L-Nafaryus/bonfire
L-Nafaryus/bonfire
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects 2 Releases Wiki Activity

astora: nat configuration for containers

Browse Source
This commit is contained in:
L-Nafaryus 2024-04-26 17:04:04 +05:00
parent 5217f6d222
commit 45bde215f8
Signed by: L-Nafaryus
GPG Key ID: 582F8B0866B294A1
3 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.secrets

@ -1 +1 @@
Subproject commit c7dc80d23b6bf67ae8e69545b430bb13f000fa03 Subproject commit 8ea79f48f6fec12860feee749b62cfe2833a09d8

2
nixosConfigurations/astora/default.nix
View File

@ -141,7 +141,7 @@
Host catarina Host catarina
HostName 192.168.156.102 HostName 192.168.156.102
Port 22 Port 22
User l.nafaryus User l-nafaryus
''; '';
programs.direnv.enable = true; programs.direnv.enable = true;

14
nixosConfigurations/astora/hardware.nix
View File

@ -150,6 +150,7 @@
networking = { networking = {
networkmanager.enable = true; networkmanager.enable = true;
networkmanager.unmanaged = [ "interface-name:ve-*" ];
useDHCP = lib.mkDefault true; useDHCP = lib.mkDefault true;
hostName = "astora"; hostName = "astora";
extraHosts = ''''; extraHosts = '''';
@ -157,6 +158,19 @@
firewall = { firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 80 443 ]; allowedTCPPorts = [ 80 443 ];
trustedInterfaces = [ "ve-+" ];
extraCommands = ''
iptables -t nat -A POSTROUTING -o wlo1 -j MASQUERADE
'';
extraStopCommands = ''
iptables -t nat -D POSTROUTING -o wlo1 -j MASQUERADE
'';
};
nat = {
enable = true;
externalInterface = "wlo1";
internalInterfaces = [ "ve-+" ];
}; };
interfaces.wlo1.ipv4.addresses = [ { interfaces.wlo1.ipv4.addresses = [ {