diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-01-08 00:24:18 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-01-08 00:24:18 +0100 |
commit | c89e822a5d558b9f9bb9d1ac2a1dd76f3e64c595 (patch) | |
tree | a3d99e39387b21448d9e4d99a1dda75f10008c2e /hosts/vidhar/network/dsl.nix | |
parent | 876c5c44867aec221a36c3b1319d96c8c3df9e44 (diff) | |
download | nixos-c89e822a5d558b9f9bb9d1ac2a1dd76f3e64c595.tar nixos-c89e822a5d558b9f9bb9d1ac2a1dd76f3e64c595.tar.gz nixos-c89e822a5d558b9f9bb9d1ac2a1dd76f3e64c595.tar.bz2 nixos-c89e822a5d558b9f9bb9d1ac2a1dd76f3e64c595.tar.xz nixos-c89e822a5d558b9f9bb9d1ac2a1dd76f3e64c595.zip |
vidhar: dmz01
Diffstat (limited to 'hosts/vidhar/network/dsl.nix')
-rw-r--r-- | hosts/vidhar/network/dsl.nix | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/hosts/vidhar/network/dsl.nix b/hosts/vidhar/network/dsl.nix index 21554b58..0ad598e6 100644 --- a/hosts/vidhar/network/dsl.nix +++ b/hosts/vidhar/network/dsl.nix | |||
@@ -95,6 +95,13 @@ in { | |||
95 | rdnss = [{ servers = ["::"]; }]; | 95 | rdnss = [{ servers = ["::"]; }]; |
96 | dnssl = [{ domain_names = ["yggdrasil"]; }]; | 96 | dnssl = [{ domain_names = ["yggdrasil"]; }]; |
97 | } | 97 | } |
98 | { name = "dmz01"; | ||
99 | advertise = true; | ||
100 | verbose = true; | ||
101 | prefix = [{ prefix = "::/64"; }]; | ||
102 | route = [{ prefix = "::/0"; }]; | ||
103 | rdnss = [{ servers = ["::"]; }]; | ||
104 | } | ||
98 | ]; | 105 | ]; |
99 | 106 | ||
100 | debug = { | 107 | debug = { |
@@ -108,10 +115,17 @@ in { | |||
108 | proxies = { | 115 | proxies = { |
109 | ${pppInterface} = { | 116 | ${pppInterface} = { |
110 | router = true; | 117 | router = true; |
111 | rules.lan = { | 118 | rules = { |
112 | method = "iface"; | 119 | lan = { |
113 | interface = "lan"; | 120 | method = "iface"; |
114 | network = "::/0"; | 121 | interface = "lan"; |
122 | network = "::/0"; | ||
123 | }; | ||
124 | dmz01 = { | ||
125 | method = "iface"; | ||
126 | interface = "dmz01"; | ||
127 | network = "::/0"; | ||
128 | }; | ||
115 | }; | 129 | }; |
116 | }; | 130 | }; |
117 | }; | 131 | }; |
@@ -154,7 +168,9 @@ in { | |||
154 | ''; | 168 | ''; |
155 | 169 | ||
156 | postStop = '' | 170 | postStop = '' |
157 | ${pkgs.iproute2}/bin/ip -6 a show dev lan scope global | ${pkgs.coreutils}/bin/grep inet6 | ${pkgs.gawk}/bin/awk '{ print $2; }' | ${pkgs.findutils}/bin/xargs -I '{}' -- ${pkgs.iproute2}/bin/ip addr del '{}' dev lan | 171 | for dev in lan dmz01; do |
172 | ${pkgs.iproute2}/bin/ip -6 a show dev "''${dev}" scope global | ${pkgs.coreutils}/bin/grep inet6 | ${pkgs.gawk}/bin/awk '{ print $2; }' | ${pkgs.findutils}/bin/xargs -I '{}' -- ${pkgs.iproute2}/bin/ip addr del '{}' dev "''${dev}" | ||
173 | done | ||
158 | ''; | 174 | ''; |
159 | 175 | ||
160 | serviceConfig = let | 176 | serviceConfig = let |
@@ -177,6 +193,7 @@ in { | |||
177 | iaid 1195061668 | 193 | iaid 1195061668 |
178 | ipv6rs # enable routing solicitation for WAN adapter | 194 | ipv6rs # enable routing solicitation for WAN adapter |
179 | ia_pd 1 lan/0/64/0 # request a PD and assign it to the LAN | 195 | ia_pd 1 lan/0/64/0 # request a PD and assign it to the LAN |
196 | ia_pd 1 dmz01/1/64/0 # request a PD and assign it to dmz01 | ||
180 | 197 | ||
181 | reboot 0 | 198 | reboot 0 |
182 | 199 | ||