feat: allow smb access from fritz-vlan

2025-01-14 22:19:27 +01:00 · 2025-01-14 22:19:27 +01:00 · e15f7aaf4d
parent 1b983b62d1
commit e15f7aaf4d
3 changed files with 6 additions and 5 deletions
--- a/config/services/adguardhome.nix
+++ b/config/services/adguardhome.nix
@ -41,8 +41,8 @@
        ];
      };
      user_rules = [
-        "||homematic.internal^$dnsrewrite=${lib.net.cidr.host 30 globals.net.vlans.devices.cidrv4}"
-        "||testberry.internal^$dnsrewrite=${lib.net.cidr.host 31 globals.net.vlans.devices.cidrv4}"
+        # "||homematic.internal^$dnsrewrite=${lib.net.cidr.host 30 globals.net.vlans.devices.cidrv4}"
+        # "||testberry.internal^$dnsrewrite=${lib.net.cidr.host 31 globals.net.vlans.devices.cidrv4}"
        "||smb.internal^$dnsrewrite=${lib.net.cidr.host globals.services.samba.ip globals.net.vlans.home.cidrv4}"
        "||${globals.domains.web}^$dnsrewrite=${lib.net.cidr.host 1 globals.net.vlans.services.cidrv4}"
        "@@||${globals.services.vaultwarden.domain}"
--- a/hosts/nucnix/hostapd.nix
+++ b/hosts/nucnix/hostapd.nix
@ -62,9 +62,7 @@
      networks.wlan01 = {
        inherit (globals.hostapd) ssid;
        apIsolate = true;
-        # not supporte by laptop :(
-        #settings.ieee80211w = 0;
-        logLevel = 0;
+        #logLevel = 0;
        settings = {
          bridge = "br-iot";
        };
--- a/hosts/nucnix/net.nix
+++ b/hosts/nucnix/net.nix
@ -171,6 +171,7 @@ in
      printer-smb = {
        from = [
          "printer"
+          "fritz"
        ];
        to = [ "smb" ];
        allowedTCPPorts = [ 445 ];
@ -200,8 +201,10 @@ in
        from = [
          "home"
          "devices"
+          "fritz"
          "guests"
          "services"
+          "fritz"
        ];
        to = [ "adguard" ];
        allowedUDPPorts = [ 53 ];