sercanto/mio-ops
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Activity

feature(toxvpn): add initial commit

Browse source
This commit is contained in:
Serĉanto de Scio 2024-09-28 14:06:46 +10:00
parent 9c3858318a
commit b6d61d57c7
Signed by: sercanto
GPG key ID: A4122FF3971B6865
9 changed files with 40 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
flake.lock
View file

@ -5125,16 +5125,16 @@
}, },
"nixpkgsUnstable": { "nixpkgsUnstable": {
"locked": { "locked": {
"lastModified": 1727122398, "lastModified": 1727492757,
"narHash": "sha256-o8VBeCWHBxGd4kVMceIayf5GApqTavJbTa44Xcg5Rrk=", "narHash": "sha256-9ceiOCk+8ekKJJaeN/40M8jEqmrdjIULTzQDUrW0tfw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "30439d93eb8b19861ccbe3e581abf97bdc91b093", "rev": "e412e4890728fb35574edee0fb77876baf12ef88",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-unstable", "ref": "pull/344989/head",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

2
flake.nix
View file

@ -12,7 +12,7 @@
iohkNix.url = github:input-output-hk/iohk-nix/?ref=df1da282f996ec46b33379407df99613a1fbafdd; iohkNix.url = github:input-output-hk/iohk-nix/?ref=df1da282f996ec46b33379407df99613a1fbafdd;
nix.url = github:NixOS/nix/?ref=2.24.6; nix.url = github:NixOS/nix/?ref=2.24.6;
nixpkgs.url = github:NixOS/nixpkgs/?ref=nixos-24.05; nixpkgs.url = github:NixOS/nixpkgs/?ref=nixos-24.05;
nixpkgsUnstable.url = github:NixOS/nixpkgs/?ref=nixos-unstable; nixpkgsUnstable.url = github:NixOS/nixpkgs/?ref=pull/344989/head;
ragenix = { ragenix = {
url = github:yaxitech/ragenix; url = github:yaxitech/ragenix;
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";

2
hosts/cuallaidh/default.nix
View file

@ -13,7 +13,7 @@
../../profiles/ipv6.nix ../../profiles/ipv6.nix
../../profiles/mastodon.nix ../../profiles/mastodon.nix
../../profiles/matrix.nix ../../profiles/matrix.nix
#../../profiles/mcwhirter.io.nix ../../profiles/mcwhirter.io.nix
#../../profiles/minecraftServer.nix #../../profiles/minecraftServer.nix
../../profiles/nextcloud.nix ../../profiles/nextcloud.nix
../../profiles/nixpkgs-dev.nix ../../profiles/nixpkgs-dev.nix

2
hosts/sanganto/default.nix
View file

@ -21,8 +21,6 @@
../../profiles/users-ops.nix # MIO Ops users ../../profiles/users-ops.nix # MIO Ops users
]; ];
deployment.targetHost = "10.42.0.11";
nixpkgs = { nixpkgs = {
config = { config = {
allowUnfree = true; allowUnfree = true;

1
modules/module-list.nix
View file

@ -1,6 +1,7 @@
[ [
./profiles/cosmicDesktop ./profiles/cosmicDesktop
./profiles/starship ./profiles/starship
./profiles/toxvpn
./roles/desktop ./roles/desktop
./roles/desktopCraige ./roles/desktopCraige
] ]

25
modules/profiles/toxvpn/default.nix Normal file
View file

@ -0,0 +1,25 @@
# VPN configuration for MIO.
{
config,
lib,
pkgs,
nixpkgsUnstable,
...
}:
with lib; let
cfg = config.profiles.toxvpn;
toxvpn = nixpkgsUnstable.toxvpn;
in {
options.profiles.toxvpn = {
enable = mkEnableOption "to enable toxvpn.";
};
config = mkIf (cfg.enable) {
services.toxvpn = {
enable = true;
auto_add_peers = [
"7708050f6b7ad32e2a6943bd4aa97fe90053090e1197bd96f3dbedfd324e49605ca3e577ef47" # sanganto
"a18dfff426f5a752eb1bdc90ea307850982c1dff1444caf72b75f73483e358213b60281235a4" # eamhair
];
};
};
}

1
modules/roles/desktop/default.nix
View file

@ -23,6 +23,7 @@ in {
libreoffice-fresh # Comprehensive, professional-quality productivity suite libreoffice-fresh # Comprehensive, professional-quality productivity suite
mplayer # A movie player that supports many video formats mplayer # A movie player that supports many video formats
nextcloud-client # Nextcloud desktop client nextcloud-client # Nextcloud desktop client
pavucontrol # PulseAudio Volume Control
pwgen # Password generator pwgen # Password generator
rsync rsync
shotwell # Photo organizer shotwell # Photo organizer

4
outputs.nix
View file

@ -44,6 +44,7 @@ in {
# make flake inputs accessible in NixOS # make flake inputs accessible in NixOS
_module.args.inputs = inputs; _module.args.inputs = inputs;
profiles.starship.enable = true; profiles.starship.enable = true;
profiles.toxvpn.enable = true;
}; };
# Comment out deployment line when building the SD Image. # Comment out deployment line when building the SD Image.
airgead = { airgead = {
@ -128,6 +129,7 @@ in {
tags = ["active" "rPi"]; tags = ["active" "rPi"];
targetHost = "10.42.0.205"; targetHost = "10.42.0.205";
}; };
services.toxvpn.localip = "10.37.0.205";
}; };
iolear-beag = { iolear-beag = {
imports = [ imports = [
@ -150,8 +152,10 @@ in {
hosts/sanganto hosts/sanganto
ragenix.nixosModules.default ragenix.nixosModules.default
]; ];
deployment.targetHost = "10.42.0.11";
roles.desktop.enable = true; roles.desktop.enable = true;
roles.desktopCraige.enable = true; roles.desktopCraige.enable = true;
services.toxvpn.localip = "10.37.0.11";
}; };
sercanto = { sercanto = {
imports = [ imports = [

6
profiles/mcwhirter.io.nix
View file

@ -4,8 +4,8 @@
pkgs, pkgs,
... ...
}: let }: let
sources = import ../nix/sources.nix; #sources = import ../nix/sources.nix;
mcwhirter-io = import sources.mcwhirter-io {}; #mcwhirter-io = import sources.mcwhirter-io {};
webdomain = "mcwhirter.io"; webdomain = "mcwhirter.io";
in { in {
environment.sessionVariables = { environment.sessionVariables = {
@ -23,7 +23,7 @@ in {
# website hostname # website hostname
enableACME = true; # Use ACME certs enableACME = true; # Use ACME certs
forceSSL = true; # Force SSL forceSSL = true; # Force SSL
root = "${mcwhirter-io}"; # Wesbite root #root = "${mcwhirter-io}"; # Wesbite root
}; };
"www.${webdomain}" = { "www.${webdomain}" = {
# Respect our elders :-) # Respect our elders :-)