diff options
| author | Alejandro Soto <alejandro@34project.org> | 2024-08-07 21:37:11 -0600 |
|---|---|---|
| committer | Alejandro Soto <alejandro@34project.org> | 2024-08-08 02:00:08 -0600 |
| commit | 28c234a6df7a1c82c82d7e1eb6e05fa520cbe66c (patch) | |
| tree | 0babda9e4a21647ab259048423552f9c70ebd7eb /sys/nspawn/dmz.nix | |
| parent | 6bf93aea0b48a5476fecfdc2ef06da5816d5fb9e (diff) | |
platform: enable IPv6 routing in gate net
Diffstat (limited to 'sys/nspawn/dmz.nix')
| -rw-r--r-- | sys/nspawn/dmz.nix | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/sys/nspawn/dmz.nix b/sys/nspawn/dmz.nix index 73302d4..3e0ff64 100644 --- a/sys/nspawn/dmz.nix +++ b/sys/nspawn/dmz.nix @@ -17,6 +17,11 @@ in type = types.str; }; + net6 = mkOption { + type = types.str; + }; + + # Solo para IPv4 netBits = mkOption { type = types.enum [ 30 ]; }; @@ -31,6 +36,11 @@ in readOnly = true; }; + hostAddr6 = mkOption { + type = types.str; + readOnly = true; + }; + system = mkOption { type = types.raw; }; @@ -80,6 +90,7 @@ in { dmzAddr = joinIpv4 (incrementIpv4 hostBytes); hostAddr = joinIpv4 hostBytes; + hostAddr6 = throwIf (! hasSuffix "::" cfg.net6) "Invalid IPv6 /64: ${cfg.net6}" "${cfg.net6}1"; system = let @@ -165,7 +176,7 @@ in }; networkConfig = { - Address = "${cfg.hostAddr}/${toString cfg.netBits}"; + Address = [ "${cfg.hostAddr}/${toString cfg.netBits}" "${cfg.hostAddr6}/64" ]; LinkLocalAddressing = "yes"; DHCPServer = "yes"; IPMasquerade = "both"; @@ -179,6 +190,15 @@ in PoolOffset = 2; PoolSize = 1; }; + + ipv6Prefixes = [ + { + ipv6PrefixConfig = { + Assign = "yes"; + Prefix = "${cfg.net6}/64"; + }; + } + ]; }; services = { |