103 lines
2.1 KiB
Nix
103 lines
2.1 KiB
Nix
{ config, ... }:
|
|
let
|
|
hostname = "jallen-nas";
|
|
ipAddress = "10.0.1.18";
|
|
ipAddress2 = "10.0.1.19";
|
|
gateway = "10.0.1.1";
|
|
allowedPorts = [
|
|
2342
|
|
3493
|
|
61208
|
|
9090
|
|
9000
|
|
# config.services.tailscale.port
|
|
# 22
|
|
];
|
|
in
|
|
{
|
|
# Networking configs wlp7s0
|
|
networking = {
|
|
hostName = hostname;
|
|
|
|
hostId = "4b501480";
|
|
|
|
# Enable Network Manager
|
|
networkmanager.enable = false;
|
|
|
|
interfaces = {
|
|
wlp6s0 = {
|
|
useDHCP = true;
|
|
ipv4.addresses = [
|
|
{
|
|
address = ipAddress;
|
|
prefixLength = 24;
|
|
}
|
|
];
|
|
};
|
|
|
|
# br0 = {
|
|
# useDHCP = false;
|
|
# ipv4.addresses = [
|
|
# {
|
|
# address = ipAddress;
|
|
# prefixLength = 24;
|
|
# }
|
|
# ];
|
|
# };
|
|
};
|
|
|
|
# bridges = {
|
|
# br0 = {
|
|
# interfaces = [ "wlp6s0" ];
|
|
# };
|
|
# };
|
|
|
|
defaultGateway.address = gateway;
|
|
nameservers = [ gateway ];
|
|
|
|
wireless = {
|
|
enable = true;
|
|
userControlled.enable = true;
|
|
secretsFile = config.sops.secrets."wifi".path;
|
|
allowAuxiliaryImperativeNetworks = true;
|
|
interfaces = [
|
|
"wlp6s0"
|
|
];
|
|
networks = {
|
|
"Joey's Jungle 6G" = {
|
|
# pskRaw = "ext:PSK";
|
|
# priority = 1000;
|
|
psk = "kR8v&3Qd";
|
|
extraConfig = ''
|
|
key_mgmt=SAE
|
|
ieee80211w=2
|
|
'';
|
|
};
|
|
# "Joey's Jungle 5G" = {
|
|
# pskRaw = "ext:PSK";
|
|
# priority = 1;
|
|
# };
|
|
};
|
|
};
|
|
|
|
firewall = {
|
|
enable = true;
|
|
allowPing = true;
|
|
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
|
|
allowedTCPPorts = allowedPorts;
|
|
allowedUDPPorts = allowedPorts;
|
|
|
|
# always allow traffic from your Tailscale network
|
|
trustedInterfaces = [ "tailscale0" ];
|
|
};
|
|
|
|
# nat = {
|
|
# enable = true;
|
|
# internalInterfaces = ["ve-+"];
|
|
# externalInterface = "wlp9s0";
|
|
# # Lazy IPv6 connectivity for the container
|
|
# enableIPv6 = true;
|
|
# };
|
|
};
|
|
}
|