67 lines
1.2 KiB
Nix
67 lines
1.2 KiB
Nix
{
|
|
inputs,
|
|
outputs,
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
hostname = "jallen-nas";
|
|
ipAddress = "10.0.1.18";
|
|
gateway = "10.0.1.1";
|
|
allowedPorts = [
|
|
2342
|
|
3493
|
|
61208
|
|
9090
|
|
9000
|
|
# config.services.tailscale.port
|
|
# 22
|
|
];
|
|
in
|
|
{
|
|
# Networking configs enp7s0
|
|
networking = {
|
|
hostName = hostname;
|
|
|
|
hostId = "4b501480";
|
|
|
|
# Enable Network Manager
|
|
networkmanager.enable = false;
|
|
|
|
interfaces = {
|
|
wlp6s0.ipv4.addresses = [
|
|
{
|
|
address = ipAddress;
|
|
prefixLength = 24;
|
|
}
|
|
];
|
|
};
|
|
|
|
defaultGateway.address = gateway;
|
|
nameservers = [ gateway ];
|
|
|
|
wireless = {
|
|
enable = true;
|
|
environmentFile = config.sops.secrets."wifi".path;
|
|
networks = {
|
|
"Joey's Jungle 5G" = {
|
|
psk = "@PSK@";
|
|
};
|
|
};
|
|
};
|
|
|
|
firewall = {
|
|
enable = true;
|
|
allowPing = true;
|
|
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
|
|
allowedTCPPorts = allowedPorts;
|
|
allowedUDPPorts = allowedPorts;
|
|
|
|
# always allow traffic from your Tailscale network
|
|
trustedInterfaces = [ "tailscale0" ];
|
|
};
|
|
};
|
|
}
|