diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/networking.nix | 19 | ||||
| -rw-r--r-- | config/services/web/default.nix | 7 |
2 files changed, 25 insertions, 1 deletions
diff --git a/config/networking.nix b/config/networking.nix index 8322f8c..a39d85a 100644 --- a/config/networking.nix +++ b/config/networking.nix @@ -22,6 +22,25 @@ "93.95.224.28" "93.95.224.29" ]; + + # reroute SSH on port 2222 to hephaistos + nat.enable = true; + nftables = { + enable = true; + ruleset = '' + table ip nat { + chain pre { + type nat hook prerouting priority dstnat; policy accept; + iifname "ens3" tcp dport 2222 dnat to 100.64.0.3:22 + } + chain post { + type nat hook postrouting priority srcnat; policy accept; + iifname "ens3" ip daddr 100.64.0.3 tcp dport 22 masquerade + } + } + ''; + }; + }; services.resolved = { diff --git a/config/services/web/default.nix b/config/services/web/default.nix index 859a3f4..920d1e7 100644 --- a/config/services/web/default.nix +++ b/config/services/web/default.nix @@ -1,7 +1,12 @@ { pkgs, ... }: { - imports = [ ./quentin ./rss ./searx ./webkeydirectory ]; + imports = [ + ./quentin + ./rss + ./searx + ./webkeydirectory + ]; security.acme = { acceptTerms = true; |