feat: initial

2026-03-09 22:06:13 +01:00 · 2026-03-09 22:06:13 +01:00 · bba9ceff39
commit bba9ceff39
18 changed files with 750 additions and 0 deletions
--- a/services/kea.nix
+++ b/services/kea.nix
@ -0,0 +1,56 @@
+{ config, pkgs, ... }:
+
+let
+  net = import ../data/network.nix;
+in
+{
+  services.kea.dhcp4 = {
+    enable = true;
+    settings = {
+      interfaces-config = {
+        interfaces = [ "eth0" ];
+      };
+      lease-database = {
+        name = "/var/lib/kea/dhcp4.leases";
+        type = "memfile";
+      };
+      subnet4 = [{
+        id = 1;
+        subnet = net.network.subnet;
+        pools = [{
+          pool = "${net.dhcp.pool_start} - ${net.dhcp.pool_end}";
+        }];
+        option-data = [
+          {
+            name = "routers";
+            data = net.ips.router;
+          }
+          {
+            name = "domain-name-servers";
+            data = builtins.concatStringsSep ", " ([net.ips.pi] ++ net.fallback_dns_servers);
+          }
+          {
+            name = "domain-name";
+            data = net.local_domain;
+          }
+          {
+            name = "domain-search";
+            data = net.local_domain;
+          }
+        ];
+
+        reservations = net.dhcp.reservations;
+      }];
+
+      valid-lifetime = net.dhcp.default_lease;
+      renew-timer = net.dhcp.default_lease / 2;
+      rebind-timer = net.dhcp.default_lease * 3 / 4;
+    };  
+  };
+
+  # Firewall rules for DHCP
+  networking.firewall = {
+    allowedUDPPorts = [ 67 68 ];  # DHCP ports
+    checkReversePath = false;      # Sometimes needed for DHCP
+  };
+}