VSinerva/nixos-conf
1
0
Fork 0
Code Activity Actions

Initial wireguard IPv6 test

Browse source
This commit is contained in:
Vili Sinervä 2024-09-24 20:01:29 +03:00
parent 91193a9e8f
commit 60fe1a949b
No known key found for this signature in database
GPG key ID: DF8FEAF54EFAC996
3 changed files with 67 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

32
machine-confs/helium.nix
View file

@ -3,14 +3,11 @@
networking = { networking = {
hostName = "helium"; hostName = "helium";
firewall.allowedUDPPorts = [ firewall.allowedUDPPorts = [ 51820 ];
51820
51821
];
wg-quick.interfaces = { wg-quick.interfaces = {
wg0 = { wg0 = {
autostart = true; autostart = false;
address = [ "172.16.0.2/24" ]; address = [ "172.16.0.2/24" ];
dns = [ dns = [
"192.168.0.1" "192.168.0.1"
@ -32,7 +29,7 @@
address = [ "10.100.0.7/24" ]; address = [ "10.100.0.7/24" ];
dns = [ "1.1.1.1" ]; dns = [ "1.1.1.1" ];
privateKeyFile = "/root/wireguard-keys/privatekey-netflix"; privateKeyFile = "/root/wireguard-keys/privatekey-netflix";
listenPort = 51821; listenPort = 51820;
peers = [ peers = [
{ {
@ -45,10 +42,31 @@
} }
]; ];
}; };
wg2 = {
autostart = true;
address = [ "fd08:d473:bcca:f0::2/64" ];
dns = [
"fd08:d473:bcca::1"
"vsinerva.fi"
];
privateKeyFile = "/root/wireguard-keys/privatekey-home";
listenPort = 51820;
peers = [
{
publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
allowedIPs = [
"fd08:d473:bcca::/64"
"fd08:d473:bcca:f0::/64"
];
endpoint = "wg.vsinerva.fi:51821";
}
];
};
}; };
}; };
# Dirty hack to fix autostart failing due to DNS lookups # Dirty hack to fix autostart failing due to DNS lookups
systemd.services."wg-quick-wg0".serviceConfig = { systemd.services."wg-quick-wg2".serviceConfig = {
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "1s"; RestartSec = "1s";
}; };

29
machine-confs/lithium.nix
View file

@ -5,8 +5,9 @@
firewall.allowedUDPPorts = [ 51820 ]; firewall.allowedUDPPorts = [ 51820 ];
wg-quick.interfaces.wg0 = { wg-quick.interfaces = {
autostart = true; wg0 = {
autostart = false;
address = [ "172.16.0.4/24" ]; address = [ "172.16.0.4/24" ];
dns = [ dns = [
"192.168.0.1" "192.168.0.1"
@ -23,9 +24,31 @@
} }
]; ];
}; };
wg1 = {
autostart = true;
address = [ "fd08:d473:bcca:f0::3/64" ];
dns = [
"fd08:d473:bcca::1"
"vsinerva.fi"
];
privateKeyFile = "/root/wireguard-keys/privatekey-home";
listenPort = 51820;
peers = [
{
publicKey = "f9QoYPxyaxylUcOI9cE9fE9DJoEX4c6GUtr4p+rsd34=";
allowedIPs = [
"fd08:d473:bcca::/64"
"fd08:d473:bcca:f0::/64"
];
endpoint = "wg.vsinerva.fi:51821";
}
];
};
};
}; };
# Dirty hack to fix autostart failing due to DNS lookups # Dirty hack to fix autostart failing due to DNS lookups
systemd.services."wg-quick-wg0".serviceConfig = { systemd.services."wg-quick-wg1".serviceConfig = {
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "1s"; RestartSec = "1s";
}; };

4
services/syncthing.nix
View file

@ -18,11 +18,11 @@
devices = { devices = {
"helium" = { "helium" = {
id = "2MRUBSY-NHXYMAW-SY22RHP-CNNMHKR-DPDKMM4-2XV5F6M-6KSNLQI-DD4EOAM"; id = "2MRUBSY-NHXYMAW-SY22RHP-CNNMHKR-DPDKMM4-2XV5F6M-6KSNLQI-DD4EOAM";
addresses = [ "tcp://172.16.0.2:22000" ]; addresses = [ "tcp://[fd08:d473:bcca:f0::2]:22000" ];
}; };
"lithium" = { "lithium" = {
id = "S4ZORDV-QBY7QC7-FQHADMZ-NQSKJUA-7B7LQNS-CWJLSMG-JPMN7YJ-OVRDZQA"; id = "S4ZORDV-QBY7QC7-FQHADMZ-NQSKJUA-7B7LQNS-CWJLSMG-JPMN7YJ-OVRDZQA";
addresses = [ "tcp://172.16.0.4:22000" ]; addresses = [ "tcp://[fd08:d473:bcca:f0::3]:22000" ];
}; };
"nixos-cpu" = { "nixos-cpu" = {
id = "ZX35ARB-3ULEUV3-NNUEREF-DEDWOJU-GE7A4PP-T7O43NI-SU564OD-E26HHA4"; id = "ZX35ARB-3ULEUV3-NNUEREF-DEDWOJU-GE7A4PP-T7O43NI-SU564OD-E26HHA4";