mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

desktop is building I guess, idk, need to start commiting stuff eventually lmao

Browse Source
This commit is contained in:
mjallen18
2025-07-17 20:57:18 -05:00
parent 6c7c76887b
commit 442c24997d
219 changed files with 3166 additions and 3583 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
systems/x86_64-linux/nas/networking.nix Executable file
View File

@@ -0,0 +1,94 @@
{ config, ... }:
let
settings = import ./settings.nix;
ports = [
8008 # restic
9000 # authentik
2342 # grafana
51820 # wireguard
1025
1143
10200
10300
8127
9980 # onlyoffice
4000 # netbootxyz
4080 # netbootxyz
3000 # gitea
2222 # gitea ssh
3300
9898
6754 # lubelogger
2283 # immich
4444 # code-server
9012
8192
];
in
{
# Networking configs
networking = {
hostName = settings.hostName;
useNetworkd = true;
hostId = "4b501480";
# Disable Network Manager
networkmanager = {
enable = true;
ensureProfiles = {
environmentFiles = [
config.sops.secrets.wifi.path
];
profiles = {
"Joey's Jungle 6G" = {
connection = {
id = "Joey's Jungle 6G";
type = "wifi";
};
ipv4 = {
address1 = "${settings.hostAddress}/24";
dns = "10.0.1.1";
gateway = "10.0.1.1";
method = "manual";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
method = "auto";
};
wifi = {
mode = "infrastructure";
ssid = "Joey's Jungle 6G";
};
wifi-security = {
key-mgmt = "sae";
psk = "$PSK";
};
};
};
};
};
nat = {
enable = true;
internalInterfaces = [ "ve-+" ];
externalInterface = "wlp6s0";
# Lazy IPv6 connectivity for the container
enableIPv6 = true;
};
firewall = {
enable = true;
allowPing = true;
allowedTCPPorts = ports;
allowedUDPPorts = ports;
# always allow traffic from your Tailscale network
trustedInterfaces = [ "tailscale0" ];
};
};
}