From b6eb71333dc667d91e395a6c494c6f298f93b51c Mon Sep 17 00:00:00 2001
From: leon <leonvita91@gmail.com>
Date: Thu, 17 Nov 2022 16:17:00 +0000
Subject: [PATCH 1/2] remove routing kernel

---
 hosts/leoncloud/default.nix | 2 --
 1 file changed, 2 deletions(-)

diff --git a/hosts/leoncloud/default.nix b/hosts/leoncloud/default.nix
index 98736a18..50d753fc 100644
--- a/hosts/leoncloud/default.nix
+++ b/hosts/leoncloud/default.nix
@@ -56,8 +56,6 @@
 
 
 # enable IP routing
-  boot.kernel.sysctl."net.ipv4.conf.all.forwarding" = 1;
-  boot.kernel.sysctl."net.ipv4.conf.default.forwarding" = 1;
 
   networking.firewall = {
     allowedTCPPorts = [ 80 443 22 53 14000 14500 15000  ];
-- 
2.42.0


From 0401cdd6db3ebb86fc60f56749270f7c640b090b Mon Sep 17 00:00:00 2001
From: leon <leonvita91@gmail.com>
Date: Sun, 20 Nov 2022 14:02:40 +0000
Subject: [PATCH 2/2] update

---
 hosts/leon/default.nix | 36 ++++++++++++++++++++++--------------
 1 file changed, 22 insertions(+), 14 deletions(-)

diff --git a/hosts/leon/default.nix b/hosts/leon/default.nix
index bfe010d2..b46adbaa 100644
--- a/hosts/leon/default.nix
+++ b/hosts/leon/default.nix
@@ -36,7 +36,7 @@
     volumes = [ {
       image = "nix-store-overlay.img";
       mountPoint = config.microvm.writableStoreOverlay;
-      size = 3048;
+      size = 5048;
     } ];
   };
   nix.settings.auto-optimise-store = lib.mkForce false;
@@ -84,7 +84,10 @@
     allowedTCPPorts = [ 5000 22 53 80 8080 ];
     allowedUDPPorts = [ 5000 22 53 80 8080 18900 19900 ];  
   };
-
+	
+   #networking.firewall.extraCommands = ''
+   # 	iptables 
+   # '';
 #_______________________________Begin-VPN1-Server____________________________________
  
  networking.wireguard.interfaces = {
@@ -219,20 +222,25 @@ networking.wireguard.interfaces = {
 
 #-----------------------------ngin-X--------------------------------
 
-#  services.nginx = {
-#    listen 80;
-#	 enable = true;
-#    virtualHosts."bicospacetech.c3d2.de" = {
-#      default = true;
-#      forceSSL = true;
-#      enableACME = true;
-#      locations."/login" = {
-#        proxyPass = "http://10.10.11.1:80";
-#        proxyWebsockets = true;
-#      };
-#    };
+  services.nginx = {
+    listen 80;
+	 enable = true;
+    virtualHosts."bicospacetech.c3d2.de" = {
+      default = true;
+      forceSSL = true;
+      enableACME = true;
+      locations."/login" = {
+        proxyPass = "http://10.10.11.1:80";
+        proxyWebsockets = true;
+      };
+    };
 
 #-----------------------------ngin-X--------------------------------
 
+
+
+#--------------------------Up-Stream--------------------------------
+
+
 system.stateVersion = "22.05";
 }
-- 
2.42.0