aboutsummaryrefslogtreecommitdiffstats
path: root/hosts/common/optional/services/dhcp.nix
blob: cc21ef9d8612135108c172d9f0c6d832fe23d9cb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
{ pkgs, ... }:
{

  environment = {
    etc = {
      "tftp/ipxe.efi".source = "${pkgs.ipxe}/ipxe.efi";
      "tftp/undionly.kpxe".source = "${pkgs.ipxe}/undionly.kpxe";
    };

    systemPackages = with pkgs; [
      ipxe
      master.tftp-hpa
      master.wol
    ];
  };

  services.kea.dhcp4 = {
    enable = true;
    settings = {
      interfaces-config.interfaces = [ "enp116s0" ];

      lease-database = {
        name = "/var/lib/kea/dhcp4.leases";
        persist = true;
        type = "memfile";
      };

      renew-timer = 900;
      rebind-timer = 1800;
      valid-lifetime = 3600;

      option-data = [
        {
          name = "domain-name-servers";
          data = "192.168.1.1";
          always-send = true;
        }

        {
          name = "domain-name";
          data = "bitgnome.net";
          always-send = true;
        }

        {
          name = "ntp-servers";
          data = "192.168.1.1";
          always-send = true;
        }
      ];

      client-classes = [
        {
          name = "XClient_iPXE";
          test = "substring(option[77].hex,0,4) == 'iPXE'";
          boot-file-name = "http://arrakis.bitgnome.net/boot/netboot.ipxe";
        }

        {
          name = "UEFI-64-1";
          test = "substring(option[60].hex,0,20) == 'PXEClient:Arch:00007'";
          next-server = "192.168.1.1";
          boot-file-name = "/etc/tftp/ipxe.efi";
        }

        {
          name = "UEFI-64-2";
          test = "substring(option[60].hex,0,20) == 'PXEClient:Arch:00008'";
          next-server = "192.168.1.1";
          boot-file-name = "/etc/tftp/ipxe.efi";
        }

        {
          name = "UEFI-64-3";
          test = "substring(option[60].hex,0,20) == 'PXEClient:Arch:00009'";
          next-server = "192.168.1.1";
          boot-file-name = "/etc/tftp/ipxe.efi";
        }

        {
          name = "Legacy";
          test = "substring(option[60].hex,0,20) == 'PXEClient:Arch:00000'";
          next-server = "192.168.1.1";
          boot-file-name = "/etc/tftp/undionly.kpxe";
        }
      ];

      subnet4 = [
        {
          id = 1;
          subnet = "192.168.1.0/24";
          pools = [ { pool = "192.168.1.100 - 192.168.1.199"; } ];

          option-data = [
            {
              name = "routers";
              data = "192.168.1.1";
            }
          ];

          reservations = [
            ({ hw-address = "8c:8c:aa:4e:e9:8c"; ip-address = "192.168.1.11"; }) # jupiter
            ({ hw-address = "38:f3:ab:59:06:e0"; ip-address = "192.168.1.12"; }) # saturn
            ({ hw-address = "8c:8c:aa:4e:fc:aa"; ip-address = "192.168.1.13"; }) # uranus
            ({ hw-address = "38:f3:ab:59:08:10"; ip-address = "192.168.1.14"; }) # neptune
            ({ hw-address = "7c:b5:66:65:e2:9e"; ip-address = "192.168.1.17"; }) # ginaz
            ({ hw-address = "00:05:cd:72:92:b0"; ip-address = "192.168.1.19"; }) # onkyo
            ({ hw-address = "74:29:af:6f:20:ed"; ip-address = "192.168.1.20"; }) # brother
            ({ hw-address = "ec:08:6b:6a:4a:ac"; ip-address = "192.168.1.252"; }) # ac2600
          ];
        }
      ];
    };
  };

  systemd.services = {
    tftpd = {
      after = [ "nftables.service" ];
      description = "TFTP server";
      serviceConfig = {
        User = "root";
        Group = "root";
        Restart = "always";
        RestartSec = 5;
        Type = "exec";
        ExecStart = "${pkgs.master.tftp-hpa}/bin/in.tftpd -l -a 192.168.1.1:69 -P /run/tftpd.pid /etc/tftp";
        TimeoutStopSec = 20;
        PIDFile = "/run/tftpd.pid";
      };
      wantedBy = [ "multi-user.target" ];
    };
  };
}