Move generic config for dn42 routers to special module

2020-12-08 14:09:09 +01:00 · 2020-12-08 14:09:09 +01:00 · 26cae76337
parent dd7bdf8efa
commit 26cae76337
2 changed files with 13 additions and 13 deletions
--- a/configuration/dn42/default.nix
+++ b/configuration/dn42/default.nix
@ -4,4 +4,17 @@
  environment.systemPackages = with pkgs; [
    wireguard-tools
  ];
+
+  boot.kernel.sysctl = {
+    "net.ipv4.ip_forward" = true;
+    "net.ipv6.conf.all.forwarding" = true;
+  };
+
+  # Open Firewall for BGP
+  networking.firewall.allowedTCPPorts = [ 179 ];
+  # Open Fireall for OSPF
+  networking.firewall.extraCommands = ''
+  ip6tables -A INPUT -p ospfigp -j ACCEPT
+  iptables -A INPUT -p ospfigp -j ACCEPT
+  '';
 }
--- a/hosts/dn42-il-gw5/configuration.nix
+++ b/hosts/dn42-il-gw5/configuration.nix
@ -14,11 +14,6 @@
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/vda";

-  boot.kernel.sysctl = {
-    "net.ipv4.ip_forward" = true;
-    "net.ipv6.conf.all.forwarding" = true;
-  };
-
  networking.hostName = "dn42-il-gw5";

  networking.useDHCP = false;
@ -47,14 +42,6 @@
    ];
  };

-  networking.firewall.allowedTCPPorts = [
-    179
-  ];
-  networking.firewall.extraCommands = ''
-  ip6tables -A INPUT -p ospfigp -j ACCEPT
-  iptables -A INPUT -p ospfigp -j ACCEPT
-  '';
-
  services.bird2.enable = true;
  services.bird2.config = ''
  router id ${ (lib.head config.networking.interfaces.ens18.ipv4.addresses).address };