cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix firewall with vms

Browse source
This commit is contained in:
cy 2025-05-24 15:01:30 -04:00
parent 5a5638b7d7
commit 202966d58a
2 changed files with 9 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
hosts/common.nix
View file

@ -39,7 +39,7 @@
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
networking = { networking = {
firewall.logRefusedConnections = false; firewall.logRefusedConnections = true;
nameservers = [ nameservers = [
# quad9 (unfiltered) # quad9 (unfiltered)
"2620:fe::10" "2620:fe::10"

19
hosts/ytnix/default.nix
View file

@ -61,7 +61,10 @@
enable = true; enable = true;
pkiBundle = "/var/lib/sbctl"; pkiBundle = "/var/lib/sbctl";
}; };
kernel.sysctl."kernel.sysrq" = 1; kernel.sysctl = {
"kernel.sysrq" = 1;
# "net.ipv4.ip_forward" = 1;
};
binfmt.emulatedSystems = [ "aarch64-linux" ]; binfmt.emulatedSystems = [ "aarch64-linux" ];
}; };
@ -90,13 +93,7 @@
enable = true; enable = true;
trustedInterfaces = [ trustedInterfaces = [
"tailscale0" "tailscale0"
"virbr0"
]; ];
# allowedTCPPorts = [
# 8080 # mitmproxy
# 22000 # syncthing
# 3003 # immich-ml
# ];
}; };
hosts = { hosts = {
"100.122.132.30" = [ "s3.cy7.sh" ]; "100.122.132.30" = [ "s3.cy7.sh" ];
@ -277,10 +274,10 @@
enable = true; enable = true;
qemu.vhostUserPackages = with pkgs; [ virtiofsd ]; qemu.vhostUserPackages = with pkgs; [ virtiofsd ];
}; };
virtualisation.vmware.host = { # virtualisation.vmware.host = {
enable = true; # enable = true;
package = pkgs.vmware-workstation; # package = pkgs.vmware-workstation;
}; # };
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
my.containerization.enable = true; my.containerization.enable = true;