containers/citrine: forward ssh
This commit is contained in:
parent
15c4e4fc51
commit
fa3872647d
GPG key ID:
6500251E087653C9
1 changed files with 10 additions and 0 deletions
|
|
@ -18,6 +18,16 @@
|
|||
name = "citrine";
|
||||
subnet = "3";
|
||||
in {
|
||||
# TODO: this is likely dandelion specific
|
||||
networking.firewall.extraCommands = ''
|
||||
ip6tables -t nat -A PREROUTING -d fd0d::1:1003 -p tcp --dport 22 -j DNAT --to-destination fd0d:1::${subnet}:2
|
||||
ip6tables -t nat -A POSTROUTING -d fd0d:1::${subnet}:2 -p tcp --dport 22 -j SNAT --to-source fd0d::1:1003
|
||||
'';
|
||||
networking.firewall.extraStopCommands = ''
|
||||
ip6tables -t nat -D PREROUTING -d fd0d::1:1003 -p tcp --dport 22 -j DNAT --to-destination fd0d:1::${subnet}:2 || true
|
||||
ip6tables -t nat -D POSTROUTING -d fd0d:1::${subnet}:2 -p tcp --dport 22 -j SNAT --to-source fd0d::1:1003 || true
|
||||
'';
|
||||
|
||||
services.nginx.virtualHosts."garden.lava.moe" = {
|
||||
useACMEHost = "lava.moe";
|
||||
forceSSL = true;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue