Merge pull request 'update' (#65) from leon/nix-config:vps-leon into master
Reviewed-on: #65
This commit is contained in:
commit
96bae6b4e2
|
@ -120,7 +120,12 @@
|
|||
|
||||
peers = [
|
||||
# ------------------leon-------------------------.
|
||||
{
|
||||
{
|
||||
#leoncloud-vm
|
||||
publicKey = "YhcC/xMYxh7GIyndbgBZ05oE3aTJXK4T7JgZwUDyd08=";
|
||||
allowedIPs = [ "10.10.11.4" ];
|
||||
}
|
||||
{
|
||||
#My_laptop
|
||||
publicKey = "okZuIQ90J49IJ3s+/dZyLthvo4rR2kclmTL54Ykglio=";
|
||||
allowedIPs = [ "10.10.11.2" ];
|
||||
|
|
|
@ -10,7 +10,7 @@ let
|
|||
in
|
||||
{
|
||||
microvm = {
|
||||
mem = 1024;
|
||||
mem = 4024;
|
||||
|
||||
writableStoreOverlay = "/nix/.rw-store";
|
||||
|
||||
|
@ -30,7 +30,7 @@ in
|
|||
};
|
||||
|
||||
networking = {
|
||||
hostName = "leoncloud";
|
||||
hostName = "docker-server";
|
||||
firewall.enable = true;
|
||||
};
|
||||
|
||||
|
@ -44,12 +44,12 @@ in
|
|||
# List packages installed in system profile. To search, run:
|
||||
# $ nix search wget
|
||||
environment.systemPackages = with pkgs; [
|
||||
wget vim python3Full nmap htop wireguard-tools
|
||||
wget vim python3Full nmap htop wireguard-tools docker-compose
|
||||
];
|
||||
|
||||
users.users.leoncloud = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" ];
|
||||
extraGroups = [ "wheel" "docker" ];
|
||||
createHome = true;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM2zpmWA3Z9zshWaU8k1SWyJnbAyasOu9pV+9BvTY0XE leon@¯\_(ツ)_/¯"
|
||||
|
@ -59,7 +59,7 @@ in
|
|||
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = [ 80 443 22 ];
|
||||
allowedUDPPorts = [ ];
|
||||
allowedUDPPorts = [ 51820 ];
|
||||
};
|
||||
#------------------DOCKER----------------------------
|
||||
|
||||
|
@ -67,5 +67,25 @@ in
|
|||
|
||||
#------------------DOCKER----------------------------
|
||||
|
||||
|
||||
#------------------Wireguard-client----------------------------
|
||||
# Enable WireGuard
|
||||
networking.wireguard.interfaces = {
|
||||
wg0 = {
|
||||
ips = [ "10.10.11.4/24" ];
|
||||
listenPort = 51820;
|
||||
privateKeyFile = "/etc/nixos/wireguard-keys/private-key";
|
||||
|
||||
peers = [
|
||||
{
|
||||
publicKey = "w3qegSSuqFTFrGk4XJaWBSwGDOiqbnnAIR9MzwjYVA8=";
|
||||
allowedIPs = [ "10.10.11.0" ];
|
||||
endpoint = "81.201.149.152:18800";
|
||||
persistentKeepalive = 25;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
#------------------End----------------------------
|
||||
system.stateVersion = "22.05";
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue