nixos: add dhcp server
This commit is contained in:
parent
2c690f2148
commit
99bdbd6b59
4 changed files with 87 additions and 26 deletions
|
@ -87,7 +87,6 @@
|
|||
];
|
||||
};
|
||||
|
||||
checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy)
|
||||
deploy-rs.lib;
|
||||
checks = mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
|
||||
};
|
||||
}
|
||||
|
|
54
hosts.nix
54
hosts.nix
|
@ -7,23 +7,15 @@
|
|||
nix = false;
|
||||
}
|
||||
{
|
||||
hostname = "nuc";
|
||||
ip = "10.42.42.42";
|
||||
mac = "1C:69:7A:62:30:88";
|
||||
hostname = "unifi-ap";
|
||||
ip = "10.42.42.2";
|
||||
mac = "b4:fb:e4:f3:ff:1b";
|
||||
nix = false;
|
||||
}
|
||||
{
|
||||
hostname = "LGwebOSTV";
|
||||
ip = "10.42.42.13";
|
||||
mac = "74:40:be:48:85:a4";
|
||||
nix = false;
|
||||
}
|
||||
{
|
||||
hostname = "home-assistant";
|
||||
ip = "10.42.42.8";
|
||||
ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee";
|
||||
mac = "74:40:be:48:85:a4";
|
||||
nix = false;
|
||||
hostname = "dhcp";
|
||||
ip = "10.42.42.3";
|
||||
mac = "3E:2D:E8:AA:E2:81";
|
||||
}
|
||||
{
|
||||
hostname = "bastion";
|
||||
|
@ -31,13 +23,6 @@
|
|||
mac = "82:F0:7C:CB:BD:6D";
|
||||
lxc = false;
|
||||
}
|
||||
{
|
||||
hostname = "k3s-node1";
|
||||
profile = "k3s";
|
||||
ip = "10.42.42.10";
|
||||
mac = "2E:F8:55:23:D9:9B";
|
||||
lxc = false;
|
||||
}
|
||||
{
|
||||
hostname = "vault";
|
||||
ip = "10.42.42.6";
|
||||
|
@ -48,11 +33,31 @@
|
|||
ip = "10.42.42.7";
|
||||
mac = "C6:F9:8B:3D:9E:37";
|
||||
}
|
||||
{
|
||||
hostname = "home-assistant";
|
||||
ip = "10.42.42.8";
|
||||
ip6 = "2001:41f0:9639:1:bfe7:3fd9:75de:cbee";
|
||||
mac = "74:40:be:48:85:a4";
|
||||
nix = false;
|
||||
}
|
||||
{
|
||||
hostname = "nginx";
|
||||
ip = "10.42.42.9";
|
||||
mac = "6A:C2:89:85:CF:A6";
|
||||
}
|
||||
{
|
||||
hostname = "k3s-node1";
|
||||
profile = "k3s";
|
||||
ip = "10.42.42.10";
|
||||
mac = "2E:F8:55:23:D9:9B";
|
||||
lxc = false;
|
||||
}
|
||||
{
|
||||
hostname = "WoolooTV";
|
||||
ip = "10.42.42.13";
|
||||
mac = "74:40:be:48:85:a4";
|
||||
nix = false;
|
||||
}
|
||||
{
|
||||
hostname = "consul";
|
||||
ip = "10.42.42.14";
|
||||
|
@ -72,8 +77,13 @@
|
|||
}
|
||||
{
|
||||
hostname = "minio";
|
||||
profile = "dns";
|
||||
ip = "10.42.42.17";
|
||||
mac = "0A:06:5E:E7:9A:0C";
|
||||
}
|
||||
{
|
||||
hostname = "nuc";
|
||||
ip = "10.42.42.42";
|
||||
mac = "1C:69:7A:62:30:88";
|
||||
nix = false;
|
||||
}
|
||||
]
|
||||
|
|
|
@ -48,8 +48,8 @@
|
|||
services.openssh.enable = true;
|
||||
|
||||
vault-secrets = {
|
||||
vaultPrefix = "nixos/${config.networking.hostName}";
|
||||
vaultAddress = "http://10.42.42.6:8200/";
|
||||
vaultPrefix = "nixos";
|
||||
vaultAddress = "http://vault.olympus:8200/";
|
||||
approlePrefix = "olympus-${config.networking.hostName}";
|
||||
};
|
||||
|
||||
|
|
52
nixos/hosts/dhcp/configuration.nix
Normal file
52
nixos/hosts/dhcp/configuration.nix
Normal file
|
@ -0,0 +1,52 @@
|
|||
{ config, pkgs, hosts, ... }:
|
||||
let
|
||||
hostToDhcp = { hostname, mac, ip, ... }: {
|
||||
ethernetAddress = mac;
|
||||
hostName = hostname;
|
||||
ipAddress = ip;
|
||||
};
|
||||
in {
|
||||
imports = [ ];
|
||||
|
||||
networking = {
|
||||
hostName = "dhcp";
|
||||
defaultGateway = "10.42.42.1";
|
||||
nameservers = [ "10.42.42.15" "10.42.42.16" ];
|
||||
interfaces.eth0 = {
|
||||
useDHCP = false; # It turns out the barber just doesn't shave
|
||||
ipv4.addresses = [{
|
||||
address = "10.42.42.3";
|
||||
prefixLength = 23;
|
||||
}];
|
||||
};
|
||||
};
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "21.11"; # Did you read the comment?
|
||||
|
||||
# Additional packages
|
||||
environment.systemPackages = with pkgs; [ ];
|
||||
|
||||
networking.firewall.allowedUDPPorts = [ 67 ];
|
||||
|
||||
services.dhcpd4 = {
|
||||
enable = true;
|
||||
extraConfig = ''
|
||||
option subnet-mask 255.255.254.0;
|
||||
option broadcast-address 10.42.43.255;
|
||||
option routers 10.42.42.1;
|
||||
option domain-name-servers 10.42.42.15, 10.42.42.16;
|
||||
option domain-name "olympus";
|
||||
option domain-search "olympus";
|
||||
subnet 10.42.42.0 netmask 255.255.254.0 {
|
||||
range 10.42.43.1 10.42.43.254;
|
||||
}
|
||||
'';
|
||||
machines = map hostToDhcp hosts;
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue