2024-11-06 22:14:25 +02:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
{
|
|
|
|
|
imports = [ ../base.nix ];
|
|
|
|
|
|
2024-11-08 15:41:54 +02:00
|
|
|
# Networking conf including WireGuard
|
2024-11-08 13:21:13 +02:00
|
|
|
networking = {
|
|
|
|
|
hostName = "exoplasim";
|
|
|
|
|
|
2024-11-08 14:39:53 +02:00
|
|
|
firewall.allowedUDPPorts = [ 51821 ];
|
2024-11-08 13:21:13 +02:00
|
|
|
|
2024-11-08 14:39:53 +02:00
|
|
|
wg-quick.interfaces = {
|
|
|
|
|
wg0 = {
|
|
|
|
|
address = [ "10.0.0.1/24" ];
|
|
|
|
|
privateKeyFile = "/root/wireguard-keys/privatekey";
|
|
|
|
|
listenPort = 51821;
|
|
|
|
|
|
|
|
|
|
peers = [
|
2024-11-08 15:41:54 +02:00
|
|
|
# {
|
|
|
|
|
# publicKey = "TODO";
|
|
|
|
|
# presharedKeyFile = "/root/wireguard-keys/psk";
|
|
|
|
|
# allowedIPs = [ "10.0.0.2/32" ];
|
|
|
|
|
# }
|
2024-11-08 14:39:53 +02:00
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-11-08 13:21:13 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# User worker
|
|
|
|
|
users.users.worker = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
home = "/home/worker";
|
|
|
|
|
description = "ExoPlaSim Worker";
|
|
|
|
|
uid = 1001;
|
|
|
|
|
extraGroups = [ "networkmanager" ];
|
2024-11-08 14:39:53 +02:00
|
|
|
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys ++ [
|
|
|
|
|
# TODO add user-specific key
|
|
|
|
|
];
|
2024-11-08 13:21:13 +02:00
|
|
|
};
|
|
|
|
|
users.groups.worker.gid = 1001;
|
|
|
|
|
|
2024-11-06 22:14:25 +02:00
|
|
|
# HARDWARE SPECIFIC
|
|
|
|
|
services.qemuGuest.enable = true;
|
|
|
|
|
}
|
