machines/raven: add dnsmasq with basic config

Co-Authored-By: jalr <mail@jalr.de>
2021-07-18 20:55:05 +02:00 · 2021-07-18 20:55:05 +02:00 · 1a7a2b212a
commit 1a7a2b212a
parent f63ad2ea39
3 changed files with 47 additions and 1 deletions
--- a/machines/raven/configuration.nix
+++ b/machines/raven/configuration.nix
@ -3,6 +3,7 @@
 {
  imports = [
    ./hardware-configuration.nix
+    ./services
  ];

  networking.hostName = "raven";
@ -29,7 +30,7 @@
      labprod.useDHCP = true;
      jt.useDHCP = true;
      labdev.ipv4.addresses = [{
-        address = "192.168.0.1";
+        address = "192.168.94.1";
        prefixLength = 24;
      }];
    };
--- a/machines/raven/services/default.nix
+++ b/machines/raven/services/default.nix
@ -0,0 +1,5 @@
+{
+  imports = [
+    ./dnsmasq.nix
+  ];
+}
--- a/machines/raven/services/dnsmasq.nix
+++ b/machines/raven/services/dnsmasq.nix
@ -0,0 +1,40 @@
+{ pkgs, ... }:
+
+{
+  services.dnsmasq = {
+    enable = true;
+
+    extraConfig = ''
+      bind-dynamic
+
+      expand-hosts
+      domain=lab.fablab-nea.de
+      dhcp-range=192.168.94.20,192.168.94.254,5m
+
+      dhcp-boot=lpxelinux.0,raven,192.168.94.1
+
+      cache-size=10000
+      dns-forward-max=1000
+
+      auth-zone=lab.fablab-nea.de,192.168.94.0/24
+      auth-server=lab.fablab-nea.de,78.47.224.251
+
+      no-hosts
+      addn-hosts=${pkgs.writeText "hosts.dnsmasq" ''
+        192.168.94.1 raven labsync
+        192.168.94.2 switch
+      ''}
+    '';
+
+    servers = [
+      "142.250.185.78" # dns.as250.net
+      "2001:470:20::2" # ordns.he.net
+      "74.82.42.42" # ordns.he.net
+    ];
+  };
+
+  networking.firewall = {
+    allowedUDPPorts = [ 53 67 ];
+    allowedTCPPorts = [ 53 ];
+  };
+}