muon/flake
1
0
Fork 0
mirror of https://codeberg.org/muon/home.git synced 2026-03-08 19:43:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix dns

Browse source
This commit is contained in:
muon 2026-01-01 17:00:06 +00:00
parent 02e6c06f6f
commit debd6d38cd
1 changed files with 98 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

36
modules/nixos/core/network.nix
View file

@ -1,10 +1,13 @@
{ pkgs, lib, config, ... }: {
pkgs,
let lib,
config,
...
}: let
cfg = config.mods; cfg = config.mods;
wg = cfg.wireguard; wg = cfg.wireguard;
in
in with lib; { with lib; {
options.mods = { options.mods = {
i2p.enable = mkEnableOption "enables i2p network"; i2p.enable = mkEnableOption "enables i2p network";
tailscale.enable = mkEnableOption "enables tailscale"; tailscale.enable = mkEnableOption "enables tailscale";
@ -19,7 +22,8 @@ in with lib; {
username = "${config.mods.user.name}"; username = "${config.mods.user.name}";
folder = "${config.users.users.${username}.home}/documents/openvpn/"; folder = "${config.users.users.${username}.home}/documents/openvpn/";
file = "${config.mods.user.name}.ovpn"; file = "${config.mods.user.name}.ovpn";
in mkOption { in
mkOption {
description = "the config location"; description = "the config location";
default = "${folder}${file}"; default = "${folder}${file}";
}; };
@ -28,7 +32,7 @@ in with lib; {
config = { config = {
networking.networkmanager.enable = true; networking.networkmanager.enable = true;
# networking.nameservers = [ "45.90.28.97" "45.90.30.97" ]; # networking.nameservers = [ "45.90.28.97" "45.90.30.97" ];
networking.nameservers = [ "194.242.2.4#base.dns.mullvad.net" ]; networking.nameservers = ["194.242.2.4#base.dns.mullvad.net"];
# services.resolved = { # services.resolved = {
# enable = true; # enable = true;
# dnssec = "false"; # dnssec = "false";
@ -65,27 +69,28 @@ in with lib; {
}; };
}; };
networking.firewall.allowedUDPPorts = [ 51820 16261 ]; networking.firewall.allowedUDPPorts = [51820 16261];
networking.wg-quick.interfaces = lib.mkIf (wg.id != null) { networking.wg-quick.interfaces = lib.mkIf (wg.id != null) {
wg0 = { wg0 = {
address = [ address = [
"10.0.0.${toString wg.id}/24" "10.0.0.${toString wg.id}/24"
"fdc9:281f:04d7:9ee9::${toString wg.id}/64" "fdc9:281f:04d7:9ee9::${toString wg.id}/64"
]; ];
dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ]; # dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"];
mtu = 1500; mtu = 1500;
privateKeyFile = "/home/muon/wireguard-keys/private"; privateKeyFile = "/home/muon/wireguard-keys/private";
peers = [{ peers = [
{
publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA="; publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
presharedKeyFile = presharedKeyFile = "/home/muon/wireguard-keys/psk-${config.networking.hostName}";
"/home/muon/wireguard-keys/psk-${config.networking.hostName}"; allowedIPs = ["10.0.0.${toString wg.id}/24"];
allowedIPs = [ "10.0.0.${toString wg.id}/24" ];
# allowedIPs = [ "0.0.0.0/0" ]; # allowedIPs = [ "0.0.0.0/0" ];
# ip route add 93.95.230.11 via 192.168.0.1 # ip route add 93.95.230.11 via 192.168.0.1
endpoint = "93.95.230.11:51820"; endpoint = "93.95.230.11:51820";
persistentKeepalive = 25; persistentKeepalive = 25;
}]; }
];
}; };
}; };
@ -98,6 +103,5 @@ in with lib; {
# gateway = # gateway =
# "${pkgs.networkmanager}/bin/nmcli dev show ${interface} | ${pkgs.gnugrep}/bin/fgrep IP4.GATEWAY | ${pkgs.awk}/bin/awk {print $2}"; # "${pkgs.networkmanager}/bin/nmcli dev show ${interface} | ${pkgs.gnugrep}/bin/fgrep IP4.GATEWAY | ${pkgs.awk}/bin/awk {print $2}";
}; };
} }