~jb55/citadel

ref: 0cffe2f1a4a83c13892392e8325dff4ab05be317 citadel/nix-config/machines/charon/networking/default.nix -rw-r--r-- 607 bytes
0cffe2f1William Casarin monad: no pci hack for now 11 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
{ config, lib, pkgs, ... }:
let
  openTCP = dev: port: ''
    ip46tables -A nixos-fw -i ${dev} -p tcp --dport ${toString port} -j nixos-fw-accept
  '';
in
{
  services.openssh.gatewayPorts = "yes";
  networking.firewall.allowedTCPPorts = [ 22 443 80 70 12566 12788 5222 5269 3415  ];
  networking.firewall.trustedInterfaces = ["zt0"];
  networking.domain = "jb55.com";
  networking.search = [ "jb55.com" ];
  networking.extraHosts = ''
    127.0.0.1 jb55.com
    ::1 jb55.com
  '';

  networking.firewall.extraCommands = ''
    ${openTCP "zt0" 993}
    ${openTCP "zt0" 143}
    ${openTCP "zt0" 587}
  '';
}