(-)

diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
index 6ba290d..67f2f85 100755
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@@ -28,7 +28,7 @@ in
           network
           flatpak
           plymouth
-          wireGuard
+          wireguard
           ;
       };
     };
@@ -67,7 +67,7 @@ in
           # vaultwarden
           # website
           # zookeeper
-          wireguard
+          # wireguard - moved to systems/ceres/config/wireguard.nix
           ;
       };
     };
diff --git a/systems/ceres/config/bridge.nix b/systems/ceres/config/bridge.nix
index 78a4c36..cd50a6f 100755
--- a/systems/ceres/config/bridge.nix
+++ b/systems/ceres/config/bridge.nix
@@ -59,13 +59,6 @@
     };
   };
 
-  # Tell NetworkManager to ignore bridge and VM interfaces
-  networking.networkmanager.unmanaged = [
-    "interface-name:br-vms"
-    "interface-name:vm-*"
-    "interface-name:enp10s0"
-  ];
-
   # IP forwarding (needed for both bridge networking and WireGuard NAT)
   boot.kernel.sysctl = {
     "net.ipv4.ip_forward" = 1;
diff --git a/systems/ceres/config/networking.nix b/systems/ceres/config/networking.nix
index d6cd947..9b51c1b 100755
--- a/systems/ceres/config/networking.nix
+++ b/systems/ceres/config/networking.nix
@@ -11,9 +11,11 @@ in
 {
   networking = {
     hostName = ceres.name;
-    networkmanager.enable = true;
+    # NetworkManager disabled - using systemd-networkd for bridge management
+    # Having both enabled causes multiple DHCP leases and IP conflicts
+    networkmanager.enable = false;
     nftables.enable = true;
-    useDHCP = lib.mkDefault true;
+    useDHCP = lib.mkDefault false; # systemd-networkd handles DHCP via bridge
     firewall = {
       enable = true;
       allowedTCPPorts = [
@@ -50,12 +52,6 @@ in
     restartTriggers = lib.mkForce [ ];
   };
 
-  # Prevent NetworkManager from restarting during config changes
-  systemd.services.NetworkManager = {
-    stopIfChanged = false;
-    reloadIfChanged = true;
-  };
-
   services = {
     avahi = {
       enable = true;