From ea26048e58f5be54ec441b6d8196845bccef806f Mon Sep 17 00:00:00 2001
From: Kiara Grouwstra <kiara@procolix.eu>
Date: Sun, 19 Oct 2025 20:08:34 +0200
Subject: [PATCH] working networking

Signed-off-by: Kiara Grouwstra <kiara@procolix.eu>
---
 .../check/data-model-tf-proxmox/nixosTest.nix | 45 +++++++++++++++++--
 1 file changed, 41 insertions(+), 4 deletions(-)

diff --git a/deployment/check/data-model-tf-proxmox/nixosTest.nix b/deployment/check/data-model-tf-proxmox/nixosTest.nix
index 11bc5aa5..da737063 100644
--- a/deployment/check/data-model-tf-proxmox/nixosTest.nix
+++ b/deployment/check/data-model-tf-proxmox/nixosTest.nix
@@ -24,13 +24,13 @@ let
     ];
     key-file = "/root/.ssh/id_ed25519";
     node-name = "pve";
-    bridge = "br0";
+    bridge = "br-vm";
     vlanId = 0;
     imageDatastoreId = "local";
     vmDatastoreId = "local";
     cdDatastoreId = "local";
-    ipv4Gateway = "192.168.1.1";
-    ipv4Address = "192.168.1.236/24";
+    ipv4Gateway = "192.168.10.1";
+    ipv4Address = "192.168.10.236/24";
     ipv6Gateway = "";
     ipv6Address = "";
   };
@@ -47,7 +47,6 @@ in
   imports = [
     ../common/data-model-options.nix
   ];
-
   name = "deployment-model";
   sourceFileset = lib.fileset.unions [
     ../../run/tf-proxmox/run.sh
@@ -63,6 +62,43 @@ in
       environment.systemPackages = [
         pkgs.jq
       ];
+      networking.firewall.enable = false;
+      networking.vlans = {
+        vlan0 = {
+          id = 0;
+          interface = "eth0";
+        };
+      };
+      networking.useDHCP = false;
+
+      networking = {
+        bridges.br-vm.interfaces = [ ]; # internal bridge
+        interfaces.br-vm.ipv4.addresses = [
+          {
+            address = "192.168.10.1";
+            prefixLength = 24;
+          }
+        ];
+        # Timed out waiting for device /sys/subsystem/net/devices/br0
+        interfaces.br0.ipv4.addresses = [
+          {
+            address = "192.168.1.3";
+            prefixLength = 24;
+          }
+        ];
+        nat = {
+          enable = true;
+          # Timed out waiting for device /sys/subsystem/net/devices/br0
+          externalInterface = "br0";
+          internalInterfaces = [ "br-vm" ];
+        };
+      };
+      boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
+
+      networking.defaultGateway = {
+        interface = "br0";
+        address = "192.168.1.1";
+      };
       users.users.root = {
         password = "mytestpw";
         hashedPasswordFile = lib.mkForce null;
@@ -85,6 +121,7 @@ in
         ../../modules/terraform-backend
       ];
 
+      networking.firewall.enable = false;
       nix.nixPath = [
         (lib.concatStringsSep ":" (lib.mapAttrsToList (k: v: k + "=" + v) sources))
       ];