sora/nixconfig
1
0
Fork 0
Code Issues 2 Pull Requests Actions Releases Activity

Cleaner forwarding

Browse Source
This commit is contained in:
soraefir
2026-05-01 17:57:06 +02:00
parent 32c83bca98
commit 9b0fc14795
2 changed files with 15 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
modules/nixos/system/network/wireguard/forwarding.nix
View File

@@ -24,11 +24,13 @@ in
${concatMapStringsSep "\n" (ports:
let
src = builtins.elemAt ports 0;
dst = builtins.elemAt ports 1;
from = builtins.elemAt ports 0;
to = builtins.elemAt ports 1;
src = builtins.elemAt ports 2;
dst = builtins.elemAt ports 3;
in ''
iifname "${cfg.inInterface}" tcp dport ${toString src} counter dnat to ${cfg.toAddr}:${toString dst}
iifname "${cfg.inInterface}" udp dport ${toString src} counter dnat to ${cfg.toAddr}:${toString dst}
iifname "${from}" tcp dport ${toString src} counter dnat to ${to}:${toString dst}
iifname "${from}" udp dport ${toString src} counter dnat to ${to}:${toString dst}
''
) cfg.forwarding.ports}
}

28
modules/shared/syscfg/default.nix
View File

@@ -51,25 +51,15 @@ let
type = types.listOf types.str;
default = [];
};
forward = {
inInterface = mkOption {
type = types.str;
default = "ens3";
description = "Incoming interface for forwarding";
};
toAddr = mkOption {
type = types.str;
description = "Destination address (IPv4 or IPv6)";
example = "10.10.1.2";
};
ports = mkOption {
type = types.listOf (types.listOf types.port);
default = [];
description = "Port mappings: [ [srcPort dstPort] ... ]";
example = [ [ 22 22 ] [ 80 80 ] [ 443 443 ] ];
};
forward = mkOption {
type = types.listOf (types.listOf (types.oneOf [ types.str types.int ]));
default = [];
description = "Forwarding rules: [ [srcInterface dstAddr srcPort dstPort] ... ]";
example = [
[ "ens3" "10.10.1.2" 22 2222 ]
[ "ens3" "10.10.1.2" 80 80 ]
[ "ens3" "10.10.1.2" 443 443 ]
];
};
};
};