From f619b5536be55740d39e5caa1a49c4bb893f3599 Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Mon, 4 Dec 2023 12:50:22 +0100
Subject: [PATCH] fix gitea

---
 hosts/fw.cloonar.com/modules/firewall.nix | 7 -------
 hosts/fw.cloonar.com/modules/gitea.nix    | 9 +++++----
 2 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/hosts/fw.cloonar.com/modules/firewall.nix b/hosts/fw.cloonar.com/modules/firewall.nix
index a7508f5..70f7797 100644
--- a/hosts/fw.cloonar.com/modules/firewall.nix
+++ b/hosts/fw.cloonar.com/modules/firewall.nix
@@ -175,8 +175,6 @@
             # multimedia airplay
             iifname "multimedia" oifname { "lan" } counter accept
 
-            # iifname { "vb-*" } oifname { "server" } counter accept comment "from internal interfaces"
-
             # lan and vpn to any
             # TODO: disable wan when finished
             iifname { "wan", "lan", "server", "vb-*", "podman0", "wg_cloonar" } oifname { "lan", "vb-*", "server", "podman0", "infrastructure", "multimedia", "smart", "wrwks", "wg_cloonar", "wg_epicenter", "wg_ghetto_at" } counter accept
@@ -203,15 +201,10 @@
             type nat hook prerouting priority filter; policy accept;
           }
 
-          chain post {
-            # iifname { "vb-*" } oifname { "server" } masquerade comment "from internal interfaces"
-          }
-
           # Setup NAT masquerading on external interfaces
           chain postrouting {
             type nat hook postrouting priority filter; policy accept;
             oifname { "wan", "wrwks", "wg_epicenter", "wg_ghetto_at" } masquerade
-            # iifname { "vb-*" } oifname { "server" } masquerade comment "from internal interfaces"
           }
         }
       '';
diff --git a/hosts/fw.cloonar.com/modules/gitea.nix b/hosts/fw.cloonar.com/modules/gitea.nix
index 3d8be52..a0a9963 100644
--- a/hosts/fw.cloonar.com/modules/gitea.nix
+++ b/hosts/fw.cloonar.com/modules/gitea.nix
@@ -119,10 +119,11 @@ in
     config = { lib, config, pkgs, ... }: {
       networking = {
         # hostName = "gitea";
-        interfaces.mv-vserver.useDHCP = true;
-        # interfaces.mv-vserver = {
-        #   ipv4.addresses = [ { address = "10.42.97.2"; prefixLength = 24; } ];
-        # };
+        # interfaces.mv-vserver.useDHCP = true;
+        interfaces.mv-vserver = {
+          useDHCP = true;
+          ipv4.addresses = [ { address = "10.42.97.2"; prefixLength = 24; } ];
+        };
         # firewall = {
         #   enable = true;
         #   allowedTCPPorts = [ 22 80 443 ];