diff --git a/switch_remote.sh b/switch_remote.sh
index 70ecdf4..0d42d13 100755
--- a/switch_remote.sh
+++ b/switch_remote.sh
@@ -8,7 +8,9 @@ CONFIG=$3
set -x
exec nixos-rebuild $ACTION \
+ --use-substitutes \
--no-build-nix \
--use-remote-sudo \
+ --build-host $HOST \
--target-host $HOST \
--flake ".#${CONFIG}"
diff --git a/systems/jool.eh22.intern.nix b/systems/jool.eh22.intern.nix
index aace668..c64d6a1 100644
--- a/systems/jool.eh22.intern.nix
+++ b/systems/jool.eh22.intern.nix
@@ -6,56 +6,26 @@
{
imports = [ ];
+ networking.nftables.enable = true;
+
# configure jool
networking.jool = {
- # siit = {}; TODO
- nat64 = {
+ enable = true;
+ nat64.default = {
pool4 = [
{
protocol = "TCP";
- prefix = "94.45.248.0/25";
+ prefix = "94.45.248.0/24";
"port range" = "40001-65535";
}
{
protocol = "UDP";
- prefix = "94.45.248.128/26";
+ prefix = "94.45.248.0/24";
"port range" = "40001-65535";
}
{
protocol = "ICMP";
- prefix = "94.45.248.192/27";
- "port range" = "40001-65535";
- }
-
- {
- protocol = "TCP";
- prefix = "94.45.248.0/25";
- "port range" = "40001-65535";
- }
- {
- protocol = "UDP";
- prefix = "94.45.248.128/26";
- "port range" = "40001-65535";
- }
- {
- protocol = "ICMP";
- prefix = "94.45.248.192/27";
- "port range" = "40001-65535";
- }
-
- {
- protocol = "TCP";
- prefix = "94.45.248.0/25";
- "port range" = "40001-65535";
- }
- {
- protocol = "UDP";
- prefix = "94.45.248.128/26";
- "port range" = "40001-65535";
- }
- {
- protocol = "ICMP";
- prefix = "94.45.248.192/27";
+ prefix = "94.45.248.0/24";
"port range" = "40001-65535";
}
];
diff --git a/systems/sketchy-router.noc.eh22.intern.nix b/systems/sketchy-router.noc.eh22.intern.nix
index 80e6c34..2c01eb2 100644
--- a/systems/sketchy-router.noc.eh22.intern.nix
+++ b/systems/sketchy-router.noc.eh22.intern.nix
@@ -49,6 +49,7 @@ in
"94.45.240.1/21" # wired
"94.45.254.1/24" # public services subnet
];
+ # TODO: Add jool routes
};
};
};