| 6 Jun 2026 |
 Nico | Uuuuh nice, I'm waiting for it to finally get rid of the broken clatd https://github.com/secshellnet/nixos-tests/pull/3 | 16:49:53 |
| 7 Jun 2026 |
|  Likius Inik joined the room. | 05:25:08 |
| Likius Inik | Can I manage Ubiquity Unifi and Edgerouter with Nix? | 05:25:38 |
| Nico | I don't think so. Sure you could generate the vyatta config for the edgerouter using nix code
But especially the unifi controller stuff, that cannot really be configured via cli will probally not work with nix. | 10:32:11 |
| Nico | * I don't think so. Sure you could generate the vyatta config for the edgerouter using nix code
But especially the unifi controller stuff, that cannot really be configured via cli can probally not be done with nix. | 10:32:23 |
 Marcel | you ccould use https://github.com/astro/nix-openwrt-imagebuilder | 10:34:02 |
| Nico | Sure, you can use the platform on which unifi is based, but this removes all unifi related features from these boxes. You could definitly use cheaper access points as well, because you don't need the original unifi remote management features | 10:44:16 |
 Eli Saado | I'm trying to skip NAT when packets come from a certain source IP, is there a way to do this using the networking.nat.* options? | 12:25:47 |
| Eli Saado | use case is my homelab having it's own 10.0.0.0/8 network, but my home network being on 192.168.0.0/16, I'm trying to skip NAT when packets originate on the homelab's "WAN" interface from 192.168.0.0/16 | 12:26:46 |
| Eli Saado | a new option like networking.nat.extraPreRules would help here, not sure if there are other usecases for it though | 12:30:19 |
|  zimward changed their display name from zimward @GPN24 to zimward. | 21:08:15 |
| 10 Jun 2026 |
|  sharp-dressed-man changed their display name from g8dg5_s-+s50=z/ to sharp-dressed-man. | 08:08:19 |
| 11 Jun 2026 |
|  lav joined the room. | 23:50:30 |
| 12 Jun 2026 |
 matthewcroughan | How do you usually dish out V4 addresses to people? | 19:57:16 |
| matthewcroughan | is it any different than when doing NAT with local addr ranges ? | 19:57:39 |
 magic_rb | id recommend you write your own firewall, its not that hard. i can share mine, though theyre not well written sadly, didnt have time or energy to do a proper clean up | 20:35:56 |
| magic_rb | you'd have to olearn nftables tho | 20:36:01 |
| Eli Saado | yeah I'm contemplating it quite hard rn | 20:36:48 |
| Eli Saado | I already do some rule generation | 20:36:53 |
| Eli Saado | for allowing NAT traffic to be forwarded | 20:37:31 |
| Eli Saado | 
Download image.png | 20:37:31 |
| magic_rb | well, youd want to use a set for that but yes | 20:40:17 |
| magic_rb | the complexity of the above is O(n) | 20:40:27 |
| Eli Saado | oh | 20:42:56 |
| Eli Saado | oh... | 20:42:58 |
| Eli Saado | evaluation time is my biggest opponent | 20:43:05 |
| magic_rb | i would recommend to just not include the rule gen in nix, as in have a mostly static firewall.nft file | 20:43:42 |
| magic_rb | then into that you can inject values, by using, uh, there is a command to add an entry to a set, dont ask me what it is | 20:44:08 |
| magic_rb | * then into that you can inject values, by using, uh, there is a command to add an entry to a set, dont ask me what it is rn | 20:44:10 |
| magic_rb | i have a lot of ideas on how to do this, but not enough energy | 20:44:19 |
