From c2079b5de000b4ac1c0aef4034c94223c83613cb Mon Sep 17 00:00:00 2001
From: Tim Keller <tjk@tjkeller.xyz>
Date: Mon, 15 Jun 2026 11:30:37 -0500
Subject: add initial portforwarding rules to poweredge

---
 hosts/poweredge/networking.nix | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

(limited to 'hosts')

diff --git a/hosts/poweredge/networking.nix b/hosts/poweredge/networking.nix
index fbf6fa6..c5084a3 100644
--- a/hosts/poweredge/networking.nix
+++ b/hosts/poweredge/networking.nix
@@ -73,13 +73,19 @@ in { config, ... }: {
 				wg-quick.interfaces = {
 					wg0.configFile = "/run/secrets/wg0";
 				};
-				# Firewall (port-forwarding) rules
-				firewall = {
-					#interfaces.wan0 = {
-					#	allowedTCPPorts = [ 8333 ];  # bitcoin
-					#	allowedUDPPorts = [ 51820 ];  # wg
-					#};
-				};
+				# NAT (port-forwarding) rules
+				nat.forwardPorts =[
+					{  # Bitcoin
+						sourcePort = 8333;
+						proto = "tcp";
+						destination = "192.168.1.44:8333";
+					}
+					{  # Filebrowser
+						sourcePort = 19045;
+						proto = "tcp";
+						destination = "192.168.1.45:9000";
+					}
+				];
 				# Additional advanced rules
 				# TODO add multi NAT feature to router service (this is just a normal nat rule)
 				nftables = {
-- 
cgit v1.2.3