ops/nixos/blade: enable NAT on routers
This commit is contained in:
parent
07b8fe0546
commit
b2a085f84c
1 changed files with 6 additions and 0 deletions
|
@ -80,6 +80,12 @@ in {
|
||||||
|
|
||||||
firewall.allowedTCPPorts = lib.mkIf config.services.ceph.enable [ 6789 3300 ];
|
firewall.allowedTCPPorts = lib.mkIf config.services.ceph.enable [ 6789 3300 ];
|
||||||
firewall.allowedTCPPortRanges = lib.mkIf config.services.ceph.enable [{ from = 6800; to = 7300; }];
|
firewall.allowedTCPPortRanges = lib.mkIf config.services.ceph.enable [{ from = 6800; to = 7300; }];
|
||||||
|
|
||||||
|
nat = lib.optionalAttrs (config.my.blade.macAddress.internet != null) {
|
||||||
|
enable = true;
|
||||||
|
internalInterfaces = [ "br-mgmt" ];
|
||||||
|
externalInterface = "en-internet";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
services.udev.extraRules = ''
|
services.udev.extraRules = ''
|
||||||
ATTR{address}=="${config.my.blade.macAddress.internal}", NAME="en-int"
|
ATTR{address}=="${config.my.blade.macAddress.internal}", NAME="en-int"
|
||||||
|
|
Loading…
Reference in a new issue