nixos-module/container/dhcp-server: enable dhcp6-server just for dyndns
This commit is contained in:
parent
7149638ef0
commit
07963d1b61
|
@ -20,6 +20,11 @@ rec {
|
||||||
"78.20.172.in-addr.arpa"
|
"78.20.172.in-addr.arpa"
|
||||||
"79.20.172.in-addr.arpa"
|
"79.20.172.in-addr.arpa"
|
||||||
"99.22.172.in-addr.arpa"
|
"99.22.172.in-addr.arpa"
|
||||||
|
"99.22.172.in-addr.arpa"
|
||||||
|
"2.0.0.0.c.2.0.8.1.8.0.0.a.2.ip6.arpa"
|
||||||
|
"4.1.b.a.c.a.2.8.3.5.f.0.a.2.ip6.arpa"
|
||||||
|
"5.0.2.d.3.c.2.4.0.0.2.4.d.f.ip6.arpa"
|
||||||
|
"5.0.2.d.3.c.2.4.0.0.3.2.d.f.ip6.arpa"
|
||||||
];
|
];
|
||||||
|
|
||||||
mapI = start: end: f:
|
mapI = start: end: f:
|
||||||
|
|
|
@ -112,6 +112,14 @@ in
|
||||||
min ra interval 10;
|
min ra interval 10;
|
||||||
max ra interval 60;
|
max ra interval 60;
|
||||||
solicited ra unicast yes;
|
solicited ra unicast yes;
|
||||||
|
${if config.site.net.${net}.dhcp.server == null
|
||||||
|
then ''
|
||||||
|
# Do not use DHCP6.
|
||||||
|
managed no;
|
||||||
|
'' else ''
|
||||||
|
# Use DHCP6 for DynDNS.
|
||||||
|
managed yes;
|
||||||
|
''}
|
||||||
|
|
||||||
${builtins.concatStringsSep "\n" (
|
${builtins.concatStringsSep "\n" (
|
||||||
map (subnet6: ''
|
map (subnet6: ''
|
||||||
|
|
|
@ -25,6 +25,7 @@ in
|
||||||
settings = {
|
settings = {
|
||||||
interfaces-config.interfaces = builtins.attrNames dhcpNets;
|
interfaces-config.interfaces = builtins.attrNames dhcpNets;
|
||||||
dhcp-ddns.enable-updates = true;
|
dhcp-ddns.enable-updates = true;
|
||||||
|
ddns-send-updates = true;
|
||||||
|
|
||||||
subnet4 = concatMapDhcpNets (net: { vlan, subnet4, dhcp, domainName, ... }: {
|
subnet4 = concatMapDhcpNets (net: { vlan, subnet4, dhcp, domainName, ... }: {
|
||||||
id = vlan;
|
id = vlan;
|
||||||
|
@ -32,6 +33,7 @@ in
|
||||||
pools = [ {
|
pools = [ {
|
||||||
pool = "${dhcp.start} - ${dhcp.end}";
|
pool = "${dhcp.start} - ${dhcp.end}";
|
||||||
} ];
|
} ];
|
||||||
|
renew-timer = dhcp.time / 2;
|
||||||
rebind-timer = dhcp.time;
|
rebind-timer = dhcp.time;
|
||||||
valid-lifetime = dhcp.max-time;
|
valid-lifetime = dhcp.max-time;
|
||||||
option-data = [ {
|
option-data = [ {
|
||||||
|
@ -56,13 +58,25 @@ in
|
||||||
match-client-id = false;
|
match-client-id = false;
|
||||||
host-reservation-identifiers = [ "hw-address" ];
|
host-reservation-identifiers = [ "hw-address" ];
|
||||||
reservations = concatMapDhcpNets (net: { hosts4, dhcp, ... }:
|
reservations = concatMapDhcpNets (net: { hosts4, dhcp, ... }:
|
||||||
builtins.attrValues (
|
builtins.filter (r: r != null) (
|
||||||
builtins.mapAttrs (name: hwaddr: {
|
builtins.attrValues (
|
||||||
hostname = "${name}.${net}.zentralwerk.org";
|
builtins.mapAttrs (addr: hwaddr:
|
||||||
hw-address = hwaddr;
|
let
|
||||||
ip-address = hosts4.${name};
|
names = builtins.attrNames (
|
||||||
}) dhcp.fixed-hosts
|
lib.filterAttrs (_: hostAddr:
|
||||||
));
|
hostAddr == addr
|
||||||
|
) hosts4);
|
||||||
|
name = builtins.head names;
|
||||||
|
in
|
||||||
|
if builtins.length names > 0
|
||||||
|
then {
|
||||||
|
hostname = "${name}.${net}.zentralwerk.org";
|
||||||
|
hw-address = hwaddr;
|
||||||
|
ip-address = hosts4.${name};
|
||||||
|
}
|
||||||
|
else null
|
||||||
|
) dhcp.fixed-hosts
|
||||||
|
)));
|
||||||
|
|
||||||
# Netbooting
|
# Netbooting
|
||||||
option-def = [ {
