Hello.
This commit is contained in:
parent
82b8031b0a
commit
5e5623df57
3 changed files with 14 additions and 14 deletions
|
@ -51,7 +51,9 @@
|
||||||
];
|
];
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
privateNetwork = true;
|
privateNetwork = true;
|
||||||
hostBridge = "br0";
|
# hostBridge = "br0";
|
||||||
|
hostAddress = "192.168.2.1";
|
||||||
|
localAddress = "192.168.2.2/24";
|
||||||
restartIfChanged = true;
|
restartIfChanged = true;
|
||||||
enableTun = true;
|
enableTun = true;
|
||||||
additionalCapabilities = [ "CAP_NET_ADMIN" "CAP_NET_RAW" ];
|
additionalCapabilities = [ "CAP_NET_ADMIN" "CAP_NET_RAW" ];
|
||||||
|
|
|
@ -24,6 +24,6 @@
|
||||||
boot.isContainer = true;
|
boot.isContainer = true;
|
||||||
services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
|
services.tailscale.authKeyFile = "/run/secrets/tailscale_key";
|
||||||
networking.hostName = "${hostname}";
|
networking.hostName = "${hostname}";
|
||||||
networking.interfaces."eth0".useDHCP = true;
|
# networking.interfaces."eth0".useDHCP = true;
|
||||||
system.stateVersion = stateVersion;
|
system.stateVersion = stateVersion;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,22 +1,20 @@
|
||||||
{ lib, self, inputs, outputs, stateVersion, hmStateVersion, ... }:
|
{ config, lib, self, inputs, outputs, stateVersion, hmStateVersion, ... }:
|
||||||
let
|
let
|
||||||
libx = import ../../../lib { inherit lib self inputs outputs stateVersion hmStateVersion; };
|
libx = import ../../../lib { inherit lib self inputs outputs stateVersion hmStateVersion; };
|
||||||
|
lanInterface = "enp0s13f0u4";
|
||||||
in {
|
in {
|
||||||
containers = {
|
containers = {
|
||||||
rdesktop = libx.mkContainer { hostname = "rdesktop"; };
|
rdesktop = libx.mkContainer { hostname = "rdesktop"; };
|
||||||
};
|
};
|
||||||
|
|
||||||
|
networking.firewall.extraCommands = ''
|
||||||
|
iptables -w -t nat -A nixos-nat-post -s ${config.containers.rdesktop.localAddress} -j MASQUERADE
|
||||||
|
'';
|
||||||
|
|
||||||
networking = {
|
networking.nat = {
|
||||||
bridges.br0.interfaces = [ "enp0s13f0u4" ];
|
enable = true;
|
||||||
interfaces.br0.ipv4.addresses = [{ address = "192.168.2.1"; prefixLength = 24; }];
|
internalInterfaces = [ "ve-rdesktop" ];
|
||||||
|
externalInterface = lanInterface;
|
||||||
|
extraCommands = "iptables -t nat -A POSTROUTING -o ${lanInterface} -j MASQUERADE";
|
||||||
};
|
};
|
||||||
|
|
||||||
# networking.nat = {
|
|
||||||
# enable = true;
|
|
||||||
# internalInterfaces = [
|
|
||||||
# "ve-rdesktop"
|
|
||||||
# ];
|
|
||||||
# externalInterface = "enp0s13f0u4";
|
|
||||||
# };
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue