centra
3eeb303dcb
Includes all pending changes needed for nixos-anywhere: - fiberlb: L7 policy, rule, certificate types - deployer: New service for cluster management - nix-nos: Generic network modules - Various service updates and fixes 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
52 lines
1 KiB
Nix
52 lines
1 KiB
Nix
# Edge router configuration
|
|
# Multi-VLAN setup with static routing
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
{
|
|
imports = [ ../modules ];
|
|
|
|
# Enable Nix-NOS
|
|
nix-nos.enable = true;
|
|
|
|
# WAN interface
|
|
nix-nos.interfaces.wan = {
|
|
addresses = [ "203.0.113.1/30" ];
|
|
gateway = "203.0.113.2";
|
|
};
|
|
|
|
# VLAN configuration for internal networks
|
|
nix-nos.vlans = {
|
|
# Office network
|
|
office = {
|
|
id = 10;
|
|
interface = "eth1";
|
|
addresses = [ "192.168.10.1/24" ];
|
|
};
|
|
|
|
# Guest network
|
|
guest = {
|
|
id = 20;
|
|
interface = "eth1";
|
|
addresses = [ "192.168.20.1/24" ];
|
|
};
|
|
|
|
# Server network
|
|
servers = {
|
|
id = 30;
|
|
interface = "eth1";
|
|
addresses = [ "192.168.30.1/24" ];
|
|
};
|
|
};
|
|
|
|
# Static routes to internal networks
|
|
nix-nos.routing.static = {
|
|
routes = [
|
|
{ destination = "10.0.0.0/8"; gateway = "192.168.30.254"; }
|
|
{ destination = "172.16.0.0/12"; gateway = "192.168.30.254"; }
|
|
];
|
|
};
|
|
|
|
# Enable IP forwarding
|
|
nix-nos.network.enableIpForwarding = true;
|
|
}
|