{ config, lib, pkgs, ... }: { environment = { etc = { "tftp/ipxe.efi".source = "${pkgs.ipxe}/ipxe.efi"; "tftp/undionly.kpxe".source = "${pkgs.ipxe}/undionly.kpxe"; }; systemPackages = with pkgs; [ ipxe tftp-hpa ]; }; services = { kea.dhcp4 = { configFile = config.sops.secrets.kea-dhcp4_conf.path; enable = true; }; xinetd = { enable = true; services = [{ name = "tftp"; protocol = "udp"; server = "${pkgs.tftp-hpa}/sbin/in.tftpd"; serverArgs = "/etc/tftp"; user = "root"; }]; }; }; systemd.services = { kea-dhcp4-server = { restartTriggers = [ config.sops.secrets.kea-dhcp4_conf.sopsFile ]; serviceConfig = { ExecStart = lib.mkForce '' ${pkgs.kea}/bin/kea-dhcp4 -c ''${CREDENTIALS_DIRECTORY}/kea-dhcp4_conf ''; LoadCredential = [ "kea-dhcp4_conf:${config.sops.secrets.kea-dhcp4_conf.path}" ]; }; }; tftpd = { after = [ "nftables.service" ]; description = "TFTP server"; serviceConfig = { User = "root"; Group = "root"; Restart = "always"; RestartSec = 5; Type = "exec"; ExecStart = "${pkgs.tftp-hpa}/bin/in.tftpd -l -a 192.168.1.1:69 -P /run/tftpd.pid /etc/tftp"; TimeoutStopSec = 20; PIDFile = "/run/tftpd.pid"; }; wantedBy = [ "multi-user.target" ]; }; }; }