dan/liminix
1
0
Fork 5
Code

move default routes to gateway profile

Browse Source
This commit is contained in:
Daniel Barlow 2024-03-20 18:13:33 +00:00
parent a66510c9e6
commit 95ebddb661
2 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
examples/rotuer.nix
View File

@ -97,18 +97,6 @@ in rec {
users.root = secrets.root; users.root = secrets.root;
services.defaultroute4 = svc.network.route.build {
via = "$(output ${config.services.wan} address)";
target = "default";
dependencies = [ config.services.wan ];
};
services.defaultroute6 = svc.network.route.build {
via = "$(output ${config.services.wan} ipv6-peer-address)";
target = "default";
interface = config.services.wan;
};
services.firewall = svc.firewall.build { services.firewall = svc.firewall.build {
ruleset = ruleset =
let defaults = import ./demo-firewall.nix; let defaults = import ./demo-firewall.nix;

13
modules/profiles/gateway.nix
View File

@ -131,6 +131,19 @@ in {
domain = dcfg.localDomain; domain = dcfg.localDomain;
}; };
services.defaultroute4 = svc.network.route.build {
via = "$(output ${config.services.wan} address)";
target = "default";
dependencies = [ config.services.wan ];
};
services.defaultroute6 = svc.network.route.build {
via = "$(output ${config.services.wan} ipv6-peer-address)";
target = "default";
interface = config.services.wan;
};
services.resolvconf = oneshot rec { services.resolvconf = oneshot rec {
dependencies = [ config.services.wan ]; dependencies = [ config.services.wan ];
name = "resolvconf"; name = "resolvconf";