neb

systems/aarch64-linux/macbook-pro-nixos/default.nix

@@ -2,7 +2,12 @@
 # your system. Help is available in the configuration.nix(5) man page, on
 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
 
-{ pkgs, namespace, ... }:
+{
+  lib,
+  pkgs,
+  namespace,
+  ...
+}:
 {
   imports = [
     ./boot.nix
@@ -93,6 +98,19 @@
         iptables -I INPUT -p udp -m udp --match multiport --dports 1990,2021 -j ACCEPT
       '';
     };
+    services = {
+      nebula = {
+        enable = true;
+        port = 4242;
+        lighthouses = [ "10.1.1.1" ];
+        staticHostMap = {
+          "10.1.1.1" = [ "mjallen.dev:4242" ];
+        };
+        secretsPrefix = "macbook-pro-nixos/nebula";
+        secretsFile = lib.snowfall.fs.get-file "secrets/mac-secrets.yaml";
+        hostSecretName = "macbook-pro-nixos";
+      };
+    };
   };
 
   nixpkgs.config.allowUnsupportedSystem = true;

systems/x86_64-linux/jallen-nas/default.nix

@@ -326,7 +326,9 @@ in
       tigervnc
       tpm2-tools
       tpm2-tss
-    ];
+    ] ++ (with pkgs.${namespace}; [
+      nebula-sign-cert
+    ]);
     persistence."/media/nas/main/persist" = {
       hideMounts = true;
       directories = [

systems/x86_64-linux/matt-nixos/default.nix

@@ -72,6 +72,20 @@
     network = {
       hostName = "matt-nixos";
     };
+
+    services = {
+      nebula = {
+        enable = true;
+        port = 4242;
+        lighthouses = [ "10.1.1.1" ];
+        staticHostMap = {
+          "10.1.1.1" = [ "mjallen.dev:4242" ];
+        };
+        secretsPrefix = "matt-nixos/nebula";
+        secretsFile = lib.snowfall.fs.get-file "secrets/desktop-secrets.yaml";
+        hostSecretName = "matt-nixos";
+      };
+    };
   };
 
   programs.coolercontrol.enable = true;