quine: allow docker ipv4 forwarding

Ramblurr · Feb 26, 2025 · 29a27f4 · 29a27f4
1 parent 6f27194
commit 29a27f4
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 2 deletions.
diff --git a/hosts/quine/default.nix b/hosts/quine/default.nix
@@ -86,6 +86,7 @@ in
   home.attic.enable = true;
 
   networking.firewall.allowedTCPPorts = [
+    3000
     8080
   ];
   networking.firewall.allowedUDPPorts = [ 67 ];

diff --git a/hosts/quine/networking.nix b/hosts/quine/networking.nix
@@ -8,6 +8,10 @@
   site = config.repo.secrets.site.site;
   #systemd.services.systemd-networkd.serviceConfig.Environment = ["SYSTEMD_LOG_LEVEL=debug"];
   systemd.network = {
+    config.networkConfig = {
+      IPv4Forwarding = true;
+      #IPv6Forwarding = false;
+    };
     links = {
       "10-lan0" = {
         matchConfig.MACAddress = config.repo.secrets.local.lan0.mac;

diff --git a/modules/site-net/network.nix b/modules/site-net/network.nix
@@ -201,8 +201,8 @@ in
     services.resolved.enable = lib.mkDefault true;
     boot.kernelModules = lib.mkIf (hostGres != [ ]) [ "ip_gre" ];
     systemd.network.config.networkConfig = {
-      IPv4Forwarding = hostConfig.isRouter;
-      IPv6Forwarding = hostConfig.isRouter;
+      IPv4Forwarding = lib.mkDefault hostConfig.isRouter;
+      IPv6Forwarding = lib.mkDefault hostConfig.isRouter;
     };
 
     systemd.network.enable = true;
-Original file line number
+Diff line change
@@ Expand Up / @@ -86,6 +86,7 @@ in @@
       home.attic.enable = true;
       networking.firewall.allowedTCPPorts = [
       ];
       networking.firewall.allowedUDPPorts = [ 67 ];
@@ Expand Down @@