From f3ca122b0d3727d066c574356e2d4bd3e01891a2 Mon Sep 17 00:00:00 2001
From: RootHost-Stormwind <RootHost-Stormwind@ze.mawtrixx.net>
Date: Mon, 13 Jan 2025 23:43:39 +0100
Subject: [PATCH] implement local nat for truenas

---
 networking.nix | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/networking.nix b/networking.nix
index a16515e..3dd6f0e 100644
--- a/networking.nix
+++ b/networking.nix
@@ -4,6 +4,41 @@
   networking = {
     hostName = "Stormwind";
     networkmanager.enable = true;
+
+    nftables = {
+      enable = true;
+      ruleset = ''
+          table ip nat {
+            chain PREROUTING {
+              type nat hook prerouting priority dstnat; policy accept;
+              iifname "enp3s0" tcp dport 80 dnat to 10.94.157.229:80
+              iifname "enp3s0" tcp dport 443 dnat to 10.94.157.229:443
+            }
+          }
+      '';
+    };
+
+    firewall = {
+      allowedTCPPorts = [ 80 443 ];
+    };
+
+    nat = {
+      enable = true;
+      internalInterfaces = [ "incusbr0" ];
+      externalInterface = "enp3s0";
+      forwardPorts = [
+        {
+          sourcePort = 80;
+          proto = "tcp";
+          destination = "10.94.157.229:80";
+        }
+        {
+          sourcePort = 443;
+          proto = "tcp";
+          destination = "10.94.157.229:443";
+        }
+      ];
+    };
   };
 }