From a8780387ba8b331a69501f5793157d6d3545602a Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Wed, 8 Jul 2020 01:45:57 +0530
Subject: nixos/dhcpd: make authoritative mode optional

There are circumstances where running secondary DHCP servers in
non-authoritative mode is advantageous. Retain the previous
authoritative behavior as a default.
---
 nixos/modules/services/networking/dhcpd.nix | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'nixos/modules/services/networking/dhcpd.nix')

diff --git a/nixos/modules/services/networking/dhcpd.nix b/nixos/modules/services/networking/dhcpd.nix
index 67f7d811887..8966deac76c 100644
--- a/nixos/modules/services/networking/dhcpd.nix
+++ b/nixos/modules/services/networking/dhcpd.nix
@@ -11,7 +11,7 @@ let
     ''
       default-lease-time 600;
       max-lease-time 7200;
-      authoritative;
+      ${optionalString (!cfg.authoritative) "not "}authoritative;
       ddns-update-style interim;
       log-facility local1; # see dhcpd.nix
 
@@ -176,6 +176,16 @@ let
       '';
     };
 
+    authoritative = mkOption {
+      type = types.bool;
+      default = true;
+      description = ''
+        Whether the DHCP server shall send DHCPNAK messages to misconfigured
+        clients. If this is not done, clients may be unable to get a correct
+        IP address after changing subnets until their old lease has expired.
+      '';
+    };
+
   };
 
 in
-- 
cgit 1.4.1