hosts/carbon: Add net-printer

2024-11-23 23:00:19 +01:00 · 2024-11-23 23:00:19 +01:00 · 6dc38cf21e
commit 6dc38cf21e
parent dff6bb1a4e
2 changed files with 48 additions and 0 deletions
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@ -14,6 +14,7 @@
      ./net-iot.nix
      ./net-lte.nix
      ./net-mgmt.nix
      ./net-printer.nix
      ./net-voip.nix
      ./ntp.nix
      ./ppp.nix
--- a/hosts/carbon/net-printer.nix
+++ b/hosts/carbon/net-printer.nix
@ -0,0 +1,47 @@
 { ... }:
 {
  networking.vlans."enp1s0.206" = {
    id = 206;
    interface = "enp1s0";
  };
  networking.bridges."net-printer".interfaces = [
    "enp1s0.206"
  ];
  networking.interfaces."net-printer".ipv4.addresses = [
    { address = "10.152.206.1"; prefixLength = 24; }
  ];
  services.kea.dhcp4 = {
    settings = {
      interfaces-config = {
        interfaces = [ "net-printer" ];
      };
      subnet4 = [
        {
          id = 206;
          subnet = "10.152.206.0/24";
          pools = [
            {
              pool = "10.152.206.100 - 10.152.206.240";
            }
          ];
          option-data = [
            {
              name = "routers";
              data = "10.152.206.1";
            }
          ];
        }
      ];
    };
  };
  clerie.firewall.extraForwardFilterCommands = ''
    # Allow access from Heimnetz to printer
    ip46tables -A forward-filter -i net-heimnetz -o net-printer -j ACCEPT
    ip46tables -A forward-filter -i net-printer -j DROP
    ip46tables -A forward-filter -o net-printer -j DROP
  '';
 }