{ config, lib, pkgs, ... }: { environment = { etc = { "tftp/ipxe.efi".source = "${pkgs.ipxe}/ipxe.efi"; "tftp/undionly.kpxe".source = "${pkgs.ipxe}/undionly.kpxe"; }; systemPackages = with pkgs; [ ipxe tftp-hpa ]; }; services = { kea.dhcp4 = { configFile = config.sops.secrets.kea-dhcp4_conf.path; enable = true; }; xinetd = { enable = true; services = [{ name = "tftp"; protocol = "udp"; server = "${pkgs.tftp-hpa}/sbin/in.tftpd"; serverArgs = "/etc/tftp"; user = "root"; }]; }; }; systemd.services.kea-dhcp4-server = { serviceConfig = { ExecStart = lib.mkForce '' ${pkgs.kea}/bin/kea-dhcp4 -c ''${CREDENTIALS_DIRECTORY}/kea-dhcp4_conf ''; LoadCredential = [ "kea-dhcp4_conf:${config.sops.secrets.kea-dhcp4_conf.path}" ]; }; }; }