zentralwerk/network
zentralwerk
/
network
12
4
Fork 2
Code Issues 4 Pull Requests 1 Releases Wiki Activity
network/config/net/upstream.nix

315 lines
7.2 KiB
Nix
Raw Blame History

{ config, ... }:
let
servHosts = config.site.net.serv.hosts4;
inherit (config.site.net.c3d2.hosts4) dn42;
in
{
site.hosts = {
upstream3 = {
interfaces = {
core = {
hwaddr = "0A:14:48:01:28:00";
type = "veth";
};
up3 = {
hwaddr = "00:23:74:D7:42:7D";
type = "veth";
upstream = {
link = null;
noNat = { subnets6 = [ ]; };
provider = "starlink";
staticIpv4Address = null;
upBandwidth = null;
};
};
};
ospf.upstreamInstance = 7;
role = "container";
};
upstream4 = {
forwardPorts = [
{ # http
destination = "172.20.73.45";
proto = "tcp";
reflect = true;
sourcePort = 80;
}
{ # https
destination = "172.20.73.45";
proto = "tcp";
reflect = true;
sourcePort = 443;
}
{ # gemini
destination = "${servHosts.c3d2-web}:1965";
proto = "tcp";
reflect = true;
sourcePort = 1965;
}
{
destination = "172.20.73.61";
proto = "tcp";
reflect = true;
sourcePort = 53;
}
{
destination = "172.20.73.61";
proto = "udp";
reflect = true;
sourcePort = 53;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2325;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2327;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2337;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2338;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2339;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2340;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 2399;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 24699;
}
{
destination = dn42;
proto = "udp";
reflect = true;
sourcePort = 64699;
}
{
destination = "${servHosts.leon}:22";
proto = "tcp";
reflect = true;
sourcePort = 2223;
}
{
destination = servHosts.minetest;
proto = "udp";
reflect = true;
sourcePort = 30000;
}
# ?
{
destination = "172.22.99.175:22";
proto = "tcp";
reflect = true;
sourcePort = 2224;
}
{
destination = servHosts.gitea;
proto = "tcp";
reflect = true;
sourcePort = 22;
}
{
destination = servHosts.jabber;
proto = "tcp";
reflect = true;
sourcePort = 5222;
}
{
destination = servHosts.jabber;
proto = "tcp";
reflect = true;
sourcePort = 5223;
}
{
destination = servHosts.jabber;
proto = "tcp";
reflect = true;
sourcePort = 5269;
}
{
destination = servHosts.jabber;
proto = "tcp";
reflect = true;
sourcePort = 3478;
}
{
destination = servHosts.jabber;
proto = "tcp";
reflect = true;
sourcePort = 3479;
}
{
destination = servHosts.jabber;
proto = "udp";
reflect = true;
sourcePort = 3478;
}
{
destination = servHosts.jabber;
proto = "udp";
reflect = true;
sourcePort = 3479;
}
{
destination = servHosts.mailtngbert;
proto = "tcp";
reflect = true;
sourcePort = 25;
}
{
destination = servHosts.mailtngbert;
proto = "tcp";
reflect = true;
sourcePort = 465;
}
{
destination = servHosts.mailtngbert;
proto = "tcp";
reflect = true;
sourcePort = 587;
}
{
destination = servHosts.mailtngbert;
proto = "tcp";
reflect = true;
sourcePort = 110;
}
{
destination = servHosts.mailtngbert;
proto = "tcp";
reflect = true;
sourcePort = 143;
}
{
destination = servHosts.mailtngbert;
proto = "tcp";
reflect = true;
sourcePort = 993;
}
{
destination = servHosts.mailtngbert;
proto = "tcp";
reflect = true;
sourcePort = 995;
}
# poelzi
{
destination = "172.20.73.162:22";
proto = "tcp";
reflect = true;
sourcePort = 2323;
}
# zw-ev RDP
{
destination = "172.20.75.222:3389";
proto = "tcp";
reflect = true;
sourcePort = 45000;
}
{
destination = config.site.net.core.hosts4.yggdrasil;
proto = "tcp";
reflect = true;
sourcePort = 1337;
}
{
destination = config.site.net.core.hosts4.vpn-gw;
proto = "udp";
reflect = true;
sourcePort = config.site.vpn.wireguard.port;
}
{
destination = "${config.site.net.serv.hosts4.direkthilfe}:22";
proto = "tcp";
reflect = false;
sourcePort = 3822;
}
{
destination = servHosts.gnunet;
proto = "tcp";
reflect = true;
sourcePort = 2086;
}
];
interfaces = {
core = {
hwaddr = "0A:14:48:01:28:01";
type = "veth";
};
up4 = {
hwaddr = "00:23:74:D7:42:7E";
type = "veth";
};
up4-pppoe = {
type = "pppoe";
upstream = {
link = "up4";
noNat = {
subnets6 =
[ "2a00:8180:2000:37::1/128" "2a00:8180:2c00:200::/56" ];
};
provider = "dsi";
staticIpv4Address = "81.201.149.152";
upBandwidth = 98000;
};
};
};
ospf.upstreamInstance = 8;
role = "container";
};
freifunk.ospf.upstreamInstance = 6;
anon1 = {
interfaces = {
core = {
hwaddr = "0A:14:48:01:14:00";
type = "veth";
};
njalla = {
type = "wireguard";
upstream = {
provider = "njal.la";
upBandwidth = 45000;
};
};
};
ospf = {
allowedUpstreams = [ "upstream4" "upstream3" "freifunk" ];
upstreamInstance = 5;
};
role = "container";
};
};
}
Reference in New Issue View Git Blame Copy Permalink