migrate dhcpcd to networkd

2023-09-21 23:29:14 +02:00 · 2023-09-21 23:29:14 +02:00 · f0dcdd88cd
commit f0dcdd88cd
parent dd7dbb6be5
1 changed files with 59 additions and 26 deletions
--- a/systems/LoutreOS/configuration.nix
+++ b/systems/LoutreOS/configuration.nix
@ -102,12 +102,18 @@
        allowedUDPPorts = [
          111 2049 4000 4001 4002 # NFS
          3483 # Slimserver
          67 # DHCP
        ];
      };
      extraCommands = ''
-        ip6tables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
+        ip6tables -w -D FORWARD -j loutreos-forward 2>/dev/null || true
-        ip6tables -A FORWARD -j ACCEPT -i eno2
+        ip6tables -w -F loutreos-forward 2>/dev/null || true
-        ip6tables -A FORWARD -j nixos-fw-log-refuse
+        ip6tables -w -X loutreos-forward 2>/dev/null || true
        ip6tables -w -N loutreos-forward
        ip6tables -A loutreos-forward -m state --state RELATED,ESTABLISHED -j ACCEPT
        ip6tables -A loutreos-forward -j ACCEPT -i eno2
        ip6tables -A loutreos-forward -j nixos-fw-log-refuse
        ip6tables -w -A FORWARD -j loutreos-forward
      '';
    };
  };
@ -129,7 +135,57 @@
      networkConfig = {
        IPv6SendRA = true;
        DHCPPrefixDelegation = true;
        DHCPServer = true;
      };
      dhcpServerConfig = {
        # MIN = 10.30.100.0
        #PoolOffset = 25500;
        # MAX = 10.30.200.0
        #PoolSize = 25500;
        EmitRouter = true;
        EmitDNS = true;
        DNS = [
          "1.1.1.1"
          "1.0.0.1"
        ];
      };
      dhcpServerStaticLeases = [
        # IPMI
        {
          dhcpServerStaticLeaseConfig = {
            Address = "10.30.1.1";
            MACAddress = "ac:1f:6b:4b:01:15";
          };
        }
        # paul-fixe
        {
          dhcpServerStaticLeaseConfig = {
            Address = "10.30.50.1";
            MACAddress = "b4:2e:99:ed:24:26";
          };
        }
        # salonled
        {
          dhcpServerStaticLeaseConfig = {
            Address = "10.30.40.1";
            MACAddress = "e0:98:06:85:e9:ce";
          };
        }
        # miroir-bleu
        {
          dhcpServerStaticLeaseConfig = {
            Address = "10.30.40.2";
            MACAddress = "e0:98:06:86:38:fc";
          };
        }
        # miroir-orange
        {
          dhcpServerStaticLeaseConfig = {
            Address = "10.30.40.3";
            MACAddress = "50:02:91:78:be:be";
          };
        }
      ];
      ipv6SendRAConfig = {
        EmitDNS = true;
        DNS = [
@ -141,29 +197,6 @@
    "40-enp0s21u2".dhcpV4Config.RouteMetric = 1024;
  };
  services.dhcpd4 = {
    enable = true;
    interfaces = [ "eno2" ];
    machines = [
      { ethernetAddress = "50:c7:bf:b6:b8:ef"; hostName = "HS110"; ipAddress = "10.30.50.7"; }
      { ethernetAddress = "ac:1f:6b:4b:01:15"; hostName = "IPMI"; ipAddress = "10.30.1.1"; }
      { ethernetAddress = "b4:2e:99:ed:24:26"; hostName = "paul-fixe"; ipAddress = "10.30.50.1"; }
      #ESPHome
      { ethernetAddress = "e0:98:06:85:e9:ce"; hostName = "salonled"; ipAddress = "10.30.40.1"; }
      { ethernetAddress = "e0:98:06:86:38:fc"; hostName = "bureauled"; ipAddress = "10.30.40.2"; }
      { ethernetAddress = "50:02:91:78:be:be"; hostName = "guirlande"; ipAddress = "10.30.40.3"; }
    ];
    extraConfig = ''
      option domain-name-servers 1.1.1.1, 1.0.0.1;
      option subnet-mask 255.255.0.0;
      subnet 10.30.0.0 netmask 255.255.0.0 {
        option routers 10.30.0.1;
        range 10.30.100.0 10.30.200.0;
      }
    '';
  };
  nixpkgs.overlays = [
    (import ../../overlays/transmission.nix)
  ];