From 29480b6e86ca6057d4151accdb5d4103f1657596 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 4 Mar 2023 19:23:36 +0100 Subject: ... --- hosts/vidhar/printing/default.nix | 124 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 hosts/vidhar/printing/default.nix (limited to 'hosts/vidhar/printing/default.nix') diff --git a/hosts/vidhar/printing/default.nix b/hosts/vidhar/printing/default.nix new file mode 100644 index 00000000..0e0dfcf7 --- /dev/null +++ b/hosts/vidhar/printing/default.nix @@ -0,0 +1,124 @@ +{ config, lib, ... }: + +with lib; + +let + containerConfig = config.containers.printing.config; +in { + config = { + containers.printing = { + privateNetwork = true; + ephemeral = true; + autoStart = true; + hostAddress = "10.141.4.0"; + hostAddress6 = "2a03:4000:52:ada:4::"; + localAddress = "10.141.4.1"; + localAddress6 = "2a03:4000:52:ada:4::1"; + interfaces = [ "printer" ]; + config = let + hostConfig = config; + in { ... }: { + config = { + services = { + kea = { + dhcp4 = { + enable = true; + settings = { + valid-lifetime = 4000; + rebind-timer = 2000; + renew-timer = 1000; + + interfaces-config = { + interfaces = [ "printer" ]; + }; + + lease-database = { + name = "/var/lib/kea/dhcp4.leases"; + persist = true; + type = "memfile"; + }; + + subnet4 = [ + { subnet = "10.141.3.0/24"; + option-data = [ + { name = "domain-name-servers"; + data = "10.141.4.0"; + } + { name = "ntp-servers"; + data = "10.141.4.0"; + } + { name = "broadcast-address"; + data = "10.141.3.255"; + } + { name = "routers"; + data = "10.141.3.1"; + } + { name = "domain-name"; + data = "yggdrasil"; + } + { name = "domain-search"; + data = "printer.yggdrasil, yggdrasil"; + } + ]; + pools = [ { pool = "10.141.3.128 - 10.141.3.254"; } ]; + reservations = [ + { hostname = "printer"; + hw-address = "30:cd:a7:b0:55:8d"; + ip-address = "10.141.3.2"; + } + ]; + } + ]; + }; + }; + }; + + printing = { + enable = true; + listenAddresses = [ + "*:631" + ]; + allowFrom = [ "all" ]; + extraConf = '' + ServerName printing + ServerAlias 10.141.4.1 2a03:4000:52:ada:4::1 printing.vidhar.yggdrasil printing.vidhar.lan.yggdrasil + ''; + }; + + resolved.enable = false; + }; + + networking = { + firewall.enable = false; + nftables = { + enable = true; + rulesetFile = ./ruleset.nft; + }; + + useDHCP = false; + useNetworkd = true; + + interfaces."printer" = { + ipv4.addresses = [ + { address = "10.141.3.1"; prefixLength = 24; } + ]; + }; + }; + + environment.etc."resolv.conf".text = '' + nameserver ${hostConfig.containers.printing.hostAddress6} + ''; + + system.stateVersion = hostConfig.system.stateVersion; + }; + }; + }; + + networking = { + vlans.printer = { + id = 5; + interface = "eno2"; + }; + }; + }; +} -- cgit v1.2.3