From 0b5a454ae0d520dc18fa05499d90ad24b11bebb5 Mon Sep 17 00:00:00 2001
From: Origami404 <Origami404@foxmail.com>
Date: Sun, 17 May 2026 17:27:43 +0800
Subject: [PATCH] host/oparic: enable NAT for container port forwarding

---
 hosts/oparic-local-dev/configuration.nix | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/hosts/oparic-local-dev/configuration.nix b/hosts/oparic-local-dev/configuration.nix
index 2b959ea..1631bea 100644
--- a/hosts/oparic-local-dev/configuration.nix
+++ b/hosts/oparic-local-dev/configuration.nix
@@ -117,7 +117,13 @@
       '';
     };
   };
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedTCPPorts = [ 80 443 40000 ];
+
+  networking.nat = {
+    enable = true;
+    internalInterfaces = [ "ve-o4dev" ];
+    externalInterface = "ens18";
+  };
 
   # NixOS container: o4dev
   containers.o4dev = {