summaryrefslogtreecommitdiffstats
path: root/machines/jormungand/network.nix
blob: 9b188690e272b1c13a3317df60ae78d91889b3f9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
{ config, lib, pkgs, ... }:

{
  imports = [
    ../../profiles/dns.nix
    ../../profiles/wireguard.nix
  ];

  networking.hostName = "jormungand";
  networking.domain = "codewreck.org";

  boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = "1";

  networking = {
    useDHCP = false;
    interfaces.eno0.ipv4.addresses = [{
      address = "5.196.74.74";
      prefixLength = 24;
    }];
    interfaces.eno0.ipv6.addresses = [{
      address = "2001:41d0:e:84a::1";
      prefixLength = 56;
    }];
    defaultGateway = "5.196.74.254";
    defaultGateway6 = "2001:41d0:e:8ff:ff:ff:ff:ff";
    firewall = {
      # 8409 = rtorrent
      allowedTCPPorts = [ 22 80 443 8409 ];
      # 60000-60010 = mosh ; 8408 = rtorrent dht
      allowedUDPPortRanges = [ { from = 60000; to = 60010; } ];
      allowedUDPPorts = [ 8408 ];
    };
  };
}