ops/nixos/blade: enable NAT on routers
This commit is contained in:
parent
07b8fe0546
commit
b2a085f84c
1 changed files with 6 additions and 0 deletions
|
@ -80,6 +80,12 @@ in {
|
|||
|
||||
firewall.allowedTCPPorts = lib.mkIf config.services.ceph.enable [ 6789 3300 ];
|
||||
firewall.allowedTCPPortRanges = lib.mkIf config.services.ceph.enable [{ from = 6800; to = 7300; }];
|
||||
|
||||
nat = lib.optionalAttrs (config.my.blade.macAddress.internet != null) {
|
||||
enable = true;
|
||||
internalInterfaces = [ "br-mgmt" ];
|
||||
externalInterface = "en-internet";
|
||||
};
|
||||
};
|
||||
services.udev.extraRules = ''
|
||||
ATTR{address}=="${config.my.blade.macAddress.internal}", NAME="en-int"
|
||||
|
|
Loading…
Reference in a new issue