67 lines
1.2 KiB
Nix
67 lines
1.2 KiB
Nix
{
|
||
inputs,
|
||
outputs,
|
||
config,
|
||
lib,
|
||
pkgs,
|
||
...
|
||
}:
|
||
let
|
||
hostname = "jallen-nas";
|
||
ipAddress = "10.0.1.18";
|
||
gateway = "10.0.1.1";
|
||
password = "kR8v&3Qd";
|
||
allowedPorts = [
|
||
2342
|
||
3493
|
||
61208
|
||
9090
|
||
# config.services.tailscale.port
|
||
# 22
|
||
];
|
||
in
|
||
{
|
||
# Networking configs enp7s0
|
||
networking = {
|
||
hostName = hostname;
|
||
|
||
hostId = "4b501480";
|
||
|
||
# Enable Network Manager
|
||
networkmanager.enable = false;
|
||
|
||
interfaces = {
|
||
wlp6s0.ipv4.addresses = [
|
||
{
|
||
address = ipAddress;
|
||
prefixLength = 24;
|
||
}
|
||
];
|
||
};
|
||
|
||
defaultGateway.address = gateway;
|
||
nameservers = [ gateway ];
|
||
|
||
wireless = {
|
||
enable = true;
|
||
networks = {
|
||
"Joey’s Jungle" = {
|
||
psk = password;
|
||
# extraConfig = "bssid_blacklist=34:60:F9:8F:FE:7B";
|
||
};
|
||
};
|
||
};
|
||
|
||
firewall = {
|
||
enable = true;
|
||
allowPing = true;
|
||
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
|
||
allowedTCPPorts = allowedPorts;
|
||
allowedUDPPorts = allowedPorts;
|
||
|
||
# always allow traffic from your Tailscale network
|
||
trustedInterfaces = [ "tailscale0" ];
|
||
};
|
||
};
|
||
}
|