fuuko/router: Migrate dnsmasq options to 23.05

2023-05-30 12:24:58 +02:00 · 2023-05-30 12:24:58 +02:00 · b135035baa
parent 4adeba626a
commit b135035baa
1 changed files with 28 additions and 23 deletions
--- a/machines/fuuko/services/router.nix
+++ b/machines/fuuko/services/router.nix
@ -148,40 +148,45 @@ in
  services.dnsmasq = {
    enable = true;

-    extraConfig = ''
-      bogus-priv # do not forward revese lookups of internal addresses
-      domain-needed # do not forward names without domain
-      interface=br-lan # only respond to queries from lan
-      no-hosts # do not resolve hosts from /etc/hosts
-      no-resolv # only use explicitly configured resolvers
+    settings = {
+      bogus-priv = true; # do not forward revese lookups of internal addresses
+      domain-needed = true; # do not forward names without domain
+      interface = "br-lan"; # only respond to queries from lan
+      no-hosts = true; # do not resolve hosts from /etc/hosts
+      no-resolv = true; # only use explicitly configured resolvers

-      cache-size=10000
+      cache-size = 10000;
+
+      inherit domain;

-      domain=${domain}
      # Allow resolving the router
-      interface-name=${config.networking.hostName}.${domain},br-lan
-      interface-name=${config.networking.hostName},br-lan
+      interface-name = [
+        "${config.networking.hostName}.${domain},br-lan"
+        "${config.networking.hostName},br-lan"
+      ];

      # DHCPv4
-      dhcp-range=10.80.1.20,10.80.1.150,12h
-      dhcp-option=option:router,10.80.1.1
-
-      # SLAAC (for addresses) / DHCPv6 (for DNS)
-      dhcp-range=fd00:80:1::,ra-stateless,ra-names
-      dhcp-option=option6:dns-server,fd00:80:1::1
+      dhcp-range = [
+        "10.80.1.20,10.80.1.150,12h" # DHCPv4
+        "fd00:80:1::,ra-stateless,ra-names" # SLAAC (for addresses) / DHCPv6 (for DNS)
+      ];
+      dhcp-option = [
+        "option:router,10.80.1.1"
+        "option6:dns-server,fd00:80:1::1"
+      ];

      # Despite its name, the switch does not have a “smart” configuration,
      # that would allow me to tell it not to get DHCP from wan,
      # but from lan instead.
      # So it has to use static configuration.
-      host-record=switchviech,switchviech.${domain},10.80.1.19
-    '';
-    servers = [
+      host-record = "switchviech,switchviech.${domain},10.80.1.19";
+      server = [
        "10.64.0.1" # mullvad DNS, should be fastest overall
        #"9.9.9.9" # dns.quad9.net
        #"2620:fe::fe"
      ];
    };
+  };
  systemd.services.dnsmasq.after = [ "systemd-networkd.service" ];

  services.prometheus.exporters.dnsmasq = {