diff --git a/switch_remote.sh b/switch_remote.sh
index 2f044fc..2f7bb3f 100755
--- a/switch_remote.sh
+++ b/switch_remote.sh
@@ -9,6 +9,6 @@ exec nixos-rebuild $ACTION \
--use-substitutes \
--no-build-nix \
--use-remote-sudo \
- --build-host "$HOST" \
- --target-host "$HOST" \
+ --build-host "noc@10.20.25.2" \
+ --target-host "noc@10.20.25.2" \
--flake ".#$HOST" \
diff --git a/systems/sketchy-router.noc.eh22.intern.nix b/systems/sketchy-router.noc.eh22.intern.nix
index 96bfeaa..6e4d490 100644
--- a/systems/sketchy-router.noc.eh22.intern.nix
+++ b/systems/sketchy-router.noc.eh22.intern.nix
@@ -22,11 +22,60 @@
};
"10-ethMgmt" = {
matchConfig.MACAddress = "BC:24:11:A3:38:4E";
- address = [ "10.20.24.1/24" ];
+ address = [ "10.20.25.2/24" ];
};
};
};
+ networking.nat = {
+ enable = true;
+ externalInterface = "ens19";
+ internalIPs = [ "10.20.25.0/24" ];
+ };
+
+ services.kea.dhcp4 = {
+ enable = true;
+ settings = {
+ interfaces-config = {
+ interfaces = [
+ "ens19"
+ ];
+ };
+ lease-database = {
+ name = "/var/lib/kea/dhcp4.leases";
+ persist = true;
+ type = "memfile";
+ };
+ rebind-timer = 2000;
+ renew-timer = 1000;
+ valid-lifetime = 4000;
+ authoritative = true;
+ option-data = [
+ {
+ name = "domain-name-servers";
+ data = "9.9.9.9";
+ }
+ {
+ name = "routers";
+ data = "10.20.25.2";
+ }
+ ];
+ shared-networks = [
+ {
+ name = "mgmtNet";
+ interface = "ens19";
+ subnet4 = [
+ {
+ id = 300;
+ subnet = "10.20.25.0/24";
+ pools = [ { pool = "10.20.25.100 - 10.20.25.254"; } ];
+ }
+ ];
+ }
+ ];
+ };
+ };
+
# DO NOT CHANGE
# this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
home-manager.users.noc.home.stateVersion = "24.11";