forked from zentralwerk/network
nixos-module/container/upstream.nix: init dhcp, forwardedPorts
This commit is contained in:
parent
ac8c771375
commit
c6de032ff3
|
@ -102,7 +102,11 @@ in
|
|||
};
|
||||
forwardedPorts =
|
||||
if ctPillar ? port-forwarding
|
||||
then ctPillar.port-forwarding
|
||||
then map ({ proto, port, to }: {
|
||||
proto = proto;
|
||||
sourcePort = port;
|
||||
destination = to;
|
||||
}) ctPillar.port-forwarding
|
||||
else [];
|
||||
}) pillar.containers)
|
||||
] ++
|
||||
|
|
|
@ -161,10 +161,10 @@ let
|
|||
proto = mkOption {
|
||||
type = types.enum [ "tcp" "udp" ];
|
||||
};
|
||||
port = mkOption {
|
||||
sourcePort = mkOption {
|
||||
type = types.int;
|
||||
};
|
||||
to = mkOption {
|
||||
destination = mkOption {
|
||||
type = types.str;
|
||||
};
|
||||
}; });
|
||||
|
|
24
nix/nixos-module/container/upstream.nix
Normal file
24
nix/nixos-module/container/upstream.nix
Normal file
|
@ -0,0 +1,24 @@
|
|||
{ hostName, config, lib, ... }:
|
||||
|
||||
let
|
||||
upstreamInterfaces =
|
||||
lib.filterAttrs (_: { upstream, ... }: upstream != null)
|
||||
config.site.hosts.${hostName}.interfaces;
|
||||
firstUpstreamInterface =
|
||||
if builtins.length (builtins.attrNames upstreamInterfaces) > 0
|
||||
then builtins.head (
|
||||
builtins.attrNames upstreamInterfaces
|
||||
)
|
||||
else null;
|
||||
in
|
||||
{
|
||||
systemd.network.networks = builtins.mapAttrs (_: _: {
|
||||
DHCP = "yes";
|
||||
}) upstreamInterfaces;
|
||||
|
||||
networking.nat = lib.optionalAttrs (firstUpstreamInterface != null) {
|
||||
enable = true;
|
||||
externalInterface = firstUpstreamInterface;
|
||||
forwardPorts = config.site.hosts.${hostName}.forwardedPorts;
|
||||
};
|
||||
}
|
|
@ -24,5 +24,9 @@ in {
|
|||
lib.config.site.hosts.${hostName}.isRouter
|
||||
) [
|
||||
./container/bird.nix
|
||||
] ++ optionals (
|
||||
builtins.match "upstream.*" hostName != null
|
||||
) [
|
||||
./container/upstream.nix
|
||||
];
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user