v/infrastructure
1
0
Fork 0
Code Issues 13 Pull requests 1 Projects Releases Packages Activity Actions 1

nixos: add dhcp server

Browse source
This commit is contained in:
Vivian 2021-11-23 14:26:40 +01:00
parent 2c690f2148
commit 99bdbd6b59
4 changed files with 87 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
flake.nix
View file

@ -87,7 +87,6 @@
];
};
checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy)
deploy-rs.lib;
checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
};
}

54
hosts.nix
View file

@ -7,23 +7,15 @@
nix = false;
}
{
hostname = "nuc";
ip = "10.42.42.42";
mac = "1C:69:7A:62:30:88";
hostname = "unifi-ap";
ip = "10.42.42.2";
mac = "b4:fb:e4:f3:ff:1b";
nix = false;
}
{
hostname = "LGwebOSTV";
ip = "10.42.42.13";
mac = "74:40:be:48:85:a4";
nix = false;
}
{
hostname = "home-assistant";
ip = "10.42.42.8";
ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee";
mac = "74:40:be:48:85:a4";
nix = false;
hostname = "dhcp";
ip = "10.42.42.3";
mac = "3E:2D:E8:AA:E2:81";
}
{
hostname = "bastion";
@ -31,13 +23,6 @@
mac = "82:F0:7C:CB:BD:6D";
lxc = false;
}
{
hostname = "k3s-node1";
profile = "k3s";
ip = "10.42.42.10";
mac = "2E:F8:55:23:D9:9B";
lxc = false;
}
{
hostname = "vault";
ip = "10.42.42.6";
@ -48,11 +33,31 @@
ip = "10.42.42.7";
mac = "C6:F9:8B:3D:9E:37";
}
{
hostname = "home-assistant";
ip = "10.42.42.8";
ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee";
mac = "74:40:be:48:85:a4";
nix = false;
}
{
hostname = "nginx";
ip = "10.42.42.9";
mac = "6A:C2:89:85:CF:A6";
}
{
hostname = "k3s-node1";
profile = "k3s";
ip = "10.42.42.10";
mac = "2E:F8:55:23:D9:9B";
lxc = false;
}
{
hostname = "WoolooTV";
ip = "10.42.42.13";
mac = "74:40:be:48:85:a4";
nix = false;
}
{
hostname = "consul";
ip = "10.42.42.14";
@ -72,8 +77,13 @@
}
{
hostname = "minio";
profile = "dns";
ip = "10.42.42.17";
mac = "0A:06:5E:E7:9A:0C";
}
{
hostname = "nuc";
ip = "10.42.42.42";
mac = "1C:69:7A:62:30:88";
nix = false;
}
]

4
nixos/common/default.nix
View file

@ -48,8 +48,8 @@
services.openssh.enable = true;
vault-secrets = {
vaultPrefix = "nixos/${config.networking.hostName}";
vaultAddress = "http://10.42.42.6:8200/";
vaultPrefix = "nixos";
vaultAddress = "http://vault.olympus:8200/";
approlePrefix = "olympus-${config.networking.hostName}";
};

52
nixos/hosts/dhcp/configuration.nix Normal file
View file

@ -0,0 +1,52 @@
{ config, pkgs, hosts, ... }:
let
hostToDhcp = { hostname, mac, ip, ... }: {
ethernetAddress = mac;
hostName = hostname;
ipAddress = ip;
};
in {
imports = [ ];
networking = {
hostName = "dhcp";
defaultGateway = "10.42.42.1";
nameservers = [ "10.42.42.15" "10.42.42.16" ];
interfaces.eth0 = {
useDHCP = false; # It turns out the barber just doesn't shave
ipv4.addresses = [{
address = "10.42.42.3";
prefixLength = 23;
}];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment?
# Additional packages
environment.systemPackages = with pkgs; [ ];
networking.firewall.allowedUDPPorts = [ 67 ];
services.dhcpd4 = {
enable = true;
extraConfig = ''
option subnet-mask 255.255.254.0;
option broadcast-address 10.42.43.255;
option routers 10.42.42.1;
option domain-name-servers 10.42.42.15, 10.42.42.16;
option domain-name "olympus";
option domain-search "olympus";
subnet 10.42.42.0 netmask 255.255.254.0 {
range 10.42.43.1 10.42.43.254;
}
'';
machines = map hostToDhcp hosts;
};
}