From 9b5f75397ebf88379d6228e5a999988b0af3edfd Mon Sep 17 00:00:00 2001
From: Mathias Magnusson <mathias@magnusson.space>
Date: Tue, 14 Oct 2025 12:59:14 +0200
Subject: replace kea with dnsmasq

---
 router.nix | 43 ++++++++++++++++++-------------------------
 1 file changed, 18 insertions(+), 25 deletions(-)

(limited to 'router.nix')

diff --git a/router.nix b/router.nix
index 2285c84..4565b8c 100644
--- a/router.nix
+++ b/router.nix
@@ -43,33 +43,26 @@ in
     };
   };
 
-  services.kea.dhcp4 = {
+  services.dnsmasq = {
     enable = true;
     settings = {
-      interfaces-config = {
-        interfaces = [ "br0" ];
-        service-sockets-max-retries = 200000;
-        service-sockets-retry-wait-time = 5000;
-      };
-      lease-database = {
-        name = "/var/lib/kea/dhcp4-leases.csv";
-        type = "memfile";
-      };
-      valid-lifetime = 4000;
-      renew-timer = 2000;
-      rebind-timer = 3500;
-      subnet4 = [{
-        id = 1;
-        subnet = "10.69.0.0/16";
-        pools = [{
-          pool = "10.69.0.2 - 10.69.0.254";
-        }];
-        option-data = [
-          { name = "routers"; data = "10.69.0.1"; }
-          { name = "domain-name-servers"; data = "1.1.1.1, 1.0.0.1"; }
-        ];
-      }];
+      domain-needed = true;
+      bogus-priv = true;
+      no-resolv = true;
+
+      domain = "m.internal";
+      local = "/m.internal/";
+
+      server = [ "1.1.1.1" "1.0.0.1" ];
+
+      interface = "br0";
+      dhcp-range = "10.69.0.2,10.69.0.254,255.255.0.0,1h";
+      dhcp-option = [ "option:router,10.69.0.1" "option:dns-server,10.69.0.1" ];
+      dhcp-authoritative = true;
     };
   };
-  oden.persist.directories = [ "/var/lib/private/kea" ];
+  networking.nameservers = [ "127.0.0.1" ];
+  networking.firewall.allowedUDPPorts = [ 53 67 ];
+  networking.firewall.allowedTCPPorts = [ 53 ];
+  oden.persist.directories = [ "/var/lib/dnsmasq" ];
 }
-- 
cgit v1.2.3