72 lines
1.7 KiB
Nix
72 lines
1.7 KiB
Nix
{ pkgs, ... }:
|
|
let
|
|
json = pkgs.formats.json { };
|
|
in {
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
# defaultNetwork.settings = {
|
|
# driver = "macvlan";
|
|
# network_interface = "server";
|
|
# ipv6_enabled = false;
|
|
# internal = false;
|
|
# dns_enabled = false;
|
|
# subnets = [{
|
|
# gateway = "10.42.97.1";
|
|
# subnet = "10.42.97.0/24";
|
|
# lease_range = {
|
|
# start_ip = "10.42.97.193";
|
|
# end_ip = "10.42.97.223";
|
|
# };
|
|
# }];
|
|
# };
|
|
};
|
|
};
|
|
|
|
networking = {
|
|
macvlans = {
|
|
"server-shim" = {
|
|
interface = "server";
|
|
mode = "bridge";
|
|
};
|
|
};
|
|
interfaces = {
|
|
"server-shim" = {
|
|
ipv4.addresses = [{
|
|
address = "10.42.97.223";
|
|
prefixLength = 24;
|
|
}];
|
|
ipv4.routes = [{
|
|
address = "10.42.97.192";
|
|
prefixLength = 27;
|
|
}];
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.sockets."netavark-dhcp-proxy" = {
|
|
description = "Netavark DHCP proxy socket";
|
|
socketConfig = {
|
|
ListenStream = "%t/podman/nv-proxy.sock";
|
|
SocketMode = 0660;
|
|
};
|
|
wantedBy = [ "sockets.target" ];
|
|
};
|
|
|
|
systemd.services."netavark-dhcp-proxy" = {
|
|
description = "Netavark DHCP proxy service";
|
|
after = [ "netavark-dhcp-proxy.socket" ];
|
|
requires = [ "netavark-dhcp-proxy.socket" ];
|
|
wantedBy = [ "multi-user.target" "netavark-dhcp-proxy.socket" ];
|
|
path = [ pkgs.netavark ];
|
|
startLimitIntervalSec = 0;
|
|
|
|
serviceConfig = {
|
|
Type = "exec";
|
|
ExecStart= "${pkgs.netavark}/bin/netavark dhcp-proxy -a 30";
|
|
};
|
|
};
|
|
}
|