mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

fix: missing firewall zone was dropping associated config

Browse source
This commit is contained in:
oddlama 2024-05-21 01:10:07 +02:00
parent f099a5eae3
commit 7bb25e5d7a
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
1 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

18
hosts/ward/net.nix
View file

@ -10,7 +10,22 @@ in {
boot.initrd.systemd.network = { boot.initrd.systemd.network = {
enable = true; enable = true;
networks = {inherit (config.systemd.network.networks) "10-wan";}; networks = {
inherit (config.systemd.network.networks) "10-wan";
"20-lan" = {
address = [
(lib.net.cidr.hostCidr 1 lanCidrv4)
(lib.net.cidr.hostCidr 1 lanCidrv6)
];
matchConfig.MACAddress = config.repo.secrets.local.networking.interfaces.lan.mac;
networkConfig = {
IPForward = "yes";
IPv6PrivacyExtensions = "yes";
MulticastDNS = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
}; };
# Create a MACVTAP for ourselves too, so that we can communicate with # Create a MACVTAP for ourselves too, so that we can communicate with
@ -95,6 +110,7 @@ in {
zones = { zones = {
untrusted.interfaces = ["wan"]; untrusted.interfaces = ["wan"];
lan.interfaces = ["lan-self"]; lan.interfaces = ["lan-self"];
proxy-home.interfaces = ["proxy-home"];
}; };
rules = { rules = {