traