Turn mediaserver into a home router
Adds services/router.nix with systemd-networkd (eno1=WAN via DHCP,
eth0=LAN 10.0.0.1/24), nftables (NAT + firewall, default drop on WAN
in), dnsmasq (DHCP only — AdGuard Home keeps :53 for DNS), and sysctl
IP forwarding. NetworkManager is forced off on this host.
Port forwards live in ports.toml at the repo root and are imported via
builtins.fromTOML. Supports single ports, ranges ("26901-26902"), and
"both" protocol. Initial forwards: 22, 80, 443, 26900, 26901-26902.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
parent
b6131654ea
commit
77eafded92
3 changed files with 190 additions and 0 deletions
|
|
@ -33,6 +33,7 @@
|
|||
./services/homepage.nix
|
||||
./services/arr-interconnect.nix
|
||||
./services/adguard.nix
|
||||
./services/router.nix
|
||||
];
|
||||
|
||||
### Make build time quicker
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue