diff options
| -rw-r--r-- | nixos/services/router/dns-dhcp.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/nixos/services/router/dns-dhcp.nix b/nixos/services/router/dns-dhcp.nix index 4c041c2..b1bf421 100644 --- a/nixos/services/router/dns-dhcp.nix +++ b/nixos/services/router/dns-dhcp.nix @@ -27,6 +27,18 @@ in { options.services._router.dnsDhcpConfig = { enable = lib.mkEnableOption "enable pre-configured unbound(outbound) + dnsmasq(local) dns(+dhcp) server"; #enableUnbound = lib.mkEnableOption "enable unbound as outbound dns server"; + dns = { + hostOverrides = lib.mkOption { + type = lib.types.attrsOf lib.types.str; + default = {}; + example = { + "poweredge.home.lan" = "192.168.1.1"; + "router.home.lan" = "192.168.1.1"; + "example.com" = "192.168.1.100"; + }; + description = "dns overrides for specific hosts"; + }; + }; dhcp = { defaultGateway = lib.mkOption { type = lib.types.str; @@ -162,6 +174,8 @@ in { services.dnsmasq = { enable = true; settings = let + mkDNSHostOverride = host: ip: "${host},${ip}"; + dnsHostOverrides = lib.mapAttrsToList (host: ip: mkDNSHostOverride host ip) cfg.dns.hostOverrides; mkDHCPRange = ipRangeStart: ipRangeEnd: subnetMask: leaseTime: "${ipRangeStart},${ipRangeEnd},${subnetMask},${leaseTime}"; mkDHCPOption = option: value: "option:${option},${value}"; mkDHCPStaticLease = macAddress: hostname: staticIp: "${macAddress},${hostname},${staticIp},infinite"; @@ -178,6 +192,8 @@ in { # DNS Server port = 5353; # Use port 5353 for DNS server since unbound is the main DNS resolver + host-record = dnsHostOverrides; # Setup host overrides for dns + # DHCP Server # TODO config #dhcp-range = mkDHCPRange "192.168.1.50" "192.168.1.150" "255.255.255.0" "12h"; # Enable DHCP on the LAN interface @@ -192,6 +208,8 @@ in { (mkDHCPOption "domain-search" cfg.localDomain) # Add search rule to clients so they can resolve hostnames w/o the local domain suffix ]; + dhcp-no-override = true; # don't use kernel DHCP helpers that bypass macvlan + # Logging #log-dhcp = true; # Log DHCP events #log-queries = true; # Log DNS queries |