From 4d10ab6aca6eb3d2f9b567441948065a8f9d6f54 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Fri, 15 Sep 2023 14:14:36 +0200 Subject: [PATCH 1/2] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/bfd953b2c6de4f550f75461bcc5768b6f966be10' (2023-08-15) → 'github:NixOS/nixpkgs/e5f018cf150e29aac26c61dac0790ea023c46b24' (2023-09-12) • Updated input 'nixpkgs-unstable': 'github:NixOS/nixpkgs/caac0eb6bdcad0b32cb2522e03e4002c8975c62e' (2023-08-16) → 'github:NixOS/nixpkgs/f2ea252d23ebc9a5336bf6a61e0644921f64e67c' (2023-09-14) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 8ffbb7c..58acaaa 100644 --- a/flake.lock +++ b/flake.lock @@ -91,11 +91,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1692134936, - "narHash": "sha256-Z68O969cioC6I3k/AFBxsuEwpJwt4l9fzwuAMUhCCs0=", + "lastModified": 1694499547, + "narHash": "sha256-R7xMz1Iia6JthWRHDn36s/E248WB1/je62ovC/dUVKI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bfd953b2c6de4f550f75461bcc5768b6f966be10", + "rev": "e5f018cf150e29aac26c61dac0790ea023c46b24", "type": "github" }, "original": { @@ -121,11 +121,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1692174805, - "narHash": "sha256-xmNPFDi/AUMIxwgOH/IVom55Dks34u1g7sFKKebxUm0=", + "lastModified": 1694669921, + "narHash": "sha256-6ESpJ6FsftHV96JO/zn6je07tyV2dlLR7SdLsmkegTY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "caac0eb6bdcad0b32cb2522e03e4002c8975c62e", + "rev": "f2ea252d23ebc9a5336bf6a61e0644921f64e67c", "type": "github" }, "original": { From 55d8e55d3e6355885e0bd003c5ca535e435766f0 Mon Sep 17 00:00:00 2001 From: nyanloutre Date: Fri, 15 Sep 2023 15:27:47 +0200 Subject: [PATCH 2/2] enable Bouygues IPv6 --- systems/LoutreOS/configuration.nix | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix index 720c7d7..543e998 100644 --- a/systems/LoutreOS/configuration.nix +++ b/systems/LoutreOS/configuration.nix @@ -23,6 +23,8 @@ supportedFilesystems = [ "zfs" ]; tmp.useTmpfs = true; + + kernel.sysctl."net.ipv6.conf.all.forwarding" = true; }; documentation.nixos.enable = false; @@ -88,6 +90,7 @@ }; firewall = { + enable = true; allowedTCPPorts = [ 80 443 ]; allowedUDPPorts = [ ]; interfaces.eno2 = { @@ -101,7 +104,11 @@ 3483 # Slimserver ]; }; - enable = true; + extraCommands = '' + ip6tables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT + ip6tables -A FORWARD -j ACCEPT -i eno2 + ip6tables -A FORWARD -j nixos-fw-log-refuse + ''; }; }; @@ -118,6 +125,12 @@ IPv6AcceptRA = "yes"; }; }; + "40-eno2" = { + networkConfig = { + IPv6SendRA = "yes"; + DHCPPrefixDelegation = "yes"; + }; + }; "40-enp0s21u2".dhcpV4Config.RouteMetric = 1024; };