jasmine/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nix-config/nixos/fuchsia/services/internet-sharing/default.nix
jasmine 421ac61655
feat(fuchsia): add internet sharing service for 3D printer 
Enables internet connection sharing from WiFi (wlo1) to Ethernet (enp34s0)
to provide network access for the 3D printer. Includes DHCP server with
static IP reservation, DNS forwarding through Pi-hole, and NAT configuration.
2025-10-30 14:57:38 +08:00

76 lines
2.2 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}: {
# Internet connection sharing for 3D printer over Ethernet
# Shares WiFi connection (wlo1) to Ethernet (enp34s0) using 10.1.0.0/24
# Enable IP forwarding to route traffic between interfaces
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
networking = {
# Tell NetworkManager not to manage the Ethernet interface
networkmanager.unmanaged = ["enp34s0"];
# Configure static IP on Ethernet interface
interfaces.enp34s0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "10.1.0.1";
prefixLength = 24;
}
];
};
# Firewall configuration for connection sharing
firewall = {
# Allow DHCP and DNS traffic on the Ethernet interface
interfaces.enp34s0 = {
allowedUDPPorts = [
53 # DNS queries
67 # DHCP server
];
};
# Allow traffic forwarding
extraCommands = ''
# NAT: masquerade traffic from Ethernet going to WiFi
iptables -t nat -A POSTROUTING -o wlo1 -j MASQUERADE
# Allow forwarding from Ethernet to WiFi
iptables -A FORWARD -i enp34s0 -o wlo1 -j ACCEPT
# Allow established connections back from WiFi to Ethernet
iptables -A FORWARD -i wlo1 -o enp34s0 -m state \
--state RELATED,ESTABLISHED -j ACCEPT
'';
};
};
# DHCP server for automatic IP assignment to printer
services.dnsmasq = {
enable = true;
settings = {
# Only listen on the Ethernet interface
interface = "enp34s0";
# Bind only to specified interface
bind-interfaces = true;
# Don't read /etc/resolv.conf
no-resolv = true;
# DHCP range: 10.1.0.2 through 10.1.0.10, 24h lease
dhcp-range = ["10.1.0.2,10.1.0.10,24h"];
# Upstream DNS: Pi-hole for ad-blocking and network-wide filtering
server = ["192.168.50.249"];
# Gateway for DHCP clients
dhcp-option = ["option:router,10.1.0.1"];
# Static DHCP reservation for 3D printer (BigTreeTech CB1)
dhcp-host = [
"5a:0a:da:dc:b8:2f,10.1.0.2,bigtreetech-cb1,infinite"
];
};
};
}
Reference in a new issue View git blame Copy permalink