Refactors and remove irrelevant assertion

options.nix

@@ -16,7 +16,6 @@ let
     types
     ;
 
-  hasStaticGua = cfg.ipv6GuaPrefix != null;
   guaNetwork = parseIpv6Network cfg.ipv6GuaPrefix;
   ulaNetwork = parseIpv6Network cfg.ipv6UlaPrefix;
 in
@@ -37,7 +36,7 @@ in
       type = types.bool;
       default = true;
       description = ''
-        Enable dhcpv6 on the WAN interface.
+        Enable DHCPv6 on the WAN interface.
       '';
     };
 
@@ -139,15 +138,12 @@ in
 
   config = mkIf cfg.enable {
     assertions = [
-      {
-        message = "Cannot set IPv6 GUA prefix and use DHCPv6 on the wan interface";
-        assertion = (cfg.ipv6GuaPrefix != null) != cfg.wanSupportsDHCPv6;
-      }
       {
         # We cannot fit a host's MAC address in an IPv6 address if the network
         # is smaller than a /64.
         message = "ULA and GUA IPv6 network prefix must be greater than or equal to a /64";
-        assertion = (hasStaticGua -> (guaNetwork.prefixLength <= 64)) && (ulaNetwork.prefixLength <= 64);
+        assertion =
+          (cfg.ipv6GuaPrefix != null -> (guaNetwork.prefixLength <= 64)) && (ulaNetwork.prefixLength <= 64);
       }
     ];
 

wan.nix

@@ -1,36 +1,54 @@
 { config, lib, ... }:
 let
-  bogonNetworks = lib.filter (s: s != "") (
-    lib.splitString "\n" (builtins.readFile ./bogon-networks.txt)
-  );
+  inherit (lib)
+    filter
+    mkIf
+    mkMerge
+    optionals
+    splitString
+    ;
+
+  bogonNetworks = filter (s: s != "") (splitString "\n" (builtins.readFile ./bogon-networks.txt));
 
   heCfg = config.router.heTunnelBroker;
   wan6IsHurricaneElectric = heCfg.enable;
 
+  commonDHCP = {
+    UseDNS = false;
+    UseHostname = false;
+  };
+
   wan = {
     name = config.router.wanInterface;
-    DHCP = if (wan6IsHurricaneElectric || !config.router.wanSupportsDHCPv6) then "ipv4" else "yes";
-    networkConfig =
+    DHCP = if wan6IsHurricaneElectric || !config.router.wanSupportsDHCPv6 then "ipv4" else "yes";
+    networkConfig = mkMerge [
       {
         LinkLocalAddressing = if config.router.wanSupportsDHCPv6 then "yes" else "no";
         IPv6AcceptRA = if config.router.wanSupportsDHCPv6 then "yes" else "no";
+
+        # We use our own DNS config in this module, no need to accept search
+        # domain from ISP. This causes UseDomains=no to be set for all client
+        # protocols (DHCPv4, DHCPv6, IPv6RA, etc).
+        UseDomains = false;
       }
-      // (lib.optionalAttrs wan6IsHurricaneElectric {
+      (mkIf wan6IsHurricaneElectric {
         Tunnel = config.systemd.network.netdevs."10-hurricane".netdevConfig.Name;
-      });
-    dhcpV4Config = {
-      UseDNS = false;
-      UseDomains = false;
-      UseHostname = false;
-      UseTimezone = false;
-    };
-    dhcpV6Config = lib.mkIf config.router.wanSupportsDHCPv6 {
-      UseDNS = false;
-      PrefixDelegationHint = "::/${toString config.router.wan6PrefixHint}";
-    };
+      })
+    ];
+    dhcpV4Config = mkMerge [
+      commonDHCP
+      (mkIf (config.time.timeZone != null) { useTimezone = false; })
+    ];
+    dhcpV6Config = (
+      mkIf config.router.wanSupportsDHCPv6 (mkMerge [
+        commonDHCP
+        {
+          PrefixDelegationHint = "::/${toString config.router.wan6PrefixHint}";
+        }
+      ])
+    );
     ipv6AcceptRAConfig = {
       UseDNS = false;
-      UseDomains = false;
     };
     linkConfig = {
       RequiredForOnline = true;
@@ -70,16 +88,20 @@ let
   };
 in
 {
-  config = lib.mkIf config.router.enable {
-    services.avahi.denyInterfaces = [
-      config.systemd.network.networks."10-wan".name
-    ] ++ (lib.optional wan6IsHurricaneElectric config.systemd.network.networks."10-hurricane".name);
+  config = mkIf config.router.enable {
+    services.avahi.denyInterfaces =
+      [
+        config.systemd.network.networks."10-wan".name
+      ]
+      ++ optionals wan6IsHurricaneElectric [
+        config.systemd.network.networks."10-hurricane".name
+      ];
 
     systemd.network.networks = {
       "10-wan" = wan;
-      "10-hurricane" = lib.mkIf wan6IsHurricaneElectric hurricane;
+      "10-hurricane" = mkIf wan6IsHurricaneElectric hurricane;
     };
 
-    systemd.network.netdevs."10-hurricane" = lib.mkIf wan6IsHurricaneElectric hurricaneNetdev;
+    systemd.network.netdevs."10-hurricane" = mkIf wan6IsHurricaneElectric hurricaneNetdev;
   };
 }