Add i2p

2025-12-06 08:07:45 +00:00 · 2024-09-14 14:30:04 +00:00 · 2024-09-14 14:30:04 +00:00 · 6103a43011
commit 6103a43011
parent 103f7c4813
4 changed files with 47 additions and 24 deletions
--- a/hosts/muon/configuration.nix
+++ b/hosts/muon/configuration.nix
@ -1,6 +1,5 @@
 { config, lib, pkgs, inputs, system, ... }:
-let
+let cfg = config.mods;
  cfg = config.mods;
 in {
  # Hardware
@ -10,9 +9,8 @@ in {
    inputs.actual.nixosModules.default
  ];
-  environment.systemPackages = with inputs.nix-alien.packages.${system}; [
+  environment.systemPackages = with inputs.nix-alien.packages.${system};
-    nix-alien
+    [ nix-alien ];
  ];
  # System
  mods.user.name = "muon";
@ -40,6 +38,7 @@ in {
  mods.tailscale.enable = true;
  mods.openvpn.enable = false;
  mods.wireguard.enable = true;
  mods.i2p.enable = true;
  services.xserver.windowManager.i3.enable = true;
  services.actual.enable = true;
--- a/modules/home/default.nix
+++ b/modules/home/default.nix
@ -1,5 +1,5 @@
-{ pkgs, lib, config, osConfig, ... }: let
+{ pkgs, lib, config, osConfig, ... }:
-  cfg = osConfig.mods;
+let cfg = osConfig.mods;
 in {
  imports = [
--- a/modules/home/desktop/productivity.nix
+++ b/modules/home/desktop/productivity.nix
@ -1,4 +1,4 @@
-{ pkgs, lib, config, ... }: {
+{ pkgs, lib, config, osConfig, ... }: {
  options.mods.desktop.productivity.enable =
    lib.mkEnableOption "enables gui productivity tools";
@ -6,6 +6,8 @@
    home.packages = with pkgs; [
      # ISO downloader
      qbittorrent
      xd
      biglybt
      # transmission_4-gtk
      # email
@ -33,6 +35,14 @@
      };
    };
    xdg.desktopEntries = lib.mkIf osConfig.mods.i2p.enable {
      i2p-browser = {
        name = "i2p Browser";
        genericName = "Web Browser";
        exec = "${pkgs.mullvad-browser}/bin/mullvad-browser -p i2p";
      };
    };
    # programs.qutebrowser = {
    #   enable = true;
    # };
--- a/modules/nixos/core/network.nix
+++ b/modules/nixos/core/network.nix
@ -1,5 +1,6 @@
 { pkgs, lib, config, ... }: {
  options.mods = {
    i2p.enable = lib.mkEnableOption "enables i2p network";
    tailscale.enable = lib.mkEnableOption "enables tailscale";
    wireguard.enable = lib.mkEnableOption "enables wireguard client";
    openvpn.enable = lib.mkEnableOption "enables openvpn config";
@ -20,12 +21,27 @@
    services.tailscale.enable = config.mods.tailscale.enable;
    services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
-      remote.config = ''config ${config.mods.openvpn.config}'';
+      remote.config = "config ${config.mods.openvpn.config}";
    };
-    networking.firewall = lib.mkIf config.mods.wireguard.enable {
+    networking.firewall.allowedTCPPorts = [
-      allowedUDPPorts = [ 51820 ]; # Clients and peers can use the same port, see listenport
+      7656 # default proto sam port
      7070 # default web interface port
      4447 # default socks proxy port
      4444 # default http proxy port
    ];
    services.i2pd = lib.mkIf config.mods.i2p.enable {
      enable = true;
      proto.sam.enable = true;
      address = "127.0.0.1";
      proto = {
        http.enable = true;
        socksProxy.enable = true;
        httpProxy.enable = true;
      };
    };
    networking.firewall.allowedUDPPorts = [ 51820 ];
    networking.wg-quick.interfaces = lib.mkIf config.mods.wireguard.enable {
      wg0 = {
        address = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64" ];
@ -33,16 +49,14 @@
        mtu = 1500;
        privateKeyFile = "/home/muon/wireguard-keys/private";
-        peers = [
+        peers = [{
          {
          publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
          presharedKeyFile = "/home/muon/wireguard-keys/psk-muon";
          allowedIPs = [ "0.0.0.0/0" "::/0" ];
          # ip route add 93.95.230.11 via 192.168.0.1
          endpoint = "93.95.230.11:51820";
          persistentKeepalive = 25;
-          }
+        }];
        ];
      };
    };