···
# that the nameserver can resolve the clients fqdn to the correct IP
8
-
import ./make-test-python.nix (
11
-
meta.maintainers = with lib.maintainers; [ hexa ];
14
+
meta.maintainers = with lib.maintainers; [ hexa ];
17
-
{ config, pkgs, ... }:
19
-
virtualisation.vlans = [ 1 ];
20
+
{ config, pkgs, ... }:
22
+
virtualisation.vlans = [ 1 ];
23
-
firewall.allowedUDPPorts = [ 67 ];
26
+
firewall.allowedUDPPorts = [ 67 ];
32
-
Address = "10.0.0.1/29";
35
+
Address = "10.0.0.1/29";
38
-
services.kea.dhcp4 = {
41
-
valid-lifetime = 3600;
43
-
rebind-timer = 1800;
41
+
services.kea.dhcp4 = {
44
+
valid-lifetime = 3600;
46
+
rebind-timer = 1800;
48
-
name = "/var/lib/kea/dhcp4.leases";
51
+
name = "/var/lib/kea/dhcp4.leases";
52
-
socket-type = "unix";
53
-
socket-name = "/run/kea/dhcp4.sock";
55
+
socket-type = "unix";
56
+
socket-name = "/run/kea/dhcp4.sock";
59
+
interfaces-config = {
60
+
dhcp-socket-type = "raw";
56
-
interfaces-config = {
57
-
dhcp-socket-type = "raw";
69
+
subnet = "10.0.0.0/29";
72
+
pool = "10.0.0.3 - 10.0.0.3";
78
+
# Enable communication between dhcp4 and a local dhcp-ddns
80
+
# https://kea.readthedocs.io/en/kea-2.2.0/arm/dhcp4-srv.html#ddns-for-dhcpv4
82
+
enable-updates = true;
85
+
ddns-send-updates = true;
86
+
ddns-qualifying-suffix = "lan.nixos.test.";
90
+
services.kea.dhcp-ddns = {
94
+
# Configure updates of a forward zone named `lan.nixos.test`
95
+
# hosted at the nameserver at 10.0.0.2
96
+
# https://kea.readthedocs.io/en/kea-2.2.0/arm/ddns.html#adding-forward-dns-servers
66
-
subnet = "10.0.0.0/29";
99
+
name = "lan.nixos.test.";
100
+
# Use a TSIG key in production!
69
-
pool = "10.0.0.3 - 10.0.0.3";
104
+
ip-address = "10.0.0.2";
75
-
# Enable communication between dhcp4 and a local dhcp-ddns
77
-
# https://kea.readthedocs.io/en/kea-2.2.0/arm/dhcp4-srv.html#ddns-for-dhcpv4
79
-
enable-updates = true;
82
-
ddns-send-updates = true;
83
-
ddns-qualifying-suffix = "lan.nixos.test.";
87
-
services.kea.dhcp-ddns = {
91
-
# Configure updates of a forward zone named `lan.nixos.test`
92
-
# hosted at the nameserver at 10.0.0.2
93
-
# https://kea.readthedocs.io/en/kea-2.2.0/arm/ddns.html#adding-forward-dns-servers
96
-
name = "lan.nixos.test.";
97
-
# Use a TSIG key in production!
101
-
ip-address = "10.0.0.2";
111
-
services.kea.ctrl-agent = {
114
-
http-host = "127.0.0.1";
116
-
control-sockets.dhcp4 = {
117
-
socket-type = "unix";
118
-
socket-name = "/run/kea/dhcp4.sock";
114
+
services.kea.ctrl-agent = {
117
+
http-host = "127.0.0.1";
119
+
control-sockets.dhcp4 = {
120
+
socket-type = "unix";
121
+
socket-name = "/run/kea/dhcp4.sock";
123
-
services.prometheus.exporters.kea = {
125
-
controlSocketPaths = [
126
-
"http://127.0.0.1:8000"
126
+
services.prometheus.exporters.kea = {
128
+
controlSocketPaths = [
129
+
"http://127.0.0.1:8000"
132
-
{ config, pkgs, ... }:
134
-
virtualisation.vlans = [ 1 ];
135
+
{ config, pkgs, ... }:
137
+
virtualisation.vlans = [ 1 ];
138
-
firewall.allowedUDPPorts = [ 53 ];
141
+
firewall.allowedUDPPorts = [ 53 ];
141
-
systemd.network = {
147
-
Address = "10.0.0.2/29";
144
+
systemd.network = {
150
+
Address = "10.0.0.2/29";
153
-
services.resolved.enable = false;
156
+
services.resolved.enable = false;
