106 lines
3.7 KiB
Nix
106 lines
3.7 KiB
Nix
# ISC DHCP/IPv4 server configuration
|
|
{ hostName, config, lib, ... }:
|
|
|
|
let
|
|
dhcpNets =
|
|
lib.filterAttrs (_: { dhcp, ... }:
|
|
dhcp != null &&
|
|
dhcp.server == hostName
|
|
) config.site.net;
|
|
|
|
enabled = builtins.length (builtins.attrNames dhcpNets) > 0;
|
|
in
|
|
{
|
|
services.dhcpd4 = lib.optionalAttrs enabled {
|
|
enable = true;
|
|
|
|
interfaces = builtins.attrNames dhcpNets;
|
|
|
|
extraConfig = ''
|
|
${builtins.concatStringsSep "\n" (
|
|
builtins.attrValues (
|
|
builtins.mapAttrs (net: { dhcp, subnet4Net, subnet4Len, domainName, ...}:
|
|
''
|
|
ddns-update-style standard;
|
|
key dyndns {
|
|
algorithm hmac-sha256;
|
|
secret ${config.site.dyndnsKey};
|
|
};
|
|
zone ${domainName}. {
|
|
primary ${config.site.net.serv.hosts4.dns};
|
|
primary6 ${config.site.net.serv.hosts6.dn42.dns};
|
|
key dyndns;
|
|
}
|
|
${lib.concatMapStrings ({ name, dynamic, ... }:
|
|
lib.optionalString (
|
|
dynamic &&
|
|
lib.hasSuffix ".in-addr.arpa" name
|
|
) ''
|
|
zone ${name}. {
|
|
primary ${config.site.net.serv.hosts4.dns};
|
|
primary6 ${config.site.net.serv.hosts6.dn42.dns};
|
|
key dyndns;
|
|
}
|
|
''
|
|
) config.site.dns.localZones}
|
|
|
|
option guid code 97 = text;
|
|
group {
|
|
default-lease-time ${toString dhcp.time};
|
|
max-lease-time ${toString dhcp.max-time};
|
|
option routers ${config.site.net.${net}.hosts4.${dhcp.router}};
|
|
option domain-name "${domainName}";
|
|
option domain-name-servers 172.20.73.8, 9.9.9.9;
|
|
ddns-domainname "${domainName}";
|
|
|
|
class "pxeclients" {
|
|
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
|
|
|
|
next-server ${config.site.net.serv.hosts4.nfsroot};
|
|
option tftp-server-address ${config.site.net.serv.hosts4.nfsroot};
|
|
if suffix(reverse(1, option guid), 5) = 34:69:50:52:00 {
|
|
# RPi4
|
|
option vendor-class-identifier "PXEClient";
|
|
option vendor-encapsulated-options "Raspberry Pi Boot";
|
|
option tftp-server-name "${config.site.net.serv.hosts4.nfsroot}";
|
|
} elsif option pxe-system-type = 00:00 {
|
|
filename "netboot.xyz.kpxe"; # BIOS
|
|
} elsif option pxe-system-type = 00:07 {
|
|
filename "netboot.xyz.efi"; # EFI
|
|
option bootfile-name "netboot.xyz.efi";
|
|
} elsif option pxe-system-type = 00:06 {
|
|
filename "netboot.xyz.efi"; # ia32_EFI
|
|
}
|
|
}
|
|
|
|
subnet ${subnet4Net} netmask ${lib.netmasks.${toString subnet4Len}} {
|
|
range ${dhcp.start} ${dhcp.end};
|
|
|
|
# always assign the same IP to the same MAC address.
|
|
# fixes changing IP for PXE clients.
|
|
ignore-client-uids true;
|
|
}
|
|
|
|
update-static-leases on;
|
|
|
|
${builtins.concatStringsSep "\n" (
|
|
builtins.attrValues (
|
|
builtins.mapAttrs (addr: hwaddr:
|
|
''
|
|
host ${addr} {
|
|
hardware ethernet ${hwaddr};
|
|
fixed-address ${addr};
|
|
}
|
|
''
|
|
) dhcp.fixed-hosts
|
|
)
|
|
)}
|
|
}
|
|
''
|
|
) dhcpNets
|
|
)
|
|
)}
|
|
'';
|
|
};
|
|
}
|