mirror of
https://codeberg.org/muon/home.git
synced 2025-12-06 08:07:45 +00:00
Merge branch 'homelab'
This commit is contained in:
commit
8bbe4f9a6c
26 changed files with 767 additions and 237 deletions
|
|
@ -1,14 +1,24 @@
|
|||
{ pkgs, lib, config, ... }: {
|
||||
{ pkgs, lib, config, ... }:
|
||||
|
||||
let
|
||||
cfg = config.mods;
|
||||
wg = cfg.wireguard;
|
||||
|
||||
in with lib; {
|
||||
options.mods = {
|
||||
i2p.enable = lib.mkEnableOption "enables i2p network";
|
||||
tailscale.enable = lib.mkEnableOption "enables tailscale";
|
||||
wireguard.enable = lib.mkEnableOption "enables wireguard client";
|
||||
openvpn.enable = lib.mkEnableOption "enables openvpn config";
|
||||
i2p.enable = mkEnableOption "enables i2p network";
|
||||
tailscale.enable = mkEnableOption "enables tailscale";
|
||||
wireguard.enable = mkEnableOption "enables wireguard client";
|
||||
wireguard.id = mkOption {
|
||||
type = with types; nullOr ints.u8;
|
||||
default = null;
|
||||
};
|
||||
openvpn.enable = mkEnableOption "enables openvpn config";
|
||||
openvpn.config = let
|
||||
username = "${config.mods.user.name}";
|
||||
folder = "${config.users.users.${username}.home}/documents/openvpn/";
|
||||
file = "${config.mods.user.name}.ovpn";
|
||||
in lib.mkOption {
|
||||
in mkOption {
|
||||
description = "the config location";
|
||||
default = "${folder}${file}";
|
||||
};
|
||||
|
|
@ -18,10 +28,10 @@
|
|||
networking.networkmanager.enable = true;
|
||||
services.resolved.enable = true;
|
||||
|
||||
services.tailscale.enable = config.mods.tailscale.enable;
|
||||
services.tailscale.enable = cfg.tailscale.enable;
|
||||
|
||||
services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
|
||||
remote.config = "config ${config.mods.openvpn.config}";
|
||||
services.openvpn.servers = mkIf cfg.openvpn.enable {
|
||||
remote.config = "config ${cfg.openvpn.config}";
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
|
|
@ -30,7 +40,7 @@
|
|||
4447 # default socks proxy port
|
||||
4444 # default http proxy port
|
||||
];
|
||||
services.i2pd = lib.mkIf config.mods.i2p.enable {
|
||||
services.i2pd = lib.mkIf cfg.i2p.enable {
|
||||
enable = true;
|
||||
proto.sam.enable = true;
|
||||
address = "127.0.0.1";
|
||||
|
|
@ -42,16 +52,17 @@
|
|||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = [ 51820 ];
|
||||
networking.wg-quick.interfaces = lib.mkIf config.mods.wireguard.enable {
|
||||
networking.wg-quick.interfaces = lib.mkIf (wg.id != null) {
|
||||
wg0 = {
|
||||
address = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64" ];
|
||||
address = [ "10.0.0.${wg.id}/24" "fdc9:281f:04d7:9ee9::${wg.id}/64" ];
|
||||
dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ];
|
||||
mtu = 1500;
|
||||
privateKeyFile = "/home/muon/wireguard-keys/private";
|
||||
|
||||
peers = [{
|
||||
publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
|
||||
presharedKeyFile = "/home/muon/wireguard-keys/psk-muon";
|
||||
presharedKeyFile =
|
||||
"/home/muon/wireguard-keys/psk-${config.networking.hostName}";
|
||||
allowedIPs = [ "0.0.0.0/0" "::/0" ];
|
||||
# ip route add 93.95.230.11 via 192.168.0.1
|
||||
endpoint = "93.95.230.11:51820";
|
||||
|
|
@ -60,24 +71,5 @@
|
|||
};
|
||||
};
|
||||
|
||||
# networking.wireguard.interfaces = lib.mkIf config.mods.wireguard.enable {
|
||||
# wg0 = {
|
||||
# ips = [ "10.100.0.2/24" ];
|
||||
# listenPort = 51820;
|
||||
|
||||
# privateKeyFile = "/home/muon/wireguard-keys/private";
|
||||
|
||||
# peers = [
|
||||
# {
|
||||
# publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
|
||||
# allowedIPs = [ "0.0.0.0/0" ];
|
||||
# # ip route add 93.95.230.11 via 192.168.0.1
|
||||
# endpoint = "93.95.230.11:51820";
|
||||
# persistentKeepalive = 25;
|
||||
# }
|
||||
# ];
|
||||
# };
|
||||
# };
|
||||
|
||||
};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue