configuration
common
desktop
dn42
default.nix
gpg-ssh
hetzner-cloud
hydra-build-machine
proxmox-vm
router
flake
hosts
lib
modules
pkgs
users
.gitignore
README.md
flake.lock
flake.nix
23 lines
478 B
Nix
23 lines
478 B
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
environment.systemPackages = with pkgs; [
|
|
wireguard-tools
|
|
];
|
|
|
|
boot.kernel.sysctl = {
|
|
"net.ipv4.ip_forward" = true;
|
|
"net.ipv6.conf.all.forwarding" = true;
|
|
};
|
|
|
|
networking.firewall.checkReversePath = false;
|
|
|
|
# Open Firewall for BGP
|
|
networking.firewall.allowedTCPPorts = [ 179 ];
|
|
# Open Fireall for OSPF
|
|
networking.firewall.extraCommands = ''
|
|
ip6tables -A INPUT -p ospfigp -j ACCEPT
|
|
iptables -A INPUT -p ospfigp -j ACCEPT
|
|
'';
|
|
}
|