From 281745d7a62f49f1cd087b35a88f39420ae09de1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moira=20H=C3=B6sel?= <moira@moira.is>
Date: Sun, 7 Apr 2024 16:25:08 +0200
Subject: [PATCH] simplify nat on parsons

---
 parsons/configuration.nix | 7 -------
 parsons/lxc.nix           | 1 -
 parsons/nftables.nix      | 9 +--------
 3 files changed, 1 insertion(+), 16 deletions(-)

diff --git a/parsons/configuration.nix b/parsons/configuration.nix
index c6fe455..fba128c 100644
--- a/parsons/configuration.nix
+++ b/parsons/configuration.nix
@@ -50,13 +50,6 @@
     address = "fe80::1";
     interface = "enp35s0";
   };
-  boot = {
-    kernelModules = [ "nf_nat_ftp" ];
-    kernel.sysctl = {
-      "net.ipv4.conf.all.forwarding" = lib.mkOverride 90 true;
-      "net.ipv4.conf.default.forwarding" = lib.mkOverride 90 true;
-    };
-  };
 
   services.nginx = {
     enable = true;
diff --git a/parsons/lxc.nix b/parsons/lxc.nix
index ffb228b..31675b6 100644
--- a/parsons/lxc.nix
+++ b/parsons/lxc.nix
@@ -8,7 +8,6 @@
       prefixLength = 24;
     }
   ];
-  networking.nat.internalInterfaces = [ "lxcbr0" ];
 
   virtualisation.lxc.enable = true;
   virtualisation.lxc.systemConfig = ''
diff --git a/parsons/nftables.nix b/parsons/nftables.nix
index a9e6614..9af7837 100644
--- a/parsons/nftables.nix
+++ b/parsons/nftables.nix
@@ -2,14 +2,7 @@
 
 {
   networking.firewall.enable = true;
-  networking.nat.enable = false;
-  boot = {
-    kernelModules = [ "nf_nat_ftp" ];
-    kernel.sysctl = {
-      "net.ipv4.conf.all.forwarding" = true;
-      "net.ipv4.conf.default.forwarding" = true;
-    };
-  };
+  networking.nat.enable = true;
 
   networking.nftables.enable = true;
   networking.nftables.tables.nat = {