chore: dhcpv6 still not working

2023-11-08 18:52:09 +01:00 · 2023-11-08 18:52:09 +01:00 · baba43ea82
parent dfab06117a
commit baba43ea82
10 changed files with 50 additions and 37 deletions
--- a/hosts/biolimo/networking.nix
+++ b/hosts/biolimo/networking.nix
@ -6,8 +6,6 @@
  ...
 }: {
  config = {
-    networking.useDHCP = lib.mkDefault true;
-
    age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-biolimo.age";

    pub-solar.wireguard-client = {
--- a/hosts/chocolatebar/networking.nix
+++ b/hosts/chocolatebar/networking.nix
@ -2,11 +2,10 @@
  flake,
  config,
  pkgs,
+  lib,
  ...
 }: {
  config = {
-    networking.useDHCP = lib.mkDefault true;
-
    age.secrets.wg-private-key.file = "${flake.self}/secrets/wg-private-chocolatebar.age";

    pub-solar.wireguard-client = {
--- a/hosts/default.nix
+++ b/hosts/default.nix
@ -39,6 +39,7 @@
          self.nixosModules.printing
          self.nixosModules.virtualisation
          self.nixosModules.wireguard-client
+          self.nixosModules.wireshark
        ];
      };

--- a/hosts/droppie/networking.nix
+++ b/hosts/droppie/networking.nix
@ -11,10 +11,11 @@
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault false;
-  networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault false;
-  networking.interfaces.enp2s0f1.useDHCP = lib.mkDefault false;
+  #networking.useDHCP = true;
+  #networking.interfaces.enp2s0f0.useDHCP = true;
+  #networking.interfaces.enp2s0f1.useDHCP = true;

+  networking.useDHCP = false;
  networking.interfaces.enp2s0f0 = {
    ipv4.addresses = [ { address = "192.168.178.3"; prefixLength = 32; } ];
    ipv6.addresses = [ { address = "2a02:908:5b1:e3c0:3::"; prefixLength = 128; } ];
--- a/hosts/pie/dhcpd.nix
+++ b/hosts/pie/dhcpd.nix
@ -1,6 +1,9 @@
 { pkgs, adblock-unbound, ... }:
 {
-  networking.firewall.allowedUDPPorts = [ 67 ];
+  networking.firewall.allowedUDPPorts = [ 67 547 ];
+  networking.firewall.extraInputRules = ''
+    ip6 daddr ff02::1:2/128 udp dport 547 accept comment "DHCPv6 client"
+  '';

  services.kea.dhcp4 = {
    enable = true;
@ -48,24 +51,20 @@
          reservations = [
            # Pie should set ip itself
            {
-              hostname = "droppie.local";
              hw-address = "08:f1:ea:97:0f:0c";
              ip-address = "192.168.178.3";
            }
            {
-              hostname = "brwb8763f64a364.local";
              hw-address = "b8:76:3f:64:a3:64";
              ip-address = "192.168.178.4";
            }
-            # {
-            #    hostname = "chocolatebar.local";
-            #    hw-address = "48:a4:72:1d:29:32";
-            #    ip-address = "192.168.178.5";
-            # }
            {
-               hostname = "biolimo.local";
-               hw-address = "48:a4:72:1d:29:32";
-               ip-address = "192.168.178.6";
+              hw-address = "04:d9:f5:fa:35:f5";
+              ip-address = "192.168.178.5";
+            }
+            {
+              hw-address = "48:a4:72:1d:29:32";
+              ip-address = "192.168.178.6";
            }
          ];
        }
@ -97,36 +96,36 @@
          subnet = "2a02:908:5b1:e3c0::/64";

          pools = [
-            { pool = "2a02:908:5b1:e3c0::/64"; }
+            { pool = "2a02:908:5b1:e3c0::/72"; }
          ];

+          ddns-qualifying-suffix = "local.";
+
          option-data = [
            {
               name = "dns-servers";
-               code = 23;
-               space = "dhcp6";
-               csv-format = true;
               data = "2a02:908:5b1:e3c0:2::";
            }
+            {
+               name = "domain-search";
+               data = "local";
+            }
          ];

          reservations = [
            {
-              hostname = "droppie.local";
              hw-address = "08:f1:ea:97:0f:0c";
              ip-addresses = [
                "2a02:908:5b1:e3c0:3::"
              ];
            }
-            # {
-            #   hostname = "chocolatebar.local";
-            #   hw-address = "08:f1:ea:97:0f:0c";
-            #   ip-addresses = [
-            #     "2a02:908:5b1:e3c0:5::"
-            #   ];
-            # }
            {
-              hostname = "biolimo.local";
+              hw-address = "04:d9:f5:fa:35:f5";
+              ip-addresses = [
+                "2a02:908:5b1:e3c0:5::"
+              ];
+            }
+            {
              hw-address = "48:a4:72:1d:29:32";
              ip-addresses = [
                "2a02:908:5b1:e3c0:6::"
--- a/hosts/pie/networking.nix
+++ b/hosts/pie/networking.nix
@ -5,7 +5,7 @@
  lib,
  ...
 }: {
-  networking.useDHCP = lib.mkDefault false;
+  networking.useDHCP = false;

  networking.hostId = "34234773";
  networking.hostName = "pie";
--- a/modules/default.nix
+++ b/modules/default.nix
@ -26,6 +26,7 @@
      user = import ./user;
      virtualisation = import ./virtualisation;
      wireguard-client = import ./wireguard-client;
+      wireshark = import ./wireshark;

      base.imports = [
        self.nixosModules.home-manager
--- a/modules/wireshark/default.nix
+++ b/modules/wireshark/default.nix
@ -0,0 +1,17 @@
+{
+  config,
+  pkgs,
+  lib,
+  flake,
+  ...
+}: let
+  psCfg = config.pub-solar;
+in {
+  programs.wireshark.enable = true;
+
+  users.users."${psCfg.user.name}" = {
+    extraGroups = ["wireshark"];
+
+    packages = [ pkgs.wireshark ];
+  };
+}
--- a/users/b12f/default.nix
+++ b/users/b12f/default.nix
@ -10,6 +10,8 @@
 in {
  imports = [
    ./home.nix
+    ./session-variables.nix
+    ./concepts-and-training.nix
  ];

  config = {
--- a/users/b12f/home.nix
+++ b/users/b12f/home.nix
@ -9,11 +9,6 @@ with lib; let
  psCfg = config.pub-solar;
  xdg = config.home-manager.users."${psCfg.user.name}".xdg;
 in {
-  imports = [
-    ./session-variables.nix
-    ./concepts-and-training.nix
-  ];
-
  home-manager.users."${psCfg.user.name}" = {
    programs.ssh = {
      enable = true;