From 7bfa242064e8a36a0568143fb66f46cd401cc734 Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Fri, 26 Mar 2021 20:11:21 +0100
Subject: container-networking: configure nat for containers

---
 krebs/2configs/container-networking.nix | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 krebs/2configs/container-networking.nix

(limited to 'krebs/2configs')

diff --git a/krebs/2configs/container-networking.nix b/krebs/2configs/container-networking.nix
new file mode 100644
index 00000000..fa448880
--- /dev/null
+++ b/krebs/2configs/container-networking.nix
@@ -0,0 +1,7 @@
+{ lib, ... }:
+{
+  networking.nat.enable = true;
+  networking.nat.internalInterfaces = ["ve-+"];
+  networking.nat.externalInterface = lib.mkDefault "et0";
+  networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
+}
-- 
cgit v1.2.3