155
-
# Set up an authoritative nameserver, serving the `lan.nixos.test`
156
-
# zone and configure an ACL that allows dynamic updates from
157
-
# the router's ip address.
158
-
# This ACL is likely insufficient for production usage. Please
162
-
zone = pkgs.writeTextDir "lan.nixos.test.zone" ''
163
-
@ SOA ns.nixos.test nox.nixos.test 0 86400 7200 3600000 172800
165
-
nameserver A 10.0.0.3
168
-
zonesDir = pkgs.buildEnv {
169
-
name = "knot-zones";
158
+
# Set up an authoritative nameserver, serving the `lan.nixos.test`
159
+
# zone and configure an ACL that allows dynamic updates from
160
+
# the router's ip address.
161
+
# This ACL is likely insufficient for production usage. Please
165
+
zone = pkgs.writeTextDir "lan.nixos.test.zone" ''
166
+
@ SOA ns.nixos.test nox.nixos.test 0 86400 7200 3600000 172800
168
+
nameserver A 10.0.0.3
171
+
zonesDir = pkgs.buildEnv {
172
+
name = "knot-zones";
183
-
log.syslog.any = "info";
186
+
log.syslog.any = "info";
186
-
address = "10.0.0.1";
189
+
address = "10.0.0.1";
190
-
template.default = {
191
-
storage = zonesDir;
192
-
zonefile-sync = "-1";
193
-
zonefile-load = "difference-no-serial";
194
-
journal-content = "all";
193
+
template.default = {
194
+
storage = zonesDir;
195
+
zonefile-sync = "-1";
196
+
zonefile-load = "difference-no-serial";
197
+
journal-content = "all";
197
-
zone."lan.nixos.test" = {
198
-
file = "lan.nixos.test.zone";
200
+
zone."lan.nixos.test" = {
201
+
file = "lan.nixos.test.zone";
209
-
{ config, pkgs, ... }:
211
-
virtualisation.vlans = [ 1 ];
212
-
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
214
-
useNetworkd = true;
216
-
firewall.enable = false;
217
-
interfaces.eth1.useDHCP = true;
212
+
{ config, pkgs, ... }:
214
+
virtualisation.vlans = [ 1 ];
215
+
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
217
+
useNetworkd = true;
219
+
firewall.enable = false;
220
+
interfaces.eth1.useDHCP = true;
225
-
router.wait_for_unit("kea-dhcp4-server.service")
226
-
client.systemctl("start systemd-networkd-wait-online.service")
227
-
client.wait_for_unit("systemd-networkd-wait-online.service")
228
-
client.wait_until_succeeds("ping -c 5 10.0.0.1")
229
-
router.wait_until_succeeds("ping -c 5 10.0.0.3")
230
-
nameserver.wait_until_succeeds("kdig +short client.lan.nixos.test @10.0.0.2 | grep -q 10.0.0.3")
231
-
router.log(router.execute("curl 127.0.0.1:9547")[1])
232
-
router.succeed("curl --no-buffer 127.0.0.1:9547 | grep -qE '^kea_dhcp4_addresses_assigned_total.*1.0$'")
228
+
router.wait_for_unit("kea-dhcp4-server.service")
229
+
client.systemctl("start systemd-networkd-wait-online.service")
230
+
client.wait_for_unit("systemd-networkd-wait-online.service")
231
+
client.wait_until_succeeds("ping -c 5 10.0.0.1")
232
+
router.wait_until_succeeds("ping -c 5 10.0.0.3")
233
+
nameserver.wait_until_succeeds("kdig +short client.lan.nixos.test @10.0.0.2 | grep -q 10.0.0.3")
234
+
router.log(router.execute("curl 127.0.0.1:9547")[1])
235
+
router.succeed("curl --no-buffer 127.0.0.1:9547 | grep -qE '^kea_dhcp4_addresses_assigned_total.*1.0$'")
pyrox.dev