diff --git a/ops/nixos/lib/blade.nix b/ops/nixos/lib/blade.nix index b3d3e6a19c..a1d71fb0d1 100644 --- a/ops/nixos/lib/blade.nix +++ b/ops/nixos/lib/blade.nix @@ -80,6 +80,12 @@ in { firewall.allowedTCPPorts = lib.mkIf config.services.ceph.enable [ 6789 3300 ]; firewall.allowedTCPPortRanges = lib.mkIf config.services.ceph.enable [{ from = 6800; to = 7300; }]; + + nat = lib.optionalAttrs (config.my.blade.macAddress.internet != null) { + enable = true; + internalInterfaces = [ "br-mgmt" ]; + externalInterface = "en-internet"; + }; }; services.udev.extraRules = '' ATTR{address}=="${config.my.blade.macAddress.internal}", NAME="en-int"