feat(nixos/kanata): add blocky

author: sefidel <contact@sefidel.net> 2024-01-24 16:22:40 +0900
committer: sefidel <contact@sefidel.net> 2024-01-24 16:22:54 +0900
commit: ed8578cb356c5e714df07a8c3f4717b1a342d9a7 (patch)
tree: cbfa84767744564548e208e4cca314b7c882370a /nixos/kanata
parent: 32bba888a932416c11359f15caf50ef7c7297ce8 (diff)
download: nixrc-ed8578cb356c5e714df07a8c3f4717b1a342d9a7.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/nixos/kanata/configuration.nix b/nixos/kanata/configuration.nix
index aac02f5..6bde8a6 100644
--- a/nixos/kanata/configuration.nix
+++ b/nixos/kanata/configuration.nix
@@ -94,6 +94,24 @@ in
   powerManagement.cpuFreqGovernor = "ondemand";
 
   sops.secrets.zfs-smol-key = { };
+  # sops.secrets.nextcloud-admin-pass = { };
+
+  boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
+  boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
+
+  networking.firewall.enable = true;
+
+  networking.nat = {
+    enable = true;
+    internalInterfaces = [ "ve-+" ];
+    externalInterface = "enp3s0";
+    # Lazy IPv6 connectivity for the container
+    enableIPv6 = true;
+  };
+
+  modules = {
+    services.blocky.enable = true;
+  };
 
   # This option defines the first version of NixOS you have installed on this particular machine,
   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
author	sefidel <contact@sefidel.net>	2024-01-24 16:22:40 +0900
committer	sefidel <contact@sefidel.net>	2024-01-24 16:22:54 +0900
commit	ed8578cb356c5e714df07a8c3f4717b1a342d9a7 (patch)
tree	cbfa84767744564548e208e4cca314b7c882370a /nixos/kanata
parent	32bba888a932416c11359f15caf50ef7c7297ce8 (diff)
download	nixrc-ed8578cb356c5e714df07a8c3f4717b1a342d9a7.zip