From e4e3ad196af66d5adc2d1a99e06a871804b43f09 Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Tue, 26 Dec 2023 18:53:49 -0500
Subject: avahi

---
 machines/dragon.nix |  4 ++++
 modules/router.nix  | 10 ++++++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/machines/dragon.nix b/machines/dragon.nix
index 60c1f8b..4dee80a 100644
--- a/machines/dragon.nix
+++ b/machines/dragon.nix
@@ -20,6 +20,10 @@ in {
 
   services.avahi.enable = true;
   services.avahi.nssmdns = true;
+  services.avahi.openFirewall = true;
+  services.avahi.publish.enable = true;
+  services.avahi.publish.hinfo = true;
+  services.avahi.publish.userServices = true;
 
   services.tlp.enable = true;
   services.tlp.settings = {
diff --git a/modules/router.nix b/modules/router.nix
index ace0b57..bc4a83f 100644
--- a/modules/router.nix
+++ b/modules/router.nix
@@ -196,6 +196,13 @@ let
       let
         ports-to-csv = ports: concatStringsSep "," (map toString ports);
       in ''
+        define LAN_INTERFACES = {
+          "vpnlan-vport",
+          "lan-vport",
+          "servers-vport",
+          "dragon-vport",
+          "dragonvpn-vport",
+        };
         define SERVER_WAN_PORTS = {
           ssh, domain, http, https,
           ${toString mullvadPort}
@@ -212,8 +219,7 @@ let
 
             ct state {established, related} counter accept
             meta l4proto {tcp, udp} th dport {bootps, bootpc, domain, dhcpv6-client, dhcpv6-server, ${toString vpnPort}} counter accept
-            iifname vpnlan-vport meta l4proto {tcp, udp} th dport mdns counter accept comment "avahi/mdns"
-            iifname lan-vport meta l4proto {tcp, udp} th dport mdns counter accept comment "avahi/mdns"
+            iifname $LAN_INTERFACES meta l4proto {tcp, udp} th dport mdns counter accept comment "avahi/mdns"
 
             ip protocol ipv6 counter accept comment "sit tunnel"
             ip protocol icmp limit rate 4/second counter accept comment "icmp v4"
-- 
cgit v1.2.3