{ config, lib, pkgs, ... }: { imports = [ ./dsl.nix ./bifrost ]; config = { networking = { hostName = "vidhar"; domain = "yggdrasil"; search = [ "yggdrasil" ]; useDHCP = false; useNetworkd = true; interfaces."lan" = { ipv4.addresses = [ { address = "10.141.0.1"; prefixLength = 24; } ]; }; interfaces."mgmt" = { ipv4.addresses = [ { address = "10.141.1.1"; prefixLength = 24; } ]; }; interfaces."dmz01" = { ipv4.addresses = [ { address = "10.141.2.1"; prefixLength = 24; } ]; }; vlans = { mgmt = { id = 2; interface = "eno2"; }; lan = { id = 3; interface = "eno2"; }; dmz01 = { id = 4; interface = "eno2"; }; }; firewall.enable = false; nftables = { enable = true; rulesetFile = ./ruleset.nft; }; }; services.resolved = { llmnr = "false"; }; services.kea = { dhcp4 = { enable = true; settings = { valid-lifetime = 4000; rebind-timer = 2000; renew-timer = 1000; interfaces-config = { interfaces = [ "lan" "mgmt" ]; }; lease-database = { name = "/var/lib/kea/dhcp4.leases"; persist = true; type = "memfile"; }; subnet4 = [ { subnet = "10.141.0.0/24"; option-data = [ { name = "domain-name-servers"; data = "10.141.0.1"; } { name = "broadcast-address"; data = "10.141.0.255"; } { name = "routers"; data = "10.141.0.1"; } { name = "domain-name"; data = "yggdrasil"; } ]; pools = [ { pool = "10.141.0.128 - 10.141.0.254"; } ]; reservations = []; } { subnet = "10.141.1.0/24"; option-data = [ { name = "domain-name-servers"; data = "10.141.1.1"; } { name = "broadcast-address"; data = "10.141.1.255"; } ]; pools = [ { pool = "10.141.1.128 - 10.141.1.254"; } ]; reservations = [ { hostname = "switch01"; hw-address = "60:a4:b7:53:94:b5"; ip-address = "10.141.1.2"; } ]; } { subnet = "10.141.2.0/24"; option-data = [ { name = "domain-name-servers"; data = "10.141.2.1"; } { name = "broadcast-address"; data = "10.141.2.255"; } { name = "routers"; data = "10.141.2.1"; } ]; pools = [ { pool = "10.141.2.128 - 10.141.2.254"; } ]; reservations = [ { hostname = "ap01"; hw-address = "74:ac:b9:29:ad:9a"; ip-address = "10.141.1.4"; } ]; } ]; }; }; }; systemd.network.networks = { "eno1" = { matchConfig.Name = "eno1"; linkConfig = { ActivationPolicy = "down"; }; }; "eno2" = { matchConfig.Name = "eno2"; networkConfig.LinkLocalAddressing = "no"; }; }; }; }