Bun/nixos-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Change nfs firewall to include any included mycelium ip

Browse source
This commit is contained in:
Bun 2025-05-31 16:51:16 -04:00
parent 1bcd590c43
commit a4d6a7663c
2 changed files with 2 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/tower/boot/default.nix
View file

@ -4,7 +4,6 @@ let
# VM/GPU passthrough # VM/GPU passthrough
"amd_iommu=on" "amd_iommu=on"
"iommu=pt" "iommu=pt"
"nested=1"
# Isolate devices into IOMMU groups # Isolate devices into IOMMU groups
"pcie_acs_override=downstream,multifunction" "pcie_acs_override=downstream,multifunction"

4
modules/system/services/server/nfs/default.nix
View file

@ -4,8 +4,8 @@
config = lib.mkIf config.services.nfs.server.enable { config = lib.mkIf config.services.nfs.server.enable {
services.nfs.server.exports = "/storage *(rw)"; services.nfs.server.exports = "/storage *(rw)";
networking.firewall.extraInputRules = with config.services.mycelium.ips; '' networking.firewall.extraInputRules = with lib; ''
ip6 saddr { ${tower}, ${intuos}, ${jupiter}, ${midas}, ${kitty}, ${prophet} } tcp dport 2049 accept ip6 saddr { ${concatStringsSep ", " (attrValues config.services.mycelium.ips)} } tcp dport 2049 accept
''; '';
}; };
} }