add dnsmasq and example config for it

would be good to move more of this into a module, but that
doesn't sit well with the (potential) ability to run more than one
dnsmasq service, as modules are singletons

pkgs/liminix-tools/networking/default.nix

@@ -18,6 +18,8 @@ in {
       name = "${interface.device}.addr.${address}";
       up = "ip address add ${address}/${toString prefixLength} dev ${interface.device} ";
       down = "ip address del ${address}/${toString prefixLength} dev ${interface.device} ";
+    } // {
+      inherit (interface) device;
     };
   udhcpc = callPackage ./udhcpc.nix {};
   odhcpc = interface: { ... } @ args: longrun {
@@ -25,6 +27,7 @@ in {
     run = "odhcpcd ${interface.device}";
   };
   pppoe = callPackage ./pppoe.nix {};
+  dnsmasq = callPackage ./dnsmasq.nix {};
   route = { name, target, via, dependencies }:
     oneshot {
       inherit name;

pkgs/liminix-tools/networking/dnsmasq.nix

@@ -0,0 +1,39 @@
+{
+  liminix
+, dnsmasq
+, lib
+}:
+{
+  user ? "dnsmasq"
+, group ? "dnsmasq"
+, interface
+, upstreams ? []
+, ranges
+, domain
+} :
+let
+  inherit (liminix.services) longrun;
+  inherit (lib) concatStringsSep;
+  name = "${interface.device}.dnsmasq";
+in longrun {
+  inherit name;
+  dependencies = [ interface ];
+  run = ''
+    ${dnsmasq}/bin/dnsmasq \
+    --user=${user} \
+    --domain=${domain} \
+    --group=${group} \
+    --interface=${interface.device} \
+    ${lib.concatStringsSep " " (builtins.map (r: "--dhcp-range=${r}") ranges)} \
+    ${lib.concatStringsSep " " (builtins.map (r: "--server=${r}") upstreams)} \
+    --keep-in-foreground \
+    --dhcp-authoritative \
+    --no-resolv \
+    --log-dhcp \
+    --enable-ra \
+    --log-debug \
+    --log-facility=- \
+    --dhcp-leasefile=/run/${name}.leases \
+    --pid-file=/run/${name}.pid
+  '';
+}