hosts/prefect: Update boot and firewall settings for DN42
This commit is contained in:
parent
3dee583c5f
commit
e77b7e97cf
2 changed files with 18 additions and 0 deletions
|
@ -13,5 +13,11 @@
|
||||||
initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"];
|
initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"];
|
||||||
initrd.kernelModules = ["nvme"];
|
initrd.kernelModules = ["nvme"];
|
||||||
kernelPackages = pkgs.linuxPackages_latest;
|
kernelPackages = pkgs.linuxPackages_latest;
|
||||||
|
kernel.sysctl = {
|
||||||
|
"net.ipv4.ip_forward" = 1;
|
||||||
|
"net.ipv6.conf.all.forwarding" = 1;
|
||||||
|
"net.ipv4.conf.default.rp_filter" = 0;
|
||||||
|
"net.ipv4.conf.all.rp_filter" = 0;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,5 +1,17 @@
|
||||||
{
|
{
|
||||||
networking.firewall.allowedTCPPorts = [53 80 443 6900];
|
networking.firewall.allowedTCPPorts = [53 80 443 6900];
|
||||||
networking.firewall.allowedUDPPorts = [53 6900];
|
networking.firewall.allowedUDPPorts = [53 6900];
|
||||||
|
networking.firewall.allowedUDPPortRanges = [
|
||||||
|
{
|
||||||
|
from = 480;
|
||||||
|
to = 500;
|
||||||
|
}
|
||||||
|
];
|
||||||
|
networking.firewall.allowedTCPPortRanges = [
|
||||||
|
{
|
||||||
|
from = 480;
|
||||||
|
to = 500;
|
||||||
|
}
|
||||||
|
];
|
||||||
networking.firewall.trustedInterfaces = [ "tailscale0" ];
|
networking.firewall.trustedInterfaces = [ "tailscale0" ];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue