From bb084d5aabbd35ba9b1bc8cef04c045e45e295db Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sat, 19 Aug 2023 23:54:48 +0100 Subject: [PATCH] swann: kea/radvd if erbium is off --- ops/nixos/swann/default.nix | 171 +++++++++++++++++++++++++++++++++++- 1 file changed, 170 insertions(+), 1 deletion(-) diff --git a/ops/nixos/swann/default.nix b/ops/nixos/swann/default.nix index b30bba3293..59f4c49004 100644 --- a/ops/nixos/swann/default.nix +++ b/ops/nixos/swann/default.nix @@ -797,5 +797,174 @@ in { Storage=volatile ''; systemd.services.tailscaled.environment.TS_LOGS_DIR = "/var/run/tailscale"; - } ]; + } (lib.mkIf (!config.services.erbium.enable) { + services.radvd = { + enable = true; + config = '' + interface br-internal { + AdvSendAdvert on; + AdvLinkMTU 1420; # Wireguard + AdvManagedFlag on; + + RDNSS 2a09:a443::1 {}; + DNSSL house.as205479.net {}; + + prefix 2a09:a443::/64 { + AdvOnLink on; + AdvAutonomous on; + }; + prefix 2a09:a443:1::/48 { + AdvOnLink on; + AdvAutonomous off; + }; + }; + interface vl-eduroam { + AdvSendAdvert on; + AdvLinkMTU 1420; # Wireguard + AdvManagedFlag on; + + RDNSS 2a09:a443:2::1 {}; + DNSSL eduroam.as205479.net {}; + + prefix 2a09:a443:2::/64 { + AdvOnLink on; + AdvAutonomous on; + }; + prefix 2a09:a443:3::/48 { + AdvOnLink on; + AdvAutonomous off; + }; + }; + ''; + }; + + services.kea = { + dhcp4.enable = true; + dhcp4.settings = { + interfaces-config.interfaces = ["br-internal" "vl-eduroam"]; + lease-database = { + type = "memfile"; + persist = true; + name = "/var/lib/kea/dhcp4.leases"; + }; + reservations-global = true; + reservations = [{ + hw-address = "40:8d:5c:1f:e8:68"; + ip-address = "192.168.1.40"; + hostname = "totoro"; + } { + hw-address = "52:54:00:cf:cd:94"; + ip-address = "192.168.1.41"; + hostname = "totoro-pfsense"; + } { + hw-address = "00:0d:5d:1b:14:ba"; + ip-address = "192.168.1.50"; + hostname = "kvm"; + } { + hw-address = "9c:93:4e:ad:1f:7b"; + ip-address = "192.168.1.51"; + hostname = "printer-xerox"; + } { + hw-address = "bc:33:29:26:01:5c"; + ip-address = "92.118.30.18"; + hostname = "ps5"; + } { + hw-address = "84:39:be:77:65:52"; + ip-address = "192.168.1.60"; + hostname = "qvmpc6552"; + }]; + subnet4 = [{ + subnet = "192.168.1.0/24"; + pools = [{ + pool = "192.168.1.100 - 192.168.1.200"; + }]; + option-data = [{ + name = "routers"; + data = "192.168.1.1"; + } { + name = "domain-name-servers"; + data = "192.168.1.1"; + } { + name = "domain-name"; + data = "house.as205479.net"; + } { + name = "interface-mtu"; + data = "1420"; + }]; + } { + subnet = "92.118.30.16/28"; + option-data = [{ + name = "routers"; + data = "92.118.30.17"; + } { + name = "domain-name-servers"; + data = "92.118.30.17"; + } { + name = "domain-name"; + data = "house-ext.as205479.net"; + } { + name = "interface-mtu"; + data = "1420"; + }]; + } { + subnet = "192.168.10.0/24"; + pools = [{ + pool = "192.168.10.100 - 192.168.10.200"; + }]; + option-data = [{ + name = "routers"; + data = "192.168.10.1"; + } { + name = "domain-name-servers"; + data = "192.168.10.1"; + } { + name = "domain-name"; + data = "eduroam.as205479.net"; + } { + name = "interface-mtu"; + data = "1420"; + }]; + }]; + }; + + dhcp6.enable = true; + dhcp6.settings = { + interfaces-config.interfaces = ["br-internal" "vl-eduroam"]; + lease-database = { + type = "memfile"; + persist = true; + name = "/var/lib/kea/dhcp6.leases"; + }; + subnet6 = [{ + subnet = "2a09:a443:1::/48"; + pd-pools = [{ + prefix = "2a09:a443:1:8000::"; + prefix-len = 49; + delegated-len = 64; + }]; + option-data = [{ + name = "dns-servers"; + data = "2a09:a443:1::1"; + } { + name = "domain-search"; + data = "house.as205479.net"; + }]; + } { + subnet = "2a09:a443:3::/48"; + pd-pools = [{ + prefix = "2a09:a443:3:8000::"; + prefix-len = 49; + delegated-len = 64; + }]; + option-data = [{ + name = "dns-servers"; + data = "2a09:a443:3::1"; + } { + name = "domain-search"; + data = "eduroam.as205479.net"; + }]; + }]; + }; + }; + })]; }