From f0dcdd88cd61d50f1aba7d8d5d7a356b833a2bdb Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Thu, 21 Sep 2023 23:29:14 +0200 Subject: [PATCH] migrate dhcpcd to networkd --- systems/LoutreOS/configuration.nix | 85 +++++++++++++++++++++--------- 1 file changed, 59 insertions(+), 26 deletions(-) diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix index 2130d9c..4674b9d 100644 --- a/systems/LoutreOS/configuration.nix +++ b/systems/LoutreOS/configuration.nix @@ -102,12 +102,18 @@ allowedUDPPorts = [ 111 2049 4000 4001 4002 # NFS 3483 # Slimserver + 67 # DHCP ]; }; extraCommands = '' - ip6tables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT - ip6tables -A FORWARD -j ACCEPT -i eno2 - ip6tables -A FORWARD -j nixos-fw-log-refuse + ip6tables -w -D FORWARD -j loutreos-forward 2>/dev/null || true + ip6tables -w -F loutreos-forward 2>/dev/null || true + ip6tables -w -X loutreos-forward 2>/dev/null || true + ip6tables -w -N loutreos-forward + ip6tables -A loutreos-forward -m state --state RELATED,ESTABLISHED -j ACCEPT + ip6tables -A loutreos-forward -j ACCEPT -i eno2 + ip6tables -A loutreos-forward -j nixos-fw-log-refuse + ip6tables -w -A FORWARD -j loutreos-forward ''; }; }; @@ -129,7 +135,57 @@ networkConfig = { IPv6SendRA = true; DHCPPrefixDelegation = true; + DHCPServer = true; }; + dhcpServerConfig = { + # MIN = 10.30.100.0 + #PoolOffset = 25500; + # MAX = 10.30.200.0 + #PoolSize = 25500; + EmitRouter = true; + EmitDNS = true; + DNS = [ + "1.1.1.1" + "1.0.0.1" + ]; + }; + dhcpServerStaticLeases = [ + # IPMI + { + dhcpServerStaticLeaseConfig = { + Address = "10.30.1.1"; + MACAddress = "ac:1f:6b:4b:01:15"; + }; + } + # paul-fixe + { + dhcpServerStaticLeaseConfig = { + Address = "10.30.50.1"; + MACAddress = "b4:2e:99:ed:24:26"; + }; + } + # salonled + { + dhcpServerStaticLeaseConfig = { + Address = "10.30.40.1"; + MACAddress = "e0:98:06:85:e9:ce"; + }; + } + # miroir-bleu + { + dhcpServerStaticLeaseConfig = { + Address = "10.30.40.2"; + MACAddress = "e0:98:06:86:38:fc"; + }; + } + # miroir-orange + { + dhcpServerStaticLeaseConfig = { + Address = "10.30.40.3"; + MACAddress = "50:02:91:78:be:be"; + }; + } + ]; ipv6SendRAConfig = { EmitDNS = true; DNS = [ @@ -141,29 +197,6 @@ "40-enp0s21u2".dhcpV4Config.RouteMetric = 1024; }; - services.dhcpd4 = { - enable = true; - interfaces = [ "eno2" ]; - machines = [ - { ethernetAddress = "50:c7:bf:b6:b8:ef"; hostName = "HS110"; ipAddress = "10.30.50.7"; } - { ethernetAddress = "ac:1f:6b:4b:01:15"; hostName = "IPMI"; ipAddress = "10.30.1.1"; } - { ethernetAddress = "b4:2e:99:ed:24:26"; hostName = "paul-fixe"; ipAddress = "10.30.50.1"; } - - #ESPHome - { ethernetAddress = "e0:98:06:85:e9:ce"; hostName = "salonled"; ipAddress = "10.30.40.1"; } - { ethernetAddress = "e0:98:06:86:38:fc"; hostName = "bureauled"; ipAddress = "10.30.40.2"; } - { ethernetAddress = "50:02:91:78:be:be"; hostName = "guirlande"; ipAddress = "10.30.40.3"; } - ]; - extraConfig = '' - option domain-name-servers 1.1.1.1, 1.0.0.1; - option subnet-mask 255.255.0.0; - subnet 10.30.0.0 netmask 255.255.0.0 { - option routers 10.30.0.1; - range 10.30.100.0 10.30.200.0; - } - ''; - }; - nixpkgs.overlays = [ (import ../../overlays/transmission.nix) ];