Infini-FRAMEWORK: setup NAT and DHCP networking

2024-11-23 04:26:04 -05:00 · 2024-11-23 04:26:04 -05:00 · 790201fcf1
commit 790201fcf1
parent 7f5bda6a60
1 changed files with 51 additions and 0 deletions
--- a/hosts/Infini-FRAMEWORK/default.nix
+++ b/hosts/Infini-FRAMEWORK/default.nix
@ -11,6 +11,7 @@

  persist = {
    directories = [
+      { directory = "/var/lib/dnsmasq/"; user = "dnsmasq"; }
    ];

    files = [
@ -99,4 +100,54 @@
      sshUser = "remotebuild";
    }
  ];
+
+  networking = {
+    interfaces = {
+      "wlp170s0".useDHCP = true;
+      "enp0s13f0u1" = {
+        ipv4.addresses = [{
+          address = "192.168.100.1";
+          prefixLength = 24;
+        }];
+      };
+    };
+    firewall.interfaces = {
+      "enp0s13f0u1".allowedTCPPorts = [ 53 ];
+      "enp0s13f0u1".allowedUDPPorts = [ 53 67 ];
+    };
+
+    nat = {
+      enable = true;
+      internalInterfaces = [ "enp0s13f0u1" ];
+      externalInterface = "wlp170s0";
+    };
+  };
+
+  services.dnsmasq = {
+    enable = true;
+    settings = {
+      server = [ "8.8.8.8" "1.1.1.1" ];
+      domain-needed = true;
+      bogus-priv = true;
+      no-resolv = true;
+
+      cache-size = 1000;
+
+      dhcp-range = [ "enp0s13f0u1,192.168.100.10,192.168.100.100" ];
+      interface = "enp0s13f0u1";
+      dhcp-host = "192.168.100.1";
+
+      local = "/lan/";
+      domain = "lan";
+      expand-hosts = true;
+
+      no-hosts = true;
+      address = "/infini-framework.lan/192.168.100.1";
+    };
+  };
+
+  boot.kernel.sysctl = {
+    "net.ipv4.conf.all.forwarding" = true;
+    "net.ipv6.conf.all.forwarding" = true;
+  };
 }