From 339e6dd417ba7a64763119eeba870985a39c281a Mon Sep 17 00:00:00 2001
From: Daniel Kempkens <daniel+git@kempkens.io>
Date: Sat, 30 Jul 2022 23:13:59 +0200
Subject: [PATCH] webserver: Add ipv6nat

---
 container/webserver.nix | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/container/webserver.nix b/container/webserver.nix
index 0eeb01d..4951983 100644
--- a/container/webserver.nix
+++ b/container/webserver.nix
@@ -1,12 +1,39 @@
 {
   virtualisation.arion.projects.webserver.settings = {
     services = {
+      ipv6nat = {
+        image = "robbertkl/ipv6nat:latest";
+        name = "ipv6nat";
+        restart = "always";
+        networks = [ "web" ];
+        capabilities = {
+          ALL = false;
+          NET_ADMIN = true;
+          NET_RAW = true;
+        };
+        network_mode = "host";
+        volumes = [
+          "/var/run/docker.sock:/var/run/docker.sock:ro"
+        ];
+      };
+
       ifconfig-sexy = {
         service = {
           image = "ghcr.io/nifoc/ifconfig.sexy-caddy:master";
           restart = "always";
+          networks = [ "web" ];
         };
       };
     };
+
+    networks.webserver = {
+      driver = "bridge";
+      enable_ipv6 = true;
+      ipam = ''
+        driver: default
+        config:
+          - subnet: fd00:dead:beef::/48
+      '';
+    };
   };
 }