From a9738a94e009610163e3c49e9686c12051917af7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <cynerd@email.cz>
Date: Mon, 1 Apr 2024 12:14:45 +0200
Subject: nixos: few more fixes

---
 nixos/configurations/dean.nix | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

(limited to 'nixos/configurations/dean.nix')

diff --git a/nixos/configurations/dean.nix b/nixos/configurations/dean.nix
index 44feaea..c903794 100644
--- a/nixos/configurations/dean.nix
+++ b/nixos/configurations/dean.nix
@@ -1,4 +1,10 @@
-{pkgs, ...}: {
+{
+  lib,
+  pkgs,
+  ...
+}: let
+  inherit (lib) mkForce;
+in {
   turris.board = "mox";
   deploy.enable = true;
 
@@ -10,6 +16,11 @@
   networking = {
     useNetworkd = true;
     useDHCP = false;
+    nat = {
+      enable = true;
+      externalInterface = "brlan";
+      internalInterfaces = ["wg"];
+    };
   };
   systemd.network = {
     netdevs."brlab".netdevConfig = {
@@ -28,6 +39,7 @@
         matchConfig.Name = "lan* end0";
         networkConfig.Bridge = "brlan";
       };
+      "wg".networkConfig.IPForward = mkForce "yes";
     };
     # TODO investigate why it doesn't work
     wait-online.enable = false;
@@ -37,7 +49,4 @@
     #openocd
     tio
   ];
-
-  # TODO: ubootTools build is broken!
-  firmware.environment.enable = false;
 }
-- 
cgit v1.2.3