diff options
Diffstat (limited to 'nixos/routers')
-rw-r--r-- | nixos/routers/router.nix | 149 |
1 files changed, 74 insertions, 75 deletions
diff --git a/nixos/routers/router.nix b/nixos/routers/router.nix index 0139c6f..50405dc 100644 --- a/nixos/routers/router.nix +++ b/nixos/routers/router.nix @@ -1,7 +1,6 @@ { config, lib, - pkgs, ... }: with lib; let @@ -89,89 +88,89 @@ in { nameservers = ["1.1.1.1" "8.8.8.8"]; }; - services.kea = { - dhcp4 = { - enable = true; - settings = { - lease-database = { - name = "/var/lib/kea/dhcp4.leases"; - persist = true; - type = "memfile"; - }; - valid-lifetime = 4000; - renew-timer = 1000; - rebind-timer = 2000; - interfaces-config = { - interfaces = ["brlan" "brguest"]; - service-sockets-max-retries = -1; + services = { + kea = { + dhcp4 = { + enable = true; + settings = { + lease-database = { + name = "/var/lib/kea/dhcp4.leases"; + persist = true; + type = "memfile"; + }; + valid-lifetime = 4000; + renew-timer = 1000; + rebind-timer = 2000; + interfaces-config = { + interfaces = ["brlan" "brguest"]; + service-sockets-max-retries = -1; + }; + option-data = [ + { + name = "domain-name-servers"; + data = "1.1.1.1, 8.8.8.8"; + } + ]; + subnet4 = [ + { + interface = "brlan"; + subnet = "${ipv4.prefix2ip cnf.lanIP cnf.lanPrefix}/${toString cnf.lanPrefix}"; + pools = let + ip_start = ipv4.ipAdd cnf.lanIP cnf.lanPrefix cnf.dynIPStart; + ip_end = ipv4.ipAdd cnf.lanIP cnf.lanPrefix (cnf.dynIPStart + cnf.dynIPCount); + in [{pool = "${ip_start} - ${ip_end}";}]; + option-data = [ + { + name = "routers"; + data = cnf.lanIP; + } + ]; + reservations = [ + { + duid = "e4:6f:13:f3:d5:be"; + ip-address = ipv4.ipAdd cnf.lanIP cnf.lanPrefix 60; + } + ]; + } + { + interface = "brguest"; + subnet = "192.168.1.0/24"; + pools = [{pool = "192.168.1.50 - 192.168.1.254";}]; + "option-data" = [ + { + name = "routers"; + data = "192.168.1.1"; + } + ]; + } + ]; }; - option-data = [ - { - name = "domain-name-servers"; - data = "1.1.1.1, 8.8.8.8"; - } - ]; - subnet4 = [ - { - interface = "brlan"; - subnet = "${ipv4.prefix2ip cnf.lanIP cnf.lanPrefix}/${toString cnf.lanPrefix}"; - pools = let - ip_start = ipv4.ipAdd cnf.lanIP cnf.lanPrefix cnf.dynIPStart; - ip_end = ipv4.ipAdd cnf.lanIP cnf.lanPrefix (cnf.dynIPStart + cnf.dynIPCount); - in [{pool = "${ip_start} - ${ip_end}";}]; - option-data = [ - { - name = "routers"; - data = cnf.lanIP; - } - ]; - reservations = [ - { - duid = "e4:6f:13:f3:d5:be"; - ip-address = ipv4.ipAdd cnf.lanIP cnf.lanPrefix 60; - } - ]; - } - { - interface = "brguest"; - subnet = "192.168.1.0/24"; - pools = [{pool = "192.168.1.50 - 192.168.1.254";}]; - "option-data" = [ - { - name = "routers"; - data = "192.168.1.1"; - } - ]; - } - ]; }; }; + radvd = { + enable = true; + config = '' + interface brlan { + AdvSendAdvert on; + MinRtrAdvInterval 3; + MaxRtrAdvInterval 10; + prefix ::/64 { + AdvOnLink on; + AdvAutonomous on; + AdvRouterAddr on; + }; + RDNSS 2001:4860:4860::8888 2001:4860:4860::8844 { + }; + }; + ''; + }; + kresd = {enable = false;}; }; systemd.services.kea-dhcp4-server.after = [ "sys-subsystem-net-devices-brlan.device" "sys-subsystem-net-devices-brguest.device" ]; - services.radvd = { - enable = true; - config = '' - interface brlan { - AdvSendAdvert on; - MinRtrAdvInterval 3; - MaxRtrAdvInterval 10; - prefix ::/64 { - AdvOnLink on; - AdvAutonomous on; - AdvRouterAddr on; - }; - RDNSS 2001:4860:4860::8888 2001:4860:4860::8844 { - }; - }; - ''; - }; - - services.kresd = {enable = false;}; - networking.nftables.enable = true; networking.firewall = { filterForward = true; |