Merge pull request 'update' (#65) from leon/nix-config:vps-leon into master

Reviewed-on: #65
2022-09-25 15:57:00 +02:00 · 2022-09-25 15:57:00 +02:00 · 96bae6b4e2
parent 6c9d1caf61 51db5ae34e
commit 96bae6b4e2
2 changed files with 31 additions and 6 deletions
--- a/hosts/leon/default.nix
+++ b/hosts/leon/default.nix
@ -120,7 +120,12 @@

      peers = [
          # ------------------leon-------------------------.
-        { 
+        {
+		  #leoncloud-vm
+		  publicKey = "YhcC/xMYxh7GIyndbgBZ05oE3aTJXK4T7JgZwUDyd08=";
+          allowedIPs = [ "10.10.11.4" ];
+		}
+		{ 
          #My_laptop
 		  publicKey = "okZuIQ90J49IJ3s+/dZyLthvo4rR2kclmTL54Ykglio=";
          allowedIPs = [ "10.10.11.2" ];
--- a/hosts/leoncloud/default.nix
+++ b/hosts/leoncloud/default.nix
@ -10,7 +10,7 @@ let
 in
 {
  microvm = {
-    mem = 1024;
+    mem = 4024;

    writableStoreOverlay = "/nix/.rw-store";

@ -30,7 +30,7 @@ in
  };

  networking = {
-    hostName = "leoncloud";
+    hostName = "docker-server";
    firewall.enable = true;
  };

@ -44,12 +44,12 @@ in
  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
-    wget vim python3Full nmap htop wireguard-tools 
+    wget vim python3Full nmap htop wireguard-tools docker-compose 
  ];

  users.users.leoncloud = {
    isNormalUser = true;
-    extraGroups = [ "wheel" ];
+    extraGroups = [ "wheel" "docker" ];
    createHome = true;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2zpmWA3Z9zshWaU8k1SWyJnbAyasOu9pV+9BvTY0XE leon@¯\_(ツ)_/¯"
@ -59,7 +59,7 @@ in

  networking.firewall = {
    allowedTCPPorts = [ 80 443 22 ];
-    allowedUDPPorts = [ ];  
+    allowedUDPPorts = [ 51820 ];  
  };
 #------------------DOCKER----------------------------

@ -67,5 +67,25 @@ in

 #------------------DOCKER----------------------------

+
+#------------------Wireguard-client----------------------------
+# Enable WireGuard
+  networking.wireguard.interfaces = {
+    wg0 = {
+      ips = [ "10.10.11.4/24" ];
+      listenPort = 51820;
+      privateKeyFile = "/etc/nixos/wireguard-keys/private-key";
+
+      peers = [
+        {
+          publicKey = "w3qegSSuqFTFrGk4XJaWBSwGDOiqbnnAIR9MzwjYVA8=";
+          allowedIPs = [ "10.10.11.0" ];
+          endpoint = "81.201.149.152:18800";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+#------------------End----------------------------
  system.stateVersion = "22.05";
 }