leonetienne/stormwind-nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

drives helix and broot

Browse Source
This commit is contained in:
RootHost-Stormwind
2025-04-07 12:45:31 +02:00
parent 6e76f581c0
commit da0535eb09
8 changed files with 172 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

119
networking.nix
View File

@@ -3,7 +3,7 @@
{
networking = {
hostName = "Stormwind";
networkmanager.enable = true;
networkmanager.enable = false;
nftables = {
enable = true;
@@ -11,31 +11,136 @@
table ip nat {
chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept;
iifname "enp3s0" tcp dport 80 dnat to 10.94.157.229:80
iifname "enp3s0" tcp dport 443 dnat to 10.94.157.229:443
iifname "enp3s0" tcp dport 80 dnat to 10.94.157.2:80
iifname "enp3s0" tcp dport 443 dnat to 10.94.157.2:443
iifname "enp3s0" tcp dport 20 dnat to 10.94.157.2:20
iifname "enp3s0" tcp dport 21 dnat to 10.94.157.2:21
iifname "enp3s0" tcp dport 22 dnat to 10.94.157.2:22
iifname "enp3s0" tcp dport 990 dnat to 10.94.157.2:990
iifname "enp3s0" tcp dport 989 dnat to 10.94.157.2:989
iifname "enp3s0" tcp dport 445 dnat to 10.94.157.2:445
iifname "enp3s0" tcp dport 111 dnat to 10.94.157.2:111
iifname "enp3s0" udp dport 111 dnat to 10.94.157.2:111
iifname "enp3s0" tcp dport 2049 dnat to 10.94.157.2:2049
iifname "enp3s0" udp dport 2049 dnat to 10.94.157.2:2049
iifname "enp3s0" tcp dport 32765 dnat to 10.94.157.2:32765
iifname "enp3s0" udp dport 32765 dnat to 10.94.157.2:32765
iifname "enp3s0" tcp dport 32768 dnat to 10.94.157.2:32768
iifname "enp3s0" udp dport 32768 dnat to 10.94.157.2:32768
iifname "enp3s0" tcp dport 20048 dnat to 10.94.157.2:20048
iifname "enp3s0" udp dport 20048 dnat to 10.94.157.2:20048
}
}
'';
};
firewall = {
allowedTCPPorts = [ 80 443 ];
allowedTCPPorts = [ 80 443 20 21 22 990 989 445 111 2049 32765 32768 20048 ];
allowedUDPPorts = [ 111 2049 20048 32765 32768 ];
};
nat = {
enable = true;
internalInterfaces = [ "incusbr0" ];
externalInterface = "enp3s0";
externalInterface = "enp4s0";
forwardPorts = [
{
sourcePort = 80;
proto = "tcp";
destination = "10.94.157.229:80";
destination = "10.94.157.2:80";
}
{
sourcePort = 443;
proto = "tcp";
destination = "10.94.157.229:443";
destination = "10.94.157.2:443";
}
# FTP
{
sourcePort = 20;
proto = "tcp";
destination = "10.94.157.2:20";
}
{
sourcePort = 21;
proto = "tcp";
destination = "10.94.157.2:21";
}
{
sourcePort = 22;
proto = "tcp";
destination = "10.94.157.2:22";
}
{
sourcePort = 990;
proto = "tcp";
destination = "10.94.157.2:990";
}
{
sourcePort = 989;
proto = "tcp";
destination = "10.94.157.2:989";
}
{
sourcePort = 21;
proto = "tcp";
destination = "10.94.157.2:21";
}
# SMB
{
sourcePort = 445;
proto = "tcp";
destination = "10.94.157.2:445";
}
# NFS
{
sourcePort = 111;
proto = "tcp";
destination = "10.94.157.2:111";
}
{
sourcePort = 111;
proto = "udp";
destination = "10.94.157.2:111";
}
{
sourcePort = 2049;
proto = "tcp";
destination = "10.94.157.2:2049";
}
{
sourcePort = 2049;
proto = "udp";
destination = "10.94.157.2:2049";
}
{
sourcePort = 32765;
proto = "tcp";
destination = "10.94.157.2:32765";
}
{
sourcePort = 32765;
proto = "udp";
destination = "10.94.157.2:32765";
}
{
sourcePort = 32768;
proto = "tcp";
destination = "10.94.157.2:32768";
}
{
sourcePort = 32768;
proto = "udp";
destination = "10.94.157.2:32768";
}
{
sourcePort = 20048;
proto = "tcp";
destination = "10.94.157.2:20048";
}
{
sourcePort = 20048;
proto = "udp";
destination = "10.94.157.2:20048";
}
];
};