feat: introduce treefmt and fmt all
This commit is contained in:
parent
80250b0179
commit
27c6c4f9fa
237 changed files with 5440 additions and 5214 deletions
|
|
@ -1,16 +1,14 @@
|
|||
{
|
||||
pkgs,
|
||||
lib,
|
||||
config,
|
||||
repoFlake,
|
||||
nodeName,
|
||||
...
|
||||
}: let
|
||||
}:
|
||||
let
|
||||
wireguardPort = 51820;
|
||||
in {
|
||||
imports = [
|
||||
../../snippets/systemd-resolved.nix
|
||||
];
|
||||
in
|
||||
{
|
||||
imports = [ ../../snippets/systemd-resolved.nix ];
|
||||
|
||||
networking.firewall.enable = true;
|
||||
networking.nftables.enable = true;
|
||||
|
|
@ -19,9 +17,7 @@ in {
|
|||
# iperf3
|
||||
5201
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [
|
||||
wireguardPort
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [ wireguardPort ];
|
||||
|
||||
networking.firewall.logRefusedConnections = false;
|
||||
|
||||
|
|
@ -38,7 +34,7 @@ in {
|
|||
"prefixLength" = 29;
|
||||
}
|
||||
];
|
||||
ipv6.addresses = [];
|
||||
ipv6.addresses = [ ];
|
||||
};
|
||||
|
||||
networking.defaultGateway = {
|
||||
|
|
@ -53,7 +49,10 @@ in {
|
|||
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
internalInterfaces = ["ve-*" "wg*"];
|
||||
internalInterfaces = [
|
||||
"ve-*"
|
||||
"wg*"
|
||||
];
|
||||
externalInterface = "eth0";
|
||||
};
|
||||
|
||||
|
|
@ -70,15 +69,12 @@ in {
|
|||
networking.wireguard.interfaces.wg0 = {
|
||||
# eth0 MTU (1400) - 80
|
||||
mtu = 1320;
|
||||
ips = [
|
||||
"192.168.99.1/31"
|
||||
];
|
||||
listenPort =
|
||||
wireguardPort;
|
||||
ips = [ "192.168.99.1/31" ];
|
||||
listenPort = wireguardPort;
|
||||
privateKeyFile = config.sops.secrets.wg0-private.path;
|
||||
peers = [
|
||||
{
|
||||
allowedIPs = ["192.168.99.2/32"];
|
||||
allowedIPs = [ "192.168.99.2/32" ];
|
||||
publicKey = "O3k4jEdX6jkV1fHP/J8KSH5tvi+n1VvnBTD5na6Naw0=";
|
||||
presharedKeyFile = config.sops.secrets.wg0-psk-steveej-psk.path;
|
||||
}
|
||||
|
|
@ -86,14 +82,18 @@ in {
|
|||
};
|
||||
|
||||
# virtualization
|
||||
virtualisation = {docker.enable = false;};
|
||||
virtualisation = {
|
||||
docker.enable = false;
|
||||
};
|
||||
|
||||
services.spice-vdagentd.enable = true;
|
||||
services.qemuGuest.enable = true;
|
||||
|
||||
nix.gc = {automatic = true;};
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
};
|
||||
|
||||
containers = {};
|
||||
containers = { };
|
||||
|
||||
home-manager.users.steveej = import ../../../home-manager/configuration/text-minimal.nix {
|
||||
inherit pkgs;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue