space_server: add spacebrain.labitat.dk

2 files changed, 14 insertions, 4 deletions

diff --git a/roles/space_server/files/networkd/network/10-lan20.network b/roles/space_server/files/networkd/network/10-lan20.network
index b30caa4..06b1ff1 100644
--- a/roles/space_server/files/networkd/network/10-lan20.network
+++ b/roles/space_server/files/networkd/network/10-lan20.network
@@ -17,3 +17,7 @@ EmitLLDP=no
 [Route]
 Destination=2a01:4262:1ab::cafe/128
 Gateway=2a01:4262:1ab:20::5
+
+[Route]
+Destination=2a01:4262:1ab::db/128
+Gateway=2a01:4262:1ab:20::6
diff --git a/roles/space_server/files/nftables/nftables.conf b/roles/space_server/files/nftables/nftables.conf
index d33a7bf..5f2f1b3 100644
--- a/roles/space_server/files/nftables/nftables.conf
+++ b/roles/space_server/files/nftables/nftables.conf
@@ -6,6 +6,12 @@ define labitat = 185.38.172.72
 define spacewand4 = 185.38.175.70
 define spacewand6 = 2a01:4262:1ab::cafe
 
+define spacebrain4 = 185.38.175.69
+define spacebrain6 = 2a01:4262:1ab::db
+
+define labservers4 = { $spacewand4, $spacebrain4 }
+define labservers6 = { $spacewand6, $spacebrain6 }
+
 # internal stuff
 define ext_if    = wan
 define ext_ip4   = 185.38.175.0
@@ -102,8 +108,8 @@ table ip filter {
 		ct state established,related accept
 		ct state invalid drop
 
-		# accept all traffic to spacewand
-		ip daddr $spacewand4 accept
+		# accept all traffic to Labitat servers
+		ip daddr $labservers4 accept
 
 		ip saddr $labitat udp dport 161 counter accept # traffic stats
 
@@ -164,8 +170,8 @@ table ip6 filter {
 		ct state established,related accept
 		ct state invalid drop
 
-		# accept all traffic to spacewand
-		ip6 daddr $spacewand6 accept
+		# accept all traffic to Labitat servers
+		ip6 daddr $labservers6 accept
 
 		iif $wire_if ip6 saddr $wire_net6 accept
 		iif $priv_if ip6 saddr $priv_net6 accept