cry/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

progress home-manager (hyrule)

Browse source
This commit is contained in:
Emile Clark-Boman 2026-01-20 09:23:02 +10:00
parent c4464eeba2
commit 5bae1d546a
1 changed files with 52 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

53
hosts/hyrule/default.nix
View file

@ -7,7 +7,7 @@
}: let
home-manager = builtins.fetchTarball {
url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz";
sha256 = "0d41gr0c89a4y4lllzdgmbm54h9kn9fjnmavwpgw0w9xwqwnzpax";
sha256 = "07pk5m6mxi666dclaxdwf7xrinifv01vvgxn49bjr8rsbh31syaq";
};
in {
imports = [
@ -87,6 +87,56 @@ in {
# 8222 (INTERNAL) vaultwarden
45000 # minecaft server
];
allowedUDPPorts = [
54231 # Wireguard
];
};
# wireguard.interfaces = {
# wg0 = {
# ips = ["10.10.10.4/24"]; # my IP and the subnet (keyword: "AND")
# listenPort = 54231;
#
# privateKeyFile = "/root/wg_agrivpn_hyrule";
#
# peers = [
# {
# # peer's public key
# publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY=";
#
# # choose which traffic to forward
# allowedIPs = ["10.0.51.0/24" "10.10.10.0/24"];
#
# # TODO: route to endpoint not automatically configured https://wiki.archlinux.org/index.php/WireGuard#Loop_routing https://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577
# endpoint = "150.242.34.33:54231";
#
# # send keepalives every 25 seconds. Important to keep NAT tables alive.
# persistentKeepalive = 25;
# }
# ];
# };
# };
wg-quick.interfaces = {
wg0 = {
address = [
"10.10.10.4/24"
];
dns = ["10.10.10.1"];
privateKeyFile = "/root/wg_agrivpn_hyrule";
peers = [
{
# peer's public key
publicKey = "iZ4aqYjbT8O8tfUHEuV+yWLtdoQbdBb6Nt0M4usMSiY=";
# choose which traffic to forward
allowedIPs = [
"10.0.51.0/24"
"10.10.10.0/24"
];
endpoint = "150.242.34.33:54231";
}
];
};
};
};
@ -451,6 +501,7 @@ in {
};
environment.systemPackages = with pkgs; [
eza
git
vim
helix