mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
fbb4b730af4342cd83c11837fe95ae43aaef7a4c
nix-config/hosts/nas/networking.nix
mjallen18 fbb4b730af networking
2024-10-12 14:34:21 -05:00

102 lines
2.1 KiB
Nix
Raw Blame History

{ config, ... }:
let
hostname = "jallen-nas";
ipAddress = "10.0.1.18";
gateway = "10.0.1.1";
allowedPorts = [
2342
3493
61208
9090
9000
# config.services.tailscale.port
# 22
];
in
{
# Networking configs wlp7s0
networking = {
hostName = hostname;
hostId = "4b501480";
# Enable Network Manager
networkmanager.enable = false;
interfaces = {
wlp7s0 = {
useDHCP = true;
ipv4.addresses = [
{
address = ipAddress;
prefixLength = 24;
}
];
};
# br0 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = ipAddress;
# prefixLength = 24;
# }
# ];
# };
};
# bridges = {
# br0 = {
# interfaces = [ "wlp6s0" ];
# };
# };
defaultGateway.address = gateway;
nameservers = [ gateway ];
wireless = {
enable = true;
userControlled.enable = true;
secretsFile = config.sops.secrets."wifi".path;
allowAuxiliaryImperativeNetworks = true;
interfaces = [
"wlp7s0"
];
networks = {
"Joey's Jungle 6G" = {
# pskRaw = "ext:PSK";
# priority = 1000;
psk = "kR8v&3Qd";
extraConfig = ''
key_mgmt=SAE
ieee80211w=2
'';
};
# "Joey's Jungle 5G" = {
# pskRaw = "ext:PSK";
# priority = 1;
# };
};
};
firewall = {
enable = true;
allowPing = true;
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
allowedTCPPorts = allowedPorts;
allowedUDPPorts = allowedPorts;
# always allow traffic from your Tailscale network
trustedInterfaces = [ "tailscale0" ];
};
# nat = {
# enable = true;
# internalInterfaces = ["ve-+"];
# externalInterface = "wlp9s0";
# # Lazy IPv6 connectivity for the container
# enableIPv6 = true;
# };
};
}
Reference in New Issue View Git Blame Copy Permalink