diff options
Diffstat (limited to 'sys/nspawn/dmz.nix')
| -rw-r--r-- | sys/nspawn/dmz.nix | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/sys/nspawn/dmz.nix b/sys/nspawn/dmz.nix index 73302d4..3e0ff64 100644 --- a/sys/nspawn/dmz.nix +++ b/sys/nspawn/dmz.nix @@ -17,6 +17,11 @@ in type = types.str; }; + net6 = mkOption { + type = types.str; + }; + + # Solo para IPv4 netBits = mkOption { type = types.enum [ 30 ]; }; @@ -31,6 +36,11 @@ in readOnly = true; }; + hostAddr6 = mkOption { + type = types.str; + readOnly = true; + }; + system = mkOption { type = types.raw; }; @@ -80,6 +90,7 @@ in { dmzAddr = joinIpv4 (incrementIpv4 hostBytes); hostAddr = joinIpv4 hostBytes; + hostAddr6 = throwIf (! hasSuffix "::" cfg.net6) "Invalid IPv6 /64: ${cfg.net6}" "${cfg.net6}1"; system = let @@ -165,7 +176,7 @@ in }; networkConfig = { - Address = "${cfg.hostAddr}/${toString cfg.netBits}"; + Address = [ "${cfg.hostAddr}/${toString cfg.netBits}" "${cfg.hostAddr6}/64" ]; LinkLocalAddressing = "yes"; DHCPServer = "yes"; IPMasquerade = "both"; @@ -179,6 +190,15 @@ in PoolOffset = 2; PoolSize = 1; }; + + ipv6Prefixes = [ + { + ipv6PrefixConfig = { + Assign = "yes"; + Prefix = "${cfg.net6}/64"; + }; + } + ]; }; services = { |