add initial portforwarding rules to poweredge

author: Tim Keller <tjk@tjkeller.xyz> 2026-06-15 11:30:37 -0500
committer: Tim Keller <tjk@tjkeller.xyz> 2026-06-15 11:30:37 -0500
commit: c2079b5de000b4ac1c0aef4034c94223c83613cb (patch)
tree: 64eea9cb1b808ce934195563cc5e77e36bed9218 /hosts/poweredge
parent: 31c2bcdd5f0a40da1882acf9ae108ed80a2e4740 (diff)
download: nixos-c2079b5de000b4ac1c0aef4034c94223c83613cb.tar.xz
nixos-c2079b5de000b4ac1c0aef4034c94223c83613cb.zip
1 files changed, 13 insertions, 7 deletions
diff --git a/hosts/poweredge/networking.nix b/hosts/poweredge/networking.nix
index fbf6fa6..c5084a3 100644
--- a/hosts/poweredge/networking.nix
+++ b/hosts/poweredge/networking.nix
@@ -73,13 +73,19 @@ in { config, ... }: {
 				wg-quick.interfaces = {
 					wg0.configFile = "/run/secrets/wg0";
 				};
-				# Firewall (port-forwarding) rules
-				firewall = {
-					#interfaces.wan0 = {
-					#	allowedTCPPorts = [ 8333 ];  # bitcoin
-					#	allowedUDPPorts = [ 51820 ];  # wg
-					#};
-				};
+				# NAT (port-forwarding) rules
+				nat.forwardPorts =[
+					{  # Bitcoin
+						sourcePort = 8333;
+						proto = "tcp";
+						destination = "192.168.1.44:8333";
+					}
+					{  # Filebrowser
+						sourcePort = 19045;
+						proto = "tcp";
+						destination = "192.168.1.45:9000";
+					}
+				];
 				# Additional advanced rules
 				# TODO add multi NAT feature to router service (this is just a normal nat rule)
 				nftables = {
author	Tim Keller <tjk@tjkeller.xyz>	2026-06-15 11:30:37 -0500
committer	Tim Keller <tjk@tjkeller.xyz>	2026-06-15 11:30:37 -0500
commit	c2079b5de000b4ac1c0aef4034c94223c83613cb (patch)
tree	64eea9cb1b808ce934195563cc5e77e36bed9218 /hosts/poweredge
parent	31c2bcdd5f0a40da1882acf9ae108ed80a2e4740 (diff)
download	nixos-c2079b5de000b4ac1c0aef4034c94223c83613cb.tar.xz nixos-c2079b5de000b4ac1c0aef4034c94223c83613cb.zip