2024-12-13 01:08:04 +08:00
|
|
|
{
|
|
|
|
|
profiles,
|
|
|
|
|
hostData,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}:
|
|
|
|
|
{
|
|
|
|
|
imports = with profiles; [
|
2024-12-13 14:30:29 +08:00
|
|
|
services.enthalpy.transit-dualstack
|
2024-12-13 01:08:04 +08:00
|
|
|
];
|
|
|
|
|
|
|
|
|
|
services.enthalpy.ipsec.interfaces = [ "enp1s0" ];
|
|
|
|
|
|
2024-12-13 14:30:29 +08:00
|
|
|
networking.nftables.tables.nat = {
|
|
|
|
|
family = "inet";
|
|
|
|
|
content = ''
|
|
|
|
|
chain postrouting {
|
|
|
|
|
type nat hook postrouting priority srcnat; policy accept;
|
|
|
|
|
oifname enp1s0 counter masquerade
|
|
|
|
|
}
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2024-12-13 01:08:04 +08:00
|
|
|
systemd.network = {
|
|
|
|
|
enable = true;
|
|
|
|
|
wait-online.anyInterface = true;
|
2024-12-13 14:30:29 +08:00
|
|
|
config = {
|
|
|
|
|
networkConfig = {
|
|
|
|
|
IPv4Forwarding = true;
|
|
|
|
|
IPv6Forwarding = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-12-13 01:08:04 +08:00
|
|
|
networks = {
|
|
|
|
|
"30-enp1s0" = {
|
|
|
|
|
matchConfig.Name = "enp1s0";
|
|
|
|
|
networkConfig = {
|
|
|
|
|
DHCP = "ipv4";
|
|
|
|
|
Address = hostData.endpoints_v6;
|
|
|
|
|
IPv6AcceptRA = false;
|
|
|
|
|
};
|
|
|
|
|
routes = lib.singleton { Gateway = "fe80::1"; };
|
|
|
|
|
dhcpV4Config.RouteMetric = 1024;
|
|
|
|
|
dhcpV6Config.RouteMetric = 1024;
|
|
|
|
|
ipv6AcceptRAConfig.RouteMetric = 1024;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
