fix rt routing & nftables

2025-07-22 21:00:30 +02:00 · 2025-07-22 21:00:30 +02:00 · ccf23a35b8
commit ccf23a35b8
parent 71be15629e
3 changed files with 42 additions and 54 deletions
--- a/shared/commons/nftables.nix
+++ b/shared/commons/nftables.nix
@ -7,10 +7,6 @@ let

    # Import mapping
    mapping = import ./../../mapping.nix;
-
-    meshUdpRange = "51000-${toString (51000 + builtins.head (
-        builtins.sort (a: b: a > b) (
-        lib.mapAttrsToList (name: node: node.id) nodes)))}";
 in
 {
    networking = {
@ -50,7 +46,7 @@ in
                            tcp dport 22 accept

                            # Mesh
-                            udp dport ${meshUdpRange} accept
+                            udp dport 51820 accept

                            ${if lib.elem myName mapping.bastion then ''
                                # Mgmt