liminix/modules/dnsmasq/service.nix

{
  liminix,
  dnsmasq,
  serviceFns,
  lib,
  svc,
}:
{
  interface,
  user,
  domain,
  group,
  ranges,
  hosts,
  upstreams,
  resolvconf,
}:
let
  name = "${interface.name}.dnsmasq";
  inherit (liminix.services) longrun;
  inherit (lib) concatStrings concatStringsSep mapAttrsToList;
  hostOpt =
    name:
    {
      mac,
      v4,
      v6,
      leasetime,
    }:
    let
      v6s = concatStrings (map (a: ",[${a}]") v6);
    in
    "--dhcp-host=${mac},${v4}${v6s},${name},${builtins.toString leasetime}";
  autoconfig = svc.ipv6.autoconfig.build {
    inherit interface;
    role = "router";
  };
in
longrun {
  inherit name;
  dependencies = [
    interface
    autoconfig
  ];
  run = ''
    ${dnsmasq}/bin/dnsmasq \
    --user=${user} \
    --domain=${domain} \
    --group=${group} \
    --interface=$(output ${interface} ifname) \
    --bind-interfaces \
    ${lib.concatStringsSep " " (builtins.map (r: "--dhcp-range=${r}") ranges)} \
    ${lib.concatStringsSep " " (builtins.map (r: "--server=${r}") upstreams)} \
    --keep-in-foreground \
    --dhcp-authoritative \
    ${
      if resolvconf != null then
        "--resolv-file=$(output_path ${resolvconf} resolv.conf)"
      else
        "--no-resolv"
    } \
    ${lib.concatStringsSep " " (mapAttrsToList hostOpt hosts)} \
    --no-hosts \
    --log-dhcp \
    --enable-ra \
    --log-facility=- \
    --dhcp-leasefile=$(mkstate ${name})/leases \
    --pid-file=/run/${name}.pid
  '';
}