From 28c234a6df7a1c82c82d7e1eb6e05fa520cbe66c Mon Sep 17 00:00:00 2001
From: Alejandro Soto <alejandro@34project.org>
Date: Wed, 7 Aug 2024 21:37:11 -0600
Subject: platform: enable IPv6 routing in gate net

---
 sys/nspawn/dmz.nix | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

(limited to 'sys/nspawn/dmz.nix')

diff --git a/sys/nspawn/dmz.nix b/sys/nspawn/dmz.nix
index 73302d4..3e0ff64 100644
--- a/sys/nspawn/dmz.nix
+++ b/sys/nspawn/dmz.nix
@@ -17,6 +17,11 @@ in
       type = types.str;
     };
 
+    net6 = mkOption {
+      type = types.str;
+    };
+
+    # Solo para IPv4
     netBits = mkOption {
       type = types.enum [ 30 ];
     };
@@ -31,6 +36,11 @@ in
       readOnly = true;
     };
 
+    hostAddr6 = mkOption {
+      type = types.str;
+      readOnly = true;
+    };
+
     system = mkOption {
       type = types.raw;
     };
@@ -80,6 +90,7 @@ in
         {
           dmzAddr = joinIpv4 (incrementIpv4 hostBytes);
           hostAddr = joinIpv4 hostBytes;
+          hostAddr6 = throwIf (! hasSuffix "::" cfg.net6) "Invalid IPv6 /64: ${cfg.net6}" "${cfg.net6}1";
 
           system =
             let
@@ -165,7 +176,7 @@ in
         };
 
         networkConfig = {
-          Address = "${cfg.hostAddr}/${toString cfg.netBits}";
+          Address = [ "${cfg.hostAddr}/${toString cfg.netBits}" "${cfg.hostAddr6}/64" ];
           LinkLocalAddressing = "yes";
           DHCPServer = "yes";
           IPMasquerade = "both";
@@ -179,6 +190,15 @@ in
           PoolOffset = 2;
           PoolSize = 1;
         };
+
+        ipv6Prefixes = [
+          {
+            ipv6PrefixConfig = {
+              Assign = "yes";
+              Prefix = "${cfg.net6}/64";
+            };
+          }
+        ];
       };
 
       services = {
-- 
cgit v1.2.3