summary refs log tree commit diff
path: root/modules/foundation
diff options
context:
space:
mode:
authorMel <mel@rnrd.eu>2025-10-03 17:59:39 +0200
committerMel <mel@rnrd.eu>2025-10-03 17:59:39 +0200
commitdd78a149303b96857aa74bbfd359dec322f63794 (patch)
tree6b00a1bd8adbe423133ef89dd88c4047413a7d4d /modules/foundation
parent79537dae587a8ec0efa7e990ba41eebb51df2019 (diff)
downloadnetwork-dd78a149303b96857aa74bbfd359dec322f63794.tar.zst
network-dd78a149303b96857aa74bbfd359dec322f63794.zip
Make IPv6 forwarding sysctl options in service network configuration 'default'
Signed-off-by: Mel <mel@rnrd.eu>
Diffstat (limited to 'modules/foundation')
-rw-r--r--modules/foundation/services/networks.nix6
1 files changed, 4 insertions, 2 deletions
diff --git a/modules/foundation/services/networks.nix b/modules/foundation/services/networks.nix
index ed2bf9e..7205ec1 100644
--- a/modules/foundation/services/networks.nix
+++ b/modules/foundation/services/networks.nix
@@ -10,6 +10,7 @@ let
 
   inherit (lib)
     mkOption
+    mkDefault
     types
     assertMsg
     optional
@@ -192,9 +193,10 @@ in
       fixed-cidr-v6 = "${cfg.defaultIPv6SubnetPrefix}:255::/${toString cfg.defaultIPv6SubnetLength}";
     };
 
+    # turn these ipv6 forwarding on, if it isn't already.
     boot.kernel.sysctl = {
-      "net.ipv6.conf.all.forwarding" = 1;
-      "net.ipv6.conf.default.forwarding" = 1;
+      "net.ipv6.conf.all.forwarding" = lib.mkDefault 1;
+      "net.ipv6.conf.default.forwarding" = lib.mkDefault 1;
     };
 
     networking.firewall = {