feat: add firezone gateway and allow trafic

2025-10-10 23:00:39 +02:00 · 2025-03-16 22:38:03 +01:00 · 2025-03-16 22:38:03 +01:00 · c4891afe7d
commit c4891afe7d
parent 3725789765
10 changed files with 54 additions and 2 deletions
--- a/hosts/sausebiene/home-assistant.nix
+++ b/hosts/sausebiene/home-assistant.nix
@ -234,8 +234,12 @@ in
          allow ${globals.net.home-lan.vlans.home.cidrv6};
          allow ${globals.net.home-lan.vlans.devices.cidrv4};
          allow ${globals.net.home-lan.vlans.devices.cidrv6};
+          # Self-traffic (needed for media in Voice PE)
          allow ${globals.net.home-lan.vlans.services.hosts.sausebiene.ipv4};
          allow ${globals.net.home-lan.vlans.services.hosts.sausebiene.ipv6};
+          # Firezone traffic
+          allow ${globals.net.home-lan.vlans.services.hosts.ward.ipv4};
+          allow ${globals.net.home-lan.vlans.services.hosts.ward.ipv6};
          deny all;
        '';
      };