86 lines
1.7 KiB
Nix
Executable File
86 lines
1.7 KiB
Nix
Executable File
{ config, ... }:
|
|
let
|
|
hostname = "jallen-nas";
|
|
ports = [
|
|
8008 # restic
|
|
9000 # authentik
|
|
2342 # grafana
|
|
51820 # wireguard
|
|
19999 # netdata
|
|
1025
|
|
1143
|
|
10200
|
|
10300
|
|
8127
|
|
9980 # onlyoffice
|
|
4000 # netbootxyz
|
|
4080 # netbootxyz
|
|
];
|
|
in
|
|
{
|
|
# Networking configs
|
|
networking = {
|
|
hostName = hostname;
|
|
|
|
useNetworkd = true;
|
|
|
|
hostId = "4b501480";
|
|
|
|
# Disable Network Manager
|
|
networkmanager = {
|
|
enable = true;
|
|
ensureProfiles = {
|
|
environmentFiles = [
|
|
config.sops.secrets.wifi.path
|
|
];
|
|
|
|
profiles = {
|
|
"Joey's Jungle 6G" = {
|
|
connection = {
|
|
id = "Joey's Jungle 6G";
|
|
type = "wifi";
|
|
};
|
|
ipv4 = {
|
|
address1 = "10.0.1.18/24";
|
|
dns = "10.0.1.1";
|
|
gateway = "10.0.1.1";
|
|
method = "manual";
|
|
};
|
|
ipv6 = {
|
|
addr-gen-mode = "stable-privacy";
|
|
method = "auto";
|
|
};
|
|
wifi = {
|
|
mode = "infrastructure";
|
|
ssid = "Joey's Jungle 6G";
|
|
};
|
|
wifi-security = {
|
|
key-mgmt = "sae";
|
|
psk = "$PSK";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
nat = {
|
|
enable = true;
|
|
internalInterfaces = [ "ve-+" ];
|
|
externalInterface = "wlp6s0";
|
|
# Lazy IPv6 connectivity for the container
|
|
enableIPv6 = true;
|
|
};
|
|
|
|
firewall = {
|
|
enable = true;
|
|
allowPing = true;
|
|
|
|
allowedTCPPorts = ports;
|
|
allowedUDPPorts = ports;
|
|
|
|
# always allow traffic from your Tailscale network
|
|
trustedInterfaces = [ "tailscale0" ];
|
|
};
|
|
};
|
|
}
|