From 20adc139f833b319b81cf3b17c4248ce25560ce4 Mon Sep 17 00:00:00 2001
From: oddlama <oddlama@oddlama.org>
Date: Fri, 21 Apr 2023 17:32:46 +0200
Subject: [PATCH] chore: enable ip forwarding on ward

---
 hosts/common/core/default.nix |  2 +-
 hosts/ward/net.nix            | 13 ++++++++-----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/hosts/common/core/default.nix b/hosts/common/core/default.nix
index f5b2e2e..8138e3a 100644
--- a/hosts/common/core/default.nix
+++ b/hosts/common/core/default.nix
@@ -53,7 +53,7 @@
 
   boot = {
     kernelParams = ["log_buf_len=10M"];
-    tmpOnTmpfs = true;
+    tmp.useTmpfs = true;
   };
 
   # Disable sudo which is entierly unnecessary.
diff --git a/hosts/ward/net.nix b/hosts/ward/net.nix
index 9150760..e28a965 100644
--- a/hosts/ward/net.nix
+++ b/hosts/ward/net.nix
@@ -15,7 +15,10 @@ in {
     "10-lan" = {
       address = [net.lan.ipv4cidr net.lan.ipv6cidr];
       matchConfig.MACAddress = nodeSecrets.networking.interfaces.lan.mac;
-      networkConfig.IPv6PrivacyExtensions = "kernel";
+      networkConfig = {
+        IPForward = "yes";
+        IPv6PrivacyExtensions = "kernel";
+      };
       dhcpV4Config.RouteMetric = 10;
       dhcpV6Config.RouteMetric = 10;
     };
@@ -38,15 +41,15 @@ in {
     zones = lib.mkForce {
       lan = {
         interfaces = ["lan"];
-        ipv4Addresses = [(cidr.canonicalize net.lan.ipv4cidr)];
-        ipv6Addresses = [(cidr.canonicalize net.lan.ipv6cidr)];
+        #ipv4Addresses = [(cidr.canonicalize net.lan.ipv4cidr)];
+        #ipv6Addresses = [(cidr.canonicalize net.lan.ipv6cidr)];
       };
       wan = {
         interfaces = ["wan"];
         # TODO ipv4Addresses = [ net.wan.netv4 ];
         # TODO ipv6Addresses = [ net.wan.netv6 ];
-        ipv4Addresses = ["192.168.1.0/22"];
-        ipv6Addresses = ["fd00::/64"];
+        #ipv4Addresses = ["192.168.1.0/22"];
+        #ipv6Addresses = ["fd00::/64"];
       };
     };