migrate dhcpcd to networkd

2023-09-21 23:29:14 +02:00 · 2023-09-21 23:29:14 +02:00 · f0dcdd88cd
parent dd7dbb6be5
commit f0dcdd88cd
1 changed files with 59 additions and 26 deletions
--- a/systems/LoutreOS/configuration.nix
+++ b/systems/LoutreOS/configuration.nix
@ -102,12 +102,18 @@
        allowedUDPPorts = [
          111 2049 4000 4001 4002 # NFS
          3483 # Slimserver
+          67 # DHCP
        ];
      };
      extraCommands = ''
-        ip6tables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-        ip6tables -A FORWARD -j ACCEPT -i eno2
-        ip6tables -A FORWARD -j nixos-fw-log-refuse
+        ip6tables -w -D FORWARD -j loutreos-forward 2>/dev/null || true
+        ip6tables -w -F loutreos-forward 2>/dev/null || true
+        ip6tables -w -X loutreos-forward 2>/dev/null || true
+        ip6tables -w -N loutreos-forward
+        ip6tables -A loutreos-forward -m state --state RELATED,ESTABLISHED -j ACCEPT
+        ip6tables -A loutreos-forward -j ACCEPT -i eno2
+        ip6tables -A loutreos-forward -j nixos-fw-log-refuse
+        ip6tables -w -A FORWARD -j loutreos-forward
      '';
    };
  };
@ -129,7 +135,57 @@
      networkConfig = {
        IPv6SendRA = true;
        DHCPPrefixDelegation = true;
+        DHCPServer = true;
      };
+      dhcpServerConfig = {
+        # MIN = 10.30.100.0
+        #PoolOffset = 25500;
+        # MAX = 10.30.200.0
+        #PoolSize = 25500;
+        EmitRouter = true;
+        EmitDNS = true;
+        DNS = [
+          "1.1.1.1"
+          "1.0.0.1"
+        ];
+      };
+      dhcpServerStaticLeases = [
+        # IPMI
+        {
+          dhcpServerStaticLeaseConfig = {
+            Address = "10.30.1.1";
+            MACAddress = "ac:1f:6b:4b:01:15";
+          };
+        }
+        # paul-fixe
+        {
+          dhcpServerStaticLeaseConfig = {
+            Address = "10.30.50.1";
+            MACAddress = "b4:2e:99:ed:24:26";
+          };
+        }
+        # salonled
+        {
+          dhcpServerStaticLeaseConfig = {
+            Address = "10.30.40.1";
+            MACAddress = "e0:98:06:85:e9:ce";
+          };
+        }
+        # miroir-bleu
+        {
+          dhcpServerStaticLeaseConfig = {
+            Address = "10.30.40.2";
+            MACAddress = "e0:98:06:86:38:fc";
+          };
+        }
+        # miroir-orange
+        {
+          dhcpServerStaticLeaseConfig = {
+            Address = "10.30.40.3";
+            MACAddress = "50:02:91:78:be:be";
+          };
+        }
+      ];
      ipv6SendRAConfig = {
        EmitDNS = true;
        DNS = [
@ -141,29 +197,6 @@
    "40-enp0s21u2".dhcpV4Config.RouteMetric = 1024;
  };

-  services.dhcpd4 = {
-    enable = true;
-    interfaces = [ "eno2" ];
-    machines = [
-      { ethernetAddress = "50:c7:bf:b6:b8:ef"; hostName = "HS110"; ipAddress = "10.30.50.7"; }
-      { ethernetAddress = "ac:1f:6b:4b:01:15"; hostName = "IPMI"; ipAddress = "10.30.1.1"; }
-      { ethernetAddress = "b4:2e:99:ed:24:26"; hostName = "paul-fixe"; ipAddress = "10.30.50.1"; }
-
-      #ESPHome
-      { ethernetAddress = "e0:98:06:85:e9:ce"; hostName = "salonled"; ipAddress = "10.30.40.1"; }
-      { ethernetAddress = "e0:98:06:86:38:fc"; hostName = "bureauled"; ipAddress = "10.30.40.2"; }
-      { ethernetAddress = "50:02:91:78:be:be"; hostName = "guirlande"; ipAddress = "10.30.40.3"; }
-    ];
-    extraConfig = ''
-      option domain-name-servers 1.1.1.1, 1.0.0.1;
-      option subnet-mask 255.255.0.0;
-      subnet 10.30.0.0 netmask 255.255.0.0 {
-        option routers 10.30.0.1;
-        range 10.30.100.0 10.30.200.0;
-      }
-    '';
-  };
-
  nixpkgs.overlays = [
    (import ../../overlays/transmission.nix)
  ];