2024-01-23 22:27:45 -08:00
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
# and in the NixOS manual (accessible by running `nixos-help`).
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
imports =
|
2024-03-27 03:47:54 +00:00
|
|
|
[
|
2024-01-23 22:27:45 -08:00
|
|
|
./hardware-configuration.nix
|
2024-03-27 03:47:54 +00:00
|
|
|
../default.nix
|
2024-01-23 22:27:45 -08:00
|
|
|
];
|
|
|
|
|
|
2024-03-27 04:07:04 +00:00
|
|
|
stitchyconf = {
|
|
|
|
|
form = "server";
|
|
|
|
|
};
|
|
|
|
|
|
2024-01-23 22:27:45 -08:00
|
|
|
networking.hostName = "gemini";
|
|
|
|
|
time.timeZone = "America/Los_Angeles";
|
|
|
|
|
|
|
|
|
|
# Open ports in the firewall.
|
2024-01-24 07:27:40 +00:00
|
|
|
networking.firewall.allowedTCPPorts = [ 22 25565 ];
|
2024-01-24 07:02:48 +00:00
|
|
|
networking.firewall.allowedUDPPorts = [ 51820 ];
|
|
|
|
|
|
2024-01-24 07:21:02 +00:00
|
|
|
virtualisation.docker.enable = true;
|
2024-01-24 07:02:48 +00:00
|
|
|
|
|
|
|
|
networking.wg-quick.interfaces = {
|
|
|
|
|
wg0 = {
|
|
|
|
|
address = [
|
|
|
|
|
"10.100.0.4/32"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
listenPort = 51820;
|
|
|
|
|
|
|
|
|
|
# Path to the private key file.
|
|
|
|
|
privateKeyFile = "/etc/nixos/hosts/gemini/wg.key";
|
|
|
|
|
|
|
|
|
|
peers = [{
|
|
|
|
|
publicKey = "atXy3zi3FLoxP8hgzJIIeLGks4Te9HrKkQGoaobholM=";
|
2024-03-14 01:46:44 +00:00
|
|
|
presharedKeyFile = "/etc/nixos/hosts/gemini/wg.psk";
|
2024-01-24 07:02:48 +00:00
|
|
|
allowedIPs = [ "10.100.0.0/24" ];
|
2024-01-24 07:09:53 +00:00
|
|
|
endpoint = "moms.wireguard.stitchy.moe:47111";
|
2024-01-24 07:02:48 +00:00
|
|
|
persistentKeepalive = 25;
|
|
|
|
|
}];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2024-01-23 22:27:45 -08:00
|
|
|
|
|
|
|
|
system.stateVersion = "23.05"; # Did you read the comment?
|
|
|
|
|
}
|
|
|
|
|
|
