feat[server]: finalize router config

2026-04-15 05:39:11 +02:00 · 2026-01-02 05:03:32 +01:00 · 2026-01-02 05:03:32 +01:00 · ca9f5830bf
commit ca9f5830bf
parent 2ff914d49d
14 changed files with 739 additions and 392 deletions
--- a/modules/nixos/server/kea.nix
+++ b/modules/nixos/server/kea.nix
@ -1,49 +1,40 @@
 { lib, config, globals, confLib, ... }:
 let
  inherit (confLib.gen { name = "kea"; dir = "/var/lib/private/kea"; }) serviceName serviceDir;
-in
-{
-  options = {
-    swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
-  };
-  config = lib.mkIf config.swarselmodules.server.${serviceName} {
-
-    environment.persistence."/persist".directories = lib.mkIf config.swarselsystems.isImpermanence [
-      { directory = serviceDir; mode = "0700"; }
-    ];
-
-    services.kea.dhcp4 = {
+  dhcpX = intX:
+    let
+      x = builtins.toString intX;
+    in
+    {
      enable = true;
      settings = {
        lease-database = {
-          name = "/var/lib/kea/dhcp4.leases";
+          name = "/var/lib/kea/dhcp${x}.leases";
          persist = true;
          type = "memfile";
        };
        valid-lifetime = 86400;
        renew-timer = 3600;
        interfaces-config = {
-          # XXX: BUG: why does this bind other macvtaps?
          interfaces = map (name: "me-${name}") (builtins.attrNames globals.networks.home-lan.vlans);
          service-sockets-max-retries = -1;
        };
-        subnet4 = lib.flip lib.mapAttrsToList globals.networks.home-lan.vlans (
+        "subnet${x}" = lib.flip lib.mapAttrsToList globals.networks.home-lan.vlans (
          vlanName: vlanCfg: {
            inherit (vlanCfg) id;
            interface = "me-${vlanName}";
-            subnet = vlanCfg.cidrv4;
+            subnet = vlanCfg."cidrv${x}";
            pools = [
              {
-                pool = "${lib.net.cidr.host 20 vlanCfg.cidrv4} - ${lib.net.cidr.host (-6) vlanCfg.cidrv4}";
+                pool = "${lib.net.cidr.host 20 vlanCfg."cidrv${x}"} - ${lib.net.cidr.host (-6) vlanCfg."cidrv${x}"}";
              }
            ];
            option-data =
-              [
+              lib.optional (intX == 4)
                {
                  name = "routers";
-                  data = vlanCfg.hosts.hintbooth.ipv4; # FIXME: how to advertise v6 address also?
-                }
-              ];
+                  data = vlanCfg.hosts.hintbooth."ipv${x}"; # FIXME: how to advertise v6 address also?
+                };
            # Advertise DNS server for VLANS that have internet access
            # ++
            # lib.optional
@ -62,7 +53,8 @@ in
                hostCfg:
                lib.optional (hostCfg.mac != null) {
                  hw-address = hostCfg.mac;
-                  ip-address = hostCfg.ipv4;
+                  ip-address = lib.mkIf (intX == 4) hostCfg."ipv${x}";
+                  ip-addresses = lib.mkIf (intX == 6) [ hostCfg."ipv${x}" ];
                }
              )
            );
@ -70,7 +62,21 @@ in
        );
      };
    };
+in
+{
+  options = {
+    swarselmodules.server.${serviceName} = lib.mkEnableOption "enable ${serviceName} on server";
+  };
+  config = lib.mkIf config.swarselmodules.server.${serviceName} {

+    environment.persistence."/persist".directories = lib.mkIf config.swarselsystems.isImpermanence [
+      { directory = serviceDir; mode = "0700"; }
+    ];
+
+    services.kea = {
+      dhcp4 = dhcpX 4;
+      dhcp6 = dhcpX 6;
+    };

  };
 }