Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix gitea

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-12-04 12:50:22 +01:00
parent c314da240e
commit f619b5536b
2 changed files with 5 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
hosts/fw.cloonar.com/modules/firewall.nix
View File

@@ -175,8 +175,6 @@
# multimedia airplay
iifname "multimedia" oifname { "lan" } counter accept
# iifname { "vb-*" } oifname { "server" } counter accept comment "from internal interfaces"
# lan and vpn to any
# TODO: disable wan when finished
iifname { "wan", "lan", "server", "vb-*", "podman0", "wg_cloonar" } oifname { "lan", "vb-*", "server", "podman0", "infrastructure", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
@@ -203,15 +201,10 @@
type nat hook prerouting priority filter; policy accept;
}
chain post {
# iifname { "vb-*" } oifname { "server" } masquerade comment "from internal interfaces"
}
# Setup NAT masquerading on external interfaces
chain postrouting {
type nat hook postrouting priority filter; policy accept;
oifname { "wan", "wrwks", "wg_epicenter", "wg_ghetto_at" } masquerade
# iifname { "vb-*" } oifname { "server" } masquerade comment "from internal interfaces"
}
}
'';

9
hosts/fw.cloonar.com/modules/gitea.nix
View File

@@ -119,10 +119,11 @@ in
config = { lib, config, pkgs, ... }: {
networking = {
# hostName = "gitea";
interfaces.mv-vserver.useDHCP = true;
# interfaces.mv-vserver = {
# ipv4.addresses = [ { address = "10.42.97.2"; prefixLength = 24; } ];
# };
# interfaces.mv-vserver.useDHCP = true;
interfaces.mv-vserver = {
useDHCP = true;
ipv4.addresses = [ { address = "10.42.97.2"; prefixLength = 24; } ];
};
# firewall = {
# enable = true;
# allowedTCPPorts = [ 22 80 443 ];