From 189fcafde9902607899df8b2359a705ff1e01edf Mon Sep 17 00:00:00 2001
From: liv <shadows@with.al>
Date: Sun, 1 Sep 2024 21:25:43 +0200
Subject: [PATCH] set up minecraft port forwarding on lunasa

---
 servers/lunasa/configuration.nix | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/servers/lunasa/configuration.nix b/servers/lunasa/configuration.nix
index 7423bd5..eaf2b4d 100644
--- a/servers/lunasa/configuration.nix
+++ b/servers/lunasa/configuration.nix
@@ -41,6 +41,7 @@
     443
     1935 # the RTMP port for OwnCast
     6667 # irc plaintext
+    25565 # minecraft
   ];
 
   services.owncast = {
@@ -192,5 +193,30 @@
     };
   };
 
+  services.tailscale.enable = true;
+  networking.nftables = {
+    enable = true;
+    ruleset = ''
+      table ip nat {
+        chain PREROUTING {
+          type nat hook prerouting priority dstnat; policy accept;
+          iifname "enp1s0" tcp dport 25565 dnat to 100.66.105.22:25565
+        }
+      }
+    '';
+  };
+  networking.nat = {
+    enable = true;
+    internalInterfaces = [ "enp1s0" ];
+    externalInterface = "tailscale0";
+    forwardPorts = [
+      {
+        destination = "100.66.105.22:25565";
+        proto = "tcp";
+        sourcePort = 25565;
+      }
+    ];
+  };
+
   system.stateVersion = "23.11";
 }