linuxlab.nix/machines/nfs/dhcp.nix

{ lib, config, ... }:

with lib;

let
  clients = import ../../clients.nix;

in
{
  services.kea.dhcp4 = {
    enable = true;

    settings = {
      interfaces-config = {
        interfaces = [
          "enp4s0f0"
          "enp4s0f1"
        ];
      };

      lease-database = {
        name = "/var/lib/kea/dhcp4.leases";
        persist = true;
        type = "memfile";
      };

      rebind-timer = 2000;
      renew-timer = 1000;

      subnet4 = [
        {
          id = 1;
          subnet = "10.33.64.0/20";
          interface = "enp4s0f0";

          pools = [
            {
              pool = "10.33.65.100 - 10.33.65.200";
            }
          ];

          option-data = [
            {
              name = "routers";
              data = "10.33.64.1";
            }

            {
              name = "domain-name-servers";
              data = "10.0.0.53";
            }

            {
              name = "domain-name";
              data = config.networking.domain;
            }

            {
              name = "domain-search";
              data = config.networking.domain;
            }
          ];

          "reservations" = mapAttrsToList
            (_: client: {
              "hw-address" = strings.toLower client.mac;
              "ip-address" = client.ip;
            })
            clients;
        }

        {
          # This net is only used during PXE boot
          id = 2;
          subnet = "10.32.44.0/24";
          interface = "enp4s0f1";

          pools = [
            {
              pool = "10.32.44.100 - 10.32.44.200";
            }
          ];
        }
      ];

      valid-lifetime = 4000;
    };
  };

  networking.firewall.allowedUDPPorts = [
    67
    68 # DHCP
  ];
}