From ca9d1b1b1d1eb5f1eac7c59b6c0168dfc1f8c231 Mon Sep 17 00:00:00 2001
From: catvayor <catvayor@katvayor.net>
Date: Sat, 5 Apr 2025 18:37:34 +0200
Subject: [PATCH] feat(vault01): add admin ipv4

---
 machines/nixos/vault01/networking.nix | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/machines/nixos/vault01/networking.nix b/machines/nixos/vault01/networking.nix
index 3fb2f3fe..ddd91b39 100644
--- a/machines/nixos/vault01/networking.nix
+++ b/machines/nixos/vault01/networking.nix
@@ -108,7 +108,10 @@ let
 
     vlan-admin = {
       Id = 3000;
-      address = [ "fd26:baf9:d250:8000::1/64" ];
+      address = [
+        "fd26:baf9:d250:8000::1/64"
+        "192.168.129.1/24"
+      ];
     };
 
     vlan-admin-ap = {
@@ -372,6 +375,9 @@ in
                 ip6 daddr {
                   fd26:baf9:d250::/48,
                 } jump forward_reject;
+                ip daddr {
+                  192.168.129.0/24
+                } jump forward_reject;
 
                 # These are being deployed, and so are not trusted
                 ip saddr 10.0.255.0/24 jump forward_reject;