From 84b473d38cb34c32c4a9a02a8b3d633ecc209826 Mon Sep 17 00:00:00 2001 From: Stefan Junker Date: Sat, 24 Aug 2024 00:16:29 +0200 Subject: [PATCH] feat(sj-srv1): switch to hostBridge set up the hostside veth interfaces seem to be buggy and this is more efficient anyway. --- nix/os/containers/mailserver.nix | 3 ++- nix/os/containers/syncthing.nix | 3 ++- nix/os/containers/webserver.nix | 3 ++- nix/os/devices/sj-srv1/system.nix | 36 ++++++++++++++++++++++++------- 4 files changed, 34 insertions(+), 11 deletions(-) diff --git a/nix/os/containers/mailserver.nix b/nix/os/containers/mailserver.nix index b906d8b..c821bf4 100644 --- a/nix/os/containers/mailserver.nix +++ b/nix/os/containers/mailserver.nix @@ -1,5 +1,6 @@ { specialArgs, + hostBridge, hostAddress, localAddress, imapsPort ? 993, @@ -227,5 +228,5 @@ } ]; - inherit hostAddress localAddress; + inherit hostBridge hostAddress localAddress; } diff --git a/nix/os/containers/syncthing.nix b/nix/os/containers/syncthing.nix index 12421c7..8c0ba82 100644 --- a/nix/os/containers/syncthing.nix +++ b/nix/os/containers/syncthing.nix @@ -1,5 +1,6 @@ { specialArgs, + hostBridge, hostAddress, localAddress, syncthingPort ? 22000, @@ -56,5 +57,5 @@ } ]; - inherit hostAddress localAddress; + inherit hostBridge hostAddress localAddress; } diff --git a/nix/os/containers/webserver.nix b/nix/os/containers/webserver.nix index c2c166c..0611f60 100644 --- a/nix/os/containers/webserver.nix +++ b/nix/os/containers/webserver.nix @@ -1,5 +1,6 @@ { specialArgs, + hostBridge, hostAddress, localAddress, httpPort, @@ -330,5 +331,5 @@ in { } ]; - inherit hostAddress localAddress; + inherit hostBridge hostAddress localAddress; } diff --git a/nix/os/devices/sj-srv1/system.nix b/nix/os/devices/sj-srv1/system.nix index bd23a9e..985ed24 100644 --- a/nix/os/devices/sj-srv1/system.nix +++ b/nix/os/devices/sj-srv1/system.nix @@ -29,9 +29,26 @@ networking.nat = { enable = true; - internalInterfaces = ["ve-*"]; externalInterface = "eth0"; + internalInterfaces = ["br0"]; }; + + networking.bridges = { + br0 = { + interfaces = []; + }; + }; + networking.interfaces = { + br0 = { + ipv4.addresses = [ + { + address = "192.168.101.1"; + prefixLength = 24; + } + ]; + }; + }; + boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; }; @@ -84,14 +101,15 @@ autoStart = true; - hostAddress = "192.168.100.10"; - localAddress = "192.168.100.11"; + hostBridge = "br0"; + hostAddress = "192.168.101.1"; + localAddress = "192.168.101.10/24"; imapsPort = 993; sievePort = 4190; }; - websrv0 = + webserver = import ../../containers/webserver.nix { specialArgs = { @@ -100,8 +118,9 @@ autoStart = true; - hostAddress = "192.168.100.12"; - localAddress = "192.168.100.13"; + hostBridge = "br0"; + hostAddress = "192.168.101.1"; + localAddress = "192.168.101.11/24"; httpPort = 80; httpsPort = 443; @@ -114,8 +133,9 @@ }; autoStart = true; - hostAddress = "192.168.100.14"; - localAddress = "192.168.100.15"; + hostBridge = "br0"; + hostAddress = "192.168.101.1"; + localAddress = "192.168.101.12/24"; syncthingPort = 22000; };