update

2022-09-24 02:00:42 +01:00 · 2022-09-24 02:00:42 +01:00 · 645827b7be
parent 6c9d1caf61
commit 645827b7be
1 changed files with 24 additions and 4 deletions
--- a/hosts/leoncloud/default.nix
+++ b/hosts/leoncloud/default.nix
@ -10,7 +10,7 @@ let
 in
 {
  microvm = {
-    mem = 1024;
+    mem = 4024;

    writableStoreOverlay = "/nix/.rw-store";

@ -30,7 +30,7 @@ in
  };

  networking = {
-    hostName = "leoncloud";
+    hostName = "docker-server";
    firewall.enable = true;
  };

@ -49,7 +49,7 @@ in

  users.users.leoncloud = {
    isNormalUser = true;
-    extraGroups = [ "wheel" ];
+    extraGroups = [ "wheel" "docker" ];
    createHome = true;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2zpmWA3Z9zshWaU8k1SWyJnbAyasOu9pV+9BvTY0XE leon@¯\_(ツ)_/¯"
@ -59,7 +59,7 @@ in

  networking.firewall = {
    allowedTCPPorts = [ 80 443 22 ];
-    allowedUDPPorts = [ ];  
+    allowedUDPPorts = [ 51820 ];  
  };
 #------------------DOCKER----------------------------

@ -67,5 +67,25 @@ in

 #------------------DOCKER----------------------------

+
+#------------------Wireguard-client----------------------------
+# Enable WireGuard
+  networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.10.11.4/24" ];
+      listenPort = 51820;
+      privateKeyFile = "/etc/nixos/wireguard-keys/private-key";
+
+      peers = [
+        {
+          publicKey = "w3qegSSuqFTFrGk4XJaWBSwGDOiqbnnAIR9MzwjYVA8=";
+          allowedIPs = [ "10.10.11.0" ];
+          endpoint = "81.201.149.152:18800";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+#------------------End----------------------------
  system.stateVersion = "22.05";
 }