feat(router0-dmz0,sj-srv1): use bridged macvlan as main dmz interface

this allows guest VMs to communicate with the host via their macvtap connection.
2024-08-24 00:18:17 +02:00 · 2024-08-24 00:18:17 +02:00 · 7d0515d6f0
commit 7d0515d6f0
parent 84b473d38c
2 changed files with 44 additions and 6 deletions
--- a/nix/os/devices/router0-dmz0/configuration.nix
+++ b/nix/os/devices/router0-dmz0/configuration.nix
@ -87,13 +87,16 @@
    then bridgeInterfaceName
    else "${bridgeInterfaceName}.${toString vlanid}";

-  dmzExposedHost = "sj-srv1.dmz.internal";
+  dmzExposedHost = "sj-srv1";
+  dmzExposedHostDomain = "dmz.internal";
+  dmzExposedHostFQDN = "${dmzExposedHost}.${dmzExposedHostDomain}";
  dmzExposedHostIpv4 = mkVlanIpv4HostAddr {
    vlanid = vlansByName.dmz.id;
    host = 99;
    cidr = false;
  };
-  # "sj-srv1.dmz.internal";
+
+  dmzExposedHostMACaddr = repoFlake.nixosConfigurations.${dmzExposedHost}.config.systemd.network.netdevs."10-dmz0".netdevConfig.MACAddress;
 in {
  imports = [
    nixos-sbc.nixosModules.default
@ -1126,8 +1129,11 @@ in {
        )
        vlanRangeWith0;

-      # TODO: double-check that this works
-      dhcp-host = "1c:69:7a:07:08:5f,${dmzExposedHostIpv4},${dmzExposedHost}";
+      dhcp-host = builtins.concatStringsSep "," [
+        dmzExposedHostMACaddr
+        dmzExposedHostIpv4
+        dmzExposedHostFQDN
+      ];

      expand-hosts = true;