kamov/server
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

disable syncthing

Browse source
This commit is contained in:
Maciej Jur 2024-04-02 00:33:16 +02:00
parent beefeed823
commit c6f92e0504
Signed by: kamov
GPG key ID: 191CBFF5F72ECAFD
1 changed files with 65 additions and 65 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

130
hosts/kamoshi/configuration.nix
View file

@ -34,11 +34,11 @@
networking = { networking = {
hostName = "kamoshi"; hostName = "kamoshi";
nat = { # nat = {
enable = true; # enable = true;
externalInterface = "eth0"; # externalInterface = "eth0";
internalInterfaces = [ "wg0" ]; # internalInterfaces = [ "wg0" ];
}; # };
firewall = { firewall = {
enable = true; enable = true;
allowedTCPPorts = [ allowedTCPPorts = [
@ -46,46 +46,46 @@
80 # nginx 80 # nginx
443 # nginx TLS 443 # nginx TLS
2222 # ssh 2222 # ssh
22070 22067 # syncthing relay # 22070 22067 # syncthing relay
]; ];
allowedUDPPorts = [ # allowedUDPPorts = [
42069 # wireguard # 42069 # wireguard
]; # ];
interfaces = { # interfaces = {
"wg0" = { # "wg0" = {
allowedTCPPorts = [ # allowedTCPPorts = [
8384 22000 # syncthing # 8384 22000 # syncthing
]; # ];
allowedUDPPorts = [ # allowedUDPPorts = [
22000 21027 # syncthing # 22000 21027 # syncthing
]; # ];
}; # };
}; # };
};
wireguard.interfaces = {
"wg0" = {
ips = [ "10.100.0.1/24" ];
listenPort = 42069;
postSetup = ''
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
'';
postShutdown = ''
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
'';
privateKeyFile = "/root/secrets/wireguard/kamoshi";
peers = [
{
publicKey = "26lQ3qCZrZ3hAqLIDfQNrmFQSQv983TeyXpJUY59QkI=";
allowedIPs = [ "10.100.0.2/32" ];
}
{
publicKey = "W3HCbtf/m/MUZSTTq/Dr9w0mfHjH5eYfOxWtq+eLFXw=";
allowedIPs = [ "10.100.0.3/32" ];
}
];
};
}; };
# wireguard.interfaces = {
# "wg0" = {
# ips = [ "10.100.0.1/24" ];
# listenPort = 42069;
# postSetup = ''
# ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
# '';
# postShutdown = ''
# ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE
# '';
# privateKeyFile = "/root/secrets/wireguard/kamoshi";
#
# peers = [
# {
# publicKey = "26lQ3qCZrZ3hAqLIDfQNrmFQSQv983TeyXpJUY59QkI=";
# allowedIPs = [ "10.100.0.2/32" ];
# }
# {
# publicKey = "W3HCbtf/m/MUZSTTq/Dr9w0mfHjH5eYfOxWtq+eLFXw=";
# allowedIPs = [ "10.100.0.3/32" ];
# }
# ];
# };
# };
}; };
time.timeZone = "Europe/Warsaw"; time.timeZone = "Europe/Warsaw";
@ -102,9 +102,9 @@
vim vim
wget wget
neovim neovim
neofetch # neofetch
nushell # nushell
wireguard-tools # wireguard-tools
]; ];
services = { services = {
@ -134,25 +134,25 @@
}; };
}; };
}; };
syncthing = { # syncthing = {
enable = true; # enable = true;
user = "kamov"; # user = "kamov";
dataDir = "/home/kamov/sync"; # dataDir = "/home/kamov/sync";
configDir = "/home/kamov/sync/.config"; # configDir = "/home/kamov/sync/.config";
guiAddress = "0.0.0.0:8384"; # guiAddress = "0.0.0.0:8384";
extraOptions.gui = { # extraOptions.gui = {
user = "admin"; # user = "admin";
password = "admin"; # password = "admin";
}; # };
# public relay options # # public relay options
relay = { # relay = {
enable = true; # enable = true;
providedBy = "kamoshi.org"; # providedBy = "kamoshi.org";
statusPort = 22070; # statusPort = 22070;
port = 22067; # port = 22067;
globalRateBps = 25000; # globalRateBps = 25000;
}; # };
}; # };
}; };
security.acme = { security.acme = {