Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix gitea

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-12-03 19:54:46 +01:00
parent 10bb263fb3
commit cac9721b0c
3 changed files with 10 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/fw.cloonar.com/modules/firewall.nix
View File

@@ -71,6 +71,7 @@
iifname {
"lan",
"podman0",
"server",
"infrastructure",
"wg_cloonar",
"smart",
@@ -79,6 +80,7 @@
iifname {
"lan",
"podman0",
"server",
"infrastructure",
"wg_cloonar",
"smart",
@@ -109,13 +111,14 @@
# lan and vpn to any
# TODO: disable wan when finished
iifname { "wan", "lan", "podman0", "wg_cloonar" } oifname { "lan", "podman0", "infrastructure", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
iifname { "infrastructure" } oifname { "podman0" } counter accept
iifname { "wan", "lan", "server", "podman0", "wg_cloonar" } oifname { "lan", "server", "podman0", "infrastructure", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
iifname { "infrastructure" } oifname { "podman0", "server" } counter accept
# Allow trusted network WAN access
iifname {
"lan",
"infrastructure",
"server",
"podman0",
"multimedia",
"smart",

2
hosts/fw.cloonar.com/modules/gitea.nix
View File

@@ -100,7 +100,7 @@ in
containers.gitea = {
autoStart = true;
privateNetwork = true;
hostBridge = "brserver";
hostBridge = "server";
localAddress = "10.42.97.2/24";
bindMounts = {
"/var/lib/gitea" = {

8
hosts/fw.cloonar.com/modules/networking.nix
View File

@@ -30,7 +30,7 @@
id = 101;
interface = "enp5s0";
};
server = {
vserver = {
id = 97;
interface = "enp5s0";
};
@@ -48,8 +48,8 @@
};
};
bridges = {
brserver = {
interfaces = [ "server" ];
server = {
interfaces = [ "vserver" ];
};
};
@@ -67,7 +67,7 @@
prefixLength = 24;
}];
};
brserver = {
server = {
ipv4.addresses = [{
address = "10.42.97.1";
prefixLength = 24;