mirrors/mdlayher-homelab
1
0
Fork 0
mirror of https://github.com/mdlayher/homelab.git synced 2024-12-14 11:47:32 +00:00
Code Activity

nixos/routnerr-2: fully switch to networkd DHCPv4 server

Browse source
This commit is contained in:
Matt Layher 2022-12-11 21:41:15 -05:00
parent f9686e2d5c
commit 5dfe6962c8
3 changed files with 23 additions and 85 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nixos/routnerr-2/configuration.nix
View file

@ -20,7 +20,6 @@ in {
# Networking daemons.
./coredns.nix
./corerad.nix
./dhcpd4.nix
./traefik.nix
# Unstable or out-of-tree modules.

63
nixos/routnerr-2/dhcpd4.nix
View file

@ -1,63 +0,0 @@
{ lib, ... }:
let
vars = import ./lib/vars.nix;
lans = with vars.interfaces; [ mgmt0 lan0 guest0 iot0 ];
in {
# Start only after systemd-networkd interface setup completes.
systemd.services.dhcpd4.unitConfig = {
After = lib.mkForce "network-online.target";
Requires = "network-online.target";
};
services.dhcpd4 = {
interfaces = lib.forEach lans (lan: toString lan.name);
enable = true;
machines = with vars.hosts;
lib.forEach (infra ++ servers) (host: {
hostName = host.name;
ethernetAddress = host.mac;
ipAddress = host.ipv4;
});
extraConfig = ''
ddns-update-style none;
default-lease-time 86400;
max-lease-time 86400;
${with vars.interfaces;
lib.concatMapStrings (ifi:
# Since dhcpd4 doesn't speak CIDR notation, trim off the final octet of
# the router's address for our "/24" prefix.
let
pfx = lib.removeSuffix ".1" ipv4;
ipv4 = ifi.ipv4;
in ''
subnet ${pfx}.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
option broadcast-address ${pfx}.255;
option routers ${ipv4};
option domain-name-servers ${ipv4};
range ${pfx}.50 ${pfx}.240;
allow booting;
next-server ${ipv4};
option bootfile-name "netboot.xyz.kpxe";
${
let
domain = vars.domain;
# Configure additional options for the primary internal LAN.
in if ifi.internal_dns then ''
option domain-search "${domain}";
option domain-name "${domain}";
'' else
""
}
}
'') lans}
'';
};
}

44
nixos/routnerr-2/networking.nix
View file

@ -23,24 +23,6 @@ let
}));
vlanNetwork = (name:
(id: {
matchConfig.Name = name;
# Embed ID directly in IPv4/6 addresses for clarity.
address =
[ "fd9e:1a04:f01d:${toString id}::1/64" "192.168.${toString id}.1/24" ];
networkConfig = {
DHCPPrefixDelegation = true;
IPv6AcceptRA = false;
};
dhcpPrefixDelegationConfig = {
# Router always lives at ::1.
Token = "::1";
# Delegate the associated hex subnet ID from DHCPv6-PD.
SubnetId = "${toString (decToHex id)}";
};
}));
vlanNetworkDHCP = (name:
(id: {
matchConfig.Name = name;
# Embed ID directly in IPv4/6 addresses for clarity.
@ -58,6 +40,7 @@ let
SubnetId = "${toString (decToHex id)}";
};
# DHCPServer on NixOS does not support Boot options yet.
extraConfig = ''
[DHCPServer]
PoolOffset = 50
@ -66,8 +49,9 @@ let
BootFilename = netboot.xyz.kpxe
'';
dhcpServerStaticLeases = lib.forEach vars.interfaces."${name}".hosts (host:
{
# Write out fixed leases per subnet.
dhcpServerStaticLeases = lib.forEach vars.interfaces."${name}".hosts
(host: {
dhcpServerStaticLeaseConfig = {
Address = host.ipv4;
MACAddress = host.mac;
@ -175,12 +159,30 @@ in {
networkConfig = {
DHCPPrefixDelegation = true;
DHCPServer = true;
IPv6AcceptRA = false;
};
dhcpPrefixDelegationConfig = {
Token = "::1";
SubnetId = 0;
};
# DHCPServer on NixOS does not support Boot options yet.
extraConfig = ''
[DHCPServer]
PoolOffset = 50
DNS = ${vars.domain}
BootServerAddress = 192.168.1.1
BootFilename = netboot.xyz.kpxe
'';
# Write out fixed leases per subnet.
dhcpServerStaticLeases = lib.forEach vars.interfaces.mgmt0.hosts (host: {
dhcpServerStaticLeaseConfig = {
Address = host.ipv4;
MACAddress = host.mac;
};
});
};
# Unused physical management LANs.
@ -201,7 +203,7 @@ in {
# Lab VLAN.
netdevs."35-lab0" = vlanNetdev "lab0" 2;
networks."35-lab0" = vlanNetworkDHCP "lab0" 2;
networks."35-lab0" = vlanNetwork "lab0" 2;
# WireGuard tunnel.
netdevs."40-wg0" = {