implement local nat for truenas

2025-01-13 23:43:39 +01:00
parent b753ca4aec
commit f3ca122b0d
1 changed files with 35 additions and 0 deletions
--- a/networking.nix
+++ b/networking.nix
@@ -4,6 +4,41 @@
  networking = {
    hostName = "Stormwind";
    networkmanager.enable = true;
+
+    nftables = {
+      enable = true;
+      ruleset = ''
+          table ip nat {
+            chain PREROUTING {
+              type nat hook prerouting priority dstnat; policy accept;
+              iifname "enp3s0" tcp dport 80 dnat to 10.94.157.229:80
+              iifname "enp3s0" tcp dport 443 dnat to 10.94.157.229:443
+            }
+          }
+      '';
+    };
+
+    firewall = {
+      allowedTCPPorts = [ 80 443 ];
+    };
+
+    nat = {
+      enable = true;
+      internalInterfaces = [ "incusbr0" ];
+      externalInterface = "enp3s0";
+      forwardPorts = [
+        {
+          sourcePort = 80;
+          proto = "tcp";
+          destination = "10.94.157.229:80";
+        }
+        {
+          sourcePort = 443;
+          proto = "tcp";
+          destination = "10.94.157.229:443";
+        }
+      ];
+    };
  };
 }