diff --git a/hosts/leon/default.nix b/hosts/leon/default.nix index 8e29804e..e63dffd0 100644 --- a/hosts/leon/default.nix +++ b/hosts/leon/default.nix @@ -27,16 +27,8 @@ #-------------------------------------------------------------------------------- -{ zentralwerk, config, pkgs, ... }: -let - netConfig = zentralwerk.lib.config.site.net.serv; +{ pkgs, ... }: - mac = { - serv = "e2:e9:bb:f4:49:fe"; - pub = "e2:e9:bb:f4:49:ff"; - }; - -in { microvm = { mem = 2048; @@ -45,63 +37,13 @@ in c3d2.deployment = { server = "server10"; mounts = [ "etc" "home" "var"]; - autoNetSetup = false; + autoNetSetup = true; }; - microvm.interfaces = [ { - type = "tap"; - id = "pub-leon"; - mac = mac.pub; - } { - type = "tap"; - id = "serv-leon"; - mac = mac.serv; - } ]; networking = { hostName = "leon"; firewall.enable = true; }; - systemd.network = { - enable = true; - - # On the serv network I have a static IPv4 and only a route to the - # rest of the network so that I am reachable by - # public-access-proxy. - - links."00-serv" = { - matchConfig.MACAddress = mac.serv; - linkConfig.Name = "serv"; - }; - - networks."00-serv" = { - matchConfig.MACAddress = mac.serv; - networkConfig.IPv6AcceptRA = false; - # try harder disabling global ipv6 - networkConfig.LinkLocalAddressing = "no"; - addresses = [ { - addressConfig.Address = "${config.c3d2.hosts.${config.networking.hostName}.ip4}/${toString zentralwerk.lib.config.site.net.serv.subnet4Len}"; - } ]; - routes = [ { - routeConfig = { - Destination = "172.20.0.0/14"; - Gateway = config.c3d2.hosts.serv-gw.ip4; - }; - } ]; - }; - - # On the pub network I am a normal client. - - links."00-pub" = { - matchConfig.MACAddress = mac.pub; - linkConfig.Name = "pub"; - }; - - networks."01-pub" = { - matchConfig.MACAddress = mac.pub; - networkConfig.DHCP = "ipv4"; - networkConfig.IPv6AcceptRA = true; - }; - }; # enable IP routing boot.kernel.sysctl."net.ipv4.conf.all.forwarding" = 1; boot.kernel.sysctl."net.ipv4.conf.default.forwarding" = 1; @@ -160,12 +102,12 @@ in # For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients #----------------------Start-Routing---------------------------- postSetup = '' - ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.10.11.1/24 -o pub -j MASQUERADE + ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.10.11.1/24 -o flpk -j MASQUERADE ''; # This undoes the above command postShutdown = '' - ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.10.11.1/24 -o pub -j MASQUERADE + ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.10.11.1/24 -o flpk -j MASQUERADE ''; #----------------------End-Routing----------------------------