Make IPv6 forwarding sysctl options in service network configuration 'default'

Signed-off-by: Mel <mel@rnrd.eu>
author: Mel <mel@rnrd.eu> 2025-10-03 17:59:39 +0200
committer: Mel <mel@rnrd.eu> 2025-10-03 17:59:39 +0200
commit: dd78a149303b96857aa74bbfd359dec322f63794 (patch)
tree: 6b00a1bd8adbe423133ef89dd88c4047413a7d4d /modules/foundation
parent: 79537dae587a8ec0efa7e990ba41eebb51df2019 (diff)
download: network-dd78a149303b96857aa74bbfd359dec322f63794.tar.zst
network-dd78a149303b96857aa74bbfd359dec322f63794.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/modules/foundation/services/networks.nix b/modules/foundation/services/networks.nix
index ed2bf9e..7205ec1 100644
--- a/modules/foundation/services/networks.nix
+++ b/modules/foundation/services/networks.nix
@@ -10,6 +10,7 @@ let
 
   inherit (lib)
     mkOption
+    mkDefault
     types
     assertMsg
     optional
@@ -192,9 +193,10 @@ in
       fixed-cidr-v6 = "${cfg.defaultIPv6SubnetPrefix}:255::/${toString cfg.defaultIPv6SubnetLength}";
     };
 
+    # turn these ipv6 forwarding on, if it isn't already.
     boot.kernel.sysctl = {
-      "net.ipv6.conf.all.forwarding" = 1;
-      "net.ipv6.conf.default.forwarding" = 1;
+      "net.ipv6.conf.all.forwarding" = lib.mkDefault 1;
+      "net.ipv6.conf.default.forwarding" = lib.mkDefault 1;
     };
 
     networking.firewall = {
author	Mel <mel@rnrd.eu>	2025-10-03 17:59:39 +0200
committer	Mel <mel@rnrd.eu>	2025-10-03 17:59:39 +0200
commit	dd78a149303b96857aa74bbfd359dec322f63794 (patch)
tree	6b00a1bd8adbe423133ef89dd88c4047413a7d4d /modules/foundation
parent	79537dae587a8ec0efa7e990ba41eebb51df2019 (diff)
download	network-dd78a149303b96857aa74bbfd359dec322f63794.tar.zst network-dd78a149303b96857aa74bbfd359dec322f63794.zip