muon/flake
1
0
Fork 0
mirror of https://codeberg.org/muon/home.git synced 2025-12-06 08:07:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'homelab'

Browse source
This commit is contained in:
muon 2024-11-29 16:31:15 +00:00
commit 8bbe4f9a6c
26 changed files with 767 additions and 237 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/nixos/core/boot.nix
View file

@ -1,17 +1,18 @@
{ pkgs, lib, config, ... }: {
options.mods = {
boot.enable = lib.mkEnableOption {
description = "enables grub";
description = "enables grub";
default = true;
};
};
config = lib.mkIf config.mods.boot.enable {
boot.loader = lib.mkIf config.mods.xorg.enable {
timeout = 0;
timeout = 2;
efi.canTouchEfiVariables = true;
grub = {
enable = true;
zfsSupport = true;
efiSupport = true;
device = "nodev";
gfxmodeEfi = config.mods.monitors.primary.config.mode;

56
modules/nixos/core/network.nix
View file

@ -1,14 +1,24 @@
{ pkgs, lib, config, ... }: {
{ pkgs, lib, config, ... }:
let
cfg = config.mods;
wg = cfg.wireguard;
in with lib; {
options.mods = {
i2p.enable = lib.mkEnableOption "enables i2p network";
tailscale.enable = lib.mkEnableOption "enables tailscale";
wireguard.enable = lib.mkEnableOption "enables wireguard client";
openvpn.enable = lib.mkEnableOption "enables openvpn config";
i2p.enable = mkEnableOption "enables i2p network";
tailscale.enable = mkEnableOption "enables tailscale";
wireguard.enable = mkEnableOption "enables wireguard client";
wireguard.id = mkOption {
type = with types; nullOr ints.u8;
default = null;
};
openvpn.enable = mkEnableOption "enables openvpn config";
openvpn.config = let
username = "${config.mods.user.name}";
folder = "${config.users.users.${username}.home}/documents/openvpn/";
file = "${config.mods.user.name}.ovpn";
in lib.mkOption {
in mkOption {
description = "the config location";
default = "${folder}${file}";
};
@ -18,10 +28,10 @@
networking.networkmanager.enable = true;
services.resolved.enable = true;
services.tailscale.enable = config.mods.tailscale.enable;
services.tailscale.enable = cfg.tailscale.enable;
services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
remote.config = "config ${config.mods.openvpn.config}";
services.openvpn.servers = mkIf cfg.openvpn.enable {
remote.config = "config ${cfg.openvpn.config}";
};
networking.firewall.allowedTCPPorts = [
@ -30,7 +40,7 @@
4447 # default socks proxy port
4444 # default http proxy port
];
services.i2pd = lib.mkIf config.mods.i2p.enable {
services.i2pd = lib.mkIf cfg.i2p.enable {
enable = true;
proto.sam.enable = true;
address = "127.0.0.1";
@ -42,16 +52,17 @@
};
networking.firewall.allowedUDPPorts = [ 51820 ];
networking.wg-quick.interfaces = lib.mkIf config.mods.wireguard.enable {
networking.wg-quick.interfaces = lib.mkIf (wg.id != null) {
wg0 = {
address = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64" ];
address = [ "10.0.0.${wg.id}/24" "fdc9:281f:04d7:9ee9::${wg.id}/64" ];
dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ];
mtu = 1500;
privateKeyFile = "/home/muon/wireguard-keys/private";
peers = [{
publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
presharedKeyFile = "/home/muon/wireguard-keys/psk-muon";
presharedKeyFile =
"/home/muon/wireguard-keys/psk-${config.networking.hostName}";
allowedIPs = [ "0.0.0.0/0" "::/0" ];
# ip route add 93.95.230.11 via 192.168.0.1
endpoint = "93.95.230.11:51820";
@ -60,24 +71,5 @@
};
};
# networking.wireguard.interfaces = lib.mkIf config.mods.wireguard.enable {
# wg0 = {
# ips = [ "10.100.0.2/24" ];
# listenPort = 51820;
# privateKeyFile = "/home/muon/wireguard-keys/private";
# peers = [
# {
# publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
# allowedIPs = [ "0.0.0.0/0" ];
# # ip route add 93.95.230.11 via 192.168.0.1
# endpoint = "93.95.230.11:51820";
# persistentKeepalive = 25;
# }
# ];
# };
# };
};
}