mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
mjallen18
2024-07-03 17:15:02 -05:00
parent d0f6ac567c
commit 69fcb52692
2 changed files with 58 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
flake.lock generated
View File

@@ -11,11 +11,11 @@
"yafas": "yafas" "yafas": "yafas"
}, },
"locked": { "locked": {
"lastModified": 1719839252, "lastModified": 1719992991,
"narHash": "sha256-3kMhPtLsg+wi4A0Of0uWzqnI1n1FzNbrDUp1q/UlUc8=", "narHash": "sha256-X1WYxzXRB/KbYLML90AtMTE0mpLHtAe6avSDBh203bs=",
"owner": "chaotic-cx", "owner": "chaotic-cx",
"repo": "nyx", "repo": "nyx",
"rev": "0e99464b8956307678b60ec7540e6cad730ee825", "rev": "378c12fede02f2cbdb14508af603cbefa334bcac",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -268,11 +268,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1719827439, "lastModified": 1719992360,
"narHash": "sha256-tneHOIv1lEavZ0vQ+rgz67LPNCgOZVByYki3OkSshFU=", "narHash": "sha256-SRq0ZRkqagqpMGVf4z9q9CIWRbPYjO7FTqSJyWh7nes=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "59ce796b2563e19821361abbe2067c3bb4143a7d", "rev": "36e2f9da91ce8b63a549a47688ae60d47c50de4b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -486,11 +486,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1719681865, "lastModified": 1719895800,
"narHash": "sha256-Lp+l1IsREVbz8WM35OJYZz8sAH0XOjrZWUXVB5bJ2qg=", "narHash": "sha256-xNbjISJTFailxass4LmdWeV4jNhAlmJPwj46a/GxE6M=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "a59f00f5ac65b19382617ba00f360f8bc07ed3ac", "rev": "6e253f12b1009053eff5344be5e835f604bb64cd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -502,11 +502,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1719690277, "lastModified": 1719848872,
"narHash": "sha256-0xSej1g7eP2kaUF+JQp8jdyNmpmCJKRpO12mKl/36Kc=", "narHash": "sha256-H3+EC5cYuq+gQW8y0lSrrDZfH71LB4DAf+TDFyvwCNA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2741b4b489b55df32afac57bc4bfd220e8bf617e", "rev": "00d80d13810dbfea8ab4ed1009b09100cca86ba8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -534,11 +534,11 @@
}, },
"nixpkgs-stable_2": { "nixpkgs-stable_2": {
"locked": { "locked": {
"lastModified": 1719707984, "lastModified": 1719956923,
"narHash": "sha256-RoxIr/fbndtuKqulGvNCcuzC6KdAib85Q8gXnjzA1dw=", "narHash": "sha256-nNJHJ9kfPdzYsCOlHOnbiiyKjZUW5sWbwx3cakg3/C4=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7dca15289a1c2990efbe4680f0923ce14139b042", "rev": "706eef542dec88cc0ed25b9075d3037564b2d164",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -550,11 +550,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1719690277, "lastModified": 1719848872,
"narHash": "sha256-0xSej1g7eP2kaUF+JQp8jdyNmpmCJKRpO12mKl/36Kc=", "narHash": "sha256-H3+EC5cYuq+gQW8y0lSrrDZfH71LB4DAf+TDFyvwCNA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2741b4b489b55df32afac57bc4bfd220e8bf617e", "rev": "00d80d13810dbfea8ab4ed1009b09100cca86ba8",
"type": "github" "type": "github"
}, },
"original": { "original": {

40
hosts/nas/configuration.nix
View File

@@ -19,6 +19,8 @@ let
3493 3493
61208 61208
9090 9090
# config.services.tailscale.port
# 22
]; ];
enableDisplayManager = false; enableDisplayManager = false;
# adding a flag cause nixos cant figure itself out and broke shit that cant be fixed # adding a flag cause nixos cant figure itself out and broke shit that cant be fixed
@@ -294,10 +296,44 @@ in
} }
]; ];
}; };
tailscale = {
enable = true;
openFirewall = true;
useRoutingFeatures = "client";
extraUpFlags = [ "--advertise-exit-node" ];
};
}; };
systemd.services = { systemd.services = {
tailscale-autoconnect = {
description = "Automatic connection to Tailscale";
# make sure tailscale is running before trying to connect to tailscale
after = [ "network-pre.target" "tailscale.service" ];
wants = [ "network-pre.target" "tailscale.service" ];
wantedBy = [ "multi-user.target" ];
# set this service as a oneshot job
serviceConfig.Type = "oneshot";
# have the job run this shell script
script = with pkgs; ''
# wait for tailscaled to settle
sleep 2
# check if we are already authenticated to tailscale
status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
if [ $status = "Running" ]; then # if so, then do nothing
exit 0
fi
# otherwise authenticate with tailscale
${tailscale}/bin/tailscale up -authkey tskey-auth-kVqyntEixG11CNTRL-kKAYioBRVBHKa4rCqUmv9HVGMnvQiwBZh
'';
};
glances-server = { glances-server = {
path = [ path = [
pkgs.bash pkgs.bash
@@ -344,6 +380,9 @@ in
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed? extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
allowedTCPPorts = allowedPorts; allowedTCPPorts = allowedPorts;
allowedUDPPorts = allowedPorts; allowedUDPPorts = allowedPorts;
# always allow traffic from your Tailscale network
trustedInterfaces = [ "tailscale0" ];
}; };
}; };
@@ -399,6 +438,7 @@ in
unstable.gpt4all unstable.gpt4all
lm_sensors lm_sensors
htop htop
tailscale
tpm2-tools tpm2-tools
tpm2-tss tpm2-tss
cryptsetup cryptsetup