qenya/nixfiles
1
0
Fork 0
Code Issues 4 Pull requests Activity Actions

yevaud/pennykettle: Minor fixes to port forwarding

Browse source
This commit is contained in:
Katherina Walshe-Grey 2025-06-16 15:54:15 +01:00
parent 2347ba609d
commit dfe00fabb4
1 changed files with 13 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

17
hosts/yevaud/experiments/pennykettle.nix
View file

@ -5,8 +5,15 @@
networking.nat.enableIPv6 = true; networking.nat.enableIPv6 = true;
networking.nat.internalInterfaces = [ "ve-pennykettle1" ]; networking.nat.internalInterfaces = [ "ve-pennykettle1" ];
networking.nat.externalInterface = "ens3"; networking.nat.externalInterface = "ens3";
networking.nat.forwardPorts = [
{
sourcePort = 51821;
destination = "[fc00::2]:51821";
proto = "udp";
}
];
networking.firewall.allowedUDPPorts = [ 51821 ]; networking.firewall.allowedUDPPorts = [ 51821 ];
# RA = Router Advertisement (how a host finds a gateway IPv6 address for # RA = Router Advertisement (how a host finds a gateway IPv6 address for
# SLAAC or DHCPv6). # SLAAC or DHCPv6).
# networkd usually defaults this to true, but instead defaults it to false # networkd usually defaults this to true, but instead defaults it to false
@ -26,7 +33,6 @@
localAddress = "10.231.136.2"; localAddress = "10.231.136.2";
hostAddress6 = "fc00::1"; hostAddress6 = "fc00::1";
localAddress6 = "fc00::2"; localAddress6 = "fc00::2";
forwardPorts = [{ hostPort = 51821; }];
}; };
ephemeral = true; ephemeral = true;
autoStart = true; autoStart = true;
@ -46,7 +52,7 @@
networks."10-ve" = { networks."10-ve" = {
matchConfig.Name = "ve-pennykettle1"; matchConfig.Name = "ve-pennykettle1";
networkConfig.Address = [ "10.231.136.2/24" "fc00::2/64" ]; networkConfig.Address = [ "10.231.136.2/24" "fc00::2/64" ];
# linkConfig.RequiredForOnline = "routable"; linkConfig.RequiredForOnline = "yes";
routes = [{ routes = [{
Gateway = [ "10.231.136.1" "fc00::1" ]; Gateway = [ "10.231.136.1" "fc00::1" ];
Destination = "217.138.216.162"; Destination = "217.138.216.162";
@ -56,7 +62,6 @@
networks."30-protonvpn" = { networks."30-protonvpn" = {
matchConfig.Name = "wg-protonvpn"; matchConfig.Name = "wg-protonvpn";
networkConfig = { networkConfig = {
DefaultRouteOnDevice = true;
Address = [ "10.2.0.2/32" ]; Address = [ "10.2.0.2/32" ];
DNS = "10.2.0.1"; DNS = "10.2.0.1";
}; };
@ -64,6 +69,10 @@
RequiredForOnline = "yes"; RequiredForOnline = "yes";
ActivationPolicy = "always-up"; ActivationPolicy = "always-up";
}; };
routes = [
{ Gateway = [ "0.0.0.0" ]; }
{ Gateway = [ "::" ]; }
];
}; };
netdevs."30-protonvpn" = { netdevs."30-protonvpn" = {