add vm working with dhcp+dns

2024-01-29 22:21:15 +01:00 · 2024-01-29 22:21:15 +01:00 · 63688f3068
commit 63688f3068
parent 532d76c049
6 changed files with 77 additions and 17 deletions
--- a/nixos/modules/networking/default.nix
+++ b/nixos/modules/networking/default.nix
@ -90,11 +90,11 @@ in {
  config = {
    networking = {
      domain = if machine.type == "physical" then "hyp" else "dmz";
-      nftables.enable = true;
-      useDHCP = machine.type == "virtual";
+      nftables.enable = false;
+      useDHCP = false;

      firewall = {
-        enable = true;
+        enable = false;
        checkReversePath = false;
      };
    };
--- a/nixos/modules/networking/dmz/default.nix
+++ b/nixos/modules/networking/dmz/default.nix
@ -23,7 +23,8 @@ in
  config = lib.mkIf cfg.enable {
    lab.networking.allowDMZConnectivity = true;

-    networking.firewall.interfaces.${config.lab.networking.dmzBridgeName} = {
+    # TODO: listen only on dmz interface, make this portable between physical and VM.
+    networking.firewall = {
      allowedTCPPorts = [ 53 5353 ];
      allowedUDPPorts = [ 53 67 5353 ];
    };