nixos-servers/nix/modules/networking/dmz_services/dnsmasq.nix

{ config, ... }:
let
  cfg = config.lab.networking;
in
{
  no-resolv = true;
  local = "/dmz/";
  dhcp-fqdn = true;
  no-hosts = true;
  expand-hosts = true;
  domain = "dmz";
  dhcp-authoritative = true;
  ra-param = "*,0,0";
  alias = "${cfg.public.ipv4.router},${cfg.dmz.ipv4.dockerSwarm}";
  log-dhcp = true;
  log-queries = true;
  port = "5353";
  host-record = [
    "hermes.dmz,${cfg.dmz.ipv4.services},${cfg.dmz.ipv6.services}"
    "ipv4.hermes.dmz,${cfg.dmz.ipv4.services}" # TODO: Do we need these?
    "ipv6.hermes.dmz,${cfg.dmz.ipv6.services}"
  ];

  server = [
    cfg.dmz.ipv4.router
    "/geokunis2.nl/${cfg.dmz.ipv4.services}"
    "/kun.is/${cfg.dmz.ipv4.services}"
  ];

  dhcp-range = [
    "192.168.30.50,192.168.30.127,15m"
    "2a0d:6e00:1a77:30::,ra-stateless,ra-names"
  ];

  dhcp-host = [
    "b8:27:eb:b9:ab:e2,esrom"
    "ba:db:ee:f0:00:01,maestro,${cfg.dmz.ipv4.dockerSwarm}"
  ];

  dhcp-option = [
    "3,${cfg.dmz.ipv4.router}"
    "option:dns-server,${cfg.dmz.ipv4.router}"
    "option6:dns-server,[2a02:58:19a:30::1]"
  ];

  address = [
    "/ns.pizzapim.nl/ns.geokunis2.nl/${cfg.dmz.ipv4.services}"
    "/ns.pizzapim.nl/ns.geokunis2.nl/${cfg.dmz.ipv6.services}"
  ];
}