|
option-def = [ {
|
||||||
|
@ -141,6 +155,73 @@ in
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
services.kea.dhcp6 = lib.optionalAttrs enabled {
|
||||||
|
enable = true;
|
||||||
|
|
||||||
|
settings = {
|
||||||
|
interfaces-config.interfaces = builtins.attrNames dhcpNets;
|
||||||
|
dhcp-ddns.enable-updates = true;
|
||||||
|
ddns-override-no-update = true;
|
||||||
|
ddns-override-client-update = true;
|
||||||
|
ddns-replace-client-name = "when-not-present";
|
||||||
|
|
||||||
|
subnet6 = concatMapDhcpNets (net: { vlan, subnets6, dhcp, domainName, ... }:
|
||||||
|
let
|
||||||
|
subnet = subnets6.up4 or subnets6.flpk or null;
|
||||||
|
prefix = builtins.head (builtins.split "::/" subnet);
|
||||||
|
in
|
||||||
|
if subnet != null
|
||||||
|
then {
|
||||||
|
id = vlan;
|
||||||
|
interface = net;
|
||||||
|
inherit subnet;
|
||||||
|
pools = [ {
|
||||||
|
pool = "${prefix}:c3d2:c3d2:c3d2:1000 - ${prefix}:c3d2:c3d2:c3d2:ffff";
|
||||||
|
#pool = subnet;
|
||||||
|
} ];
|
||||||
|
renew-timer = dhcp.time / 2;
|
||||||
|
rebind-timer = dhcp.time;
|
||||||
|
valid-lifetime = dhcp.max-time;
|
||||||
|
#option-data = [ {
|
||||||
|
# space = "dhcp6";
|
||||||
|
# name = "domain-search";
|
||||||
|
# code = 24;
|
||||||
|
# data = domainName;
|
||||||
|
#} {
|
||||||
|
# space = "dhcp6";
|
||||||
|
# name = "dns-servers";
|
||||||
|
# code = 23;
|
||||||
|
# data = "172.20.73.8, 9.9.9.9";
|
||||||
|
#} ];
|
||||||
|
ddns-generated-prefix = "d";
|
||||||
|
ddns-qualifying-suffix = domainName;
|
||||||
|
}
|
||||||
|
else []
|
||||||
|
);
|
||||||
|
|
||||||
|
host-reservation-identifiers = [ "hw-address" ];
|
||||||
|
#reservations = concatMapDhcpNets (net: { hosts6, dhcp, ... }:
|
||||||
|
# builtins.filter (r: r != null) (
|
||||||
|
# builtins.attrValues (
|
||||||
|
# builtins.mapAttrs (name: hwaddr:
|
||||||
|
# let
|
||||||
|
# ip-addresses = lib.pipe hosts6 [
|
||||||
|
# (builtins.mapAttrs (_: hosts6: hosts6.${name} or null))
|
||||||
|
# builtins.attrValues
|
||||||
|
# (builtins.filter (a: a != null))
|
||||||
|
# ];
|
||||||
|
# in
|
||||||
|
# if builtins.trace (lib.generators.toPretty {} ip-addresses) (builtins.length ip-addresses) > 0
|
||||||
|
# then {
|
||||||
|
# hostname = "${name}.${net}.zentralwerk.org";
|
||||||
|
# hw-address = hwaddr;
|
||||||
|
# inherit ip-addresses;
|
||||||
|
# }
|
||||||
|
# else null
|
||||||
|
# ) dhcp.fixed-hosts
|
||||||
|
# )));
|
||||||
|
};
|
||||||
|
};
|
||||||
services.kea.dhcp-ddns = lib.optionalAttrs enabled {
|
services.kea.dhcp-ddns = lib.optionalAttrs enabled {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
||||||
|
@ -171,9 +252,16 @@ in
|
||||||
}) (
|
}) (
|
||||||
builtins.filter ({ name, dynamic, ... }:
|
builtins.filter ({ name, dynamic, ... }:
|
||||||
dynamic &&
|
dynamic &&
|
||||||
lib.hasSuffix ".in-addr.arpa" name
|
(lib.hasSuffix ".in-addr.arpa" name ||
|
||||||
|
lib.hasSuffix ".ip6.arpa" name)
|
||||||
) config.site.dns.localZones
|
) config.site.dns.localZones
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Hotfix weird ddns service behaviour
|
||||||
|
systemd.services.kea-dhcp-ddns-server.after = [
|
||||||
|
"systemd.services.kea-dhcp4-server.service"
|
||||||
|
"systemd.services.kea-dhcp6-server.service"
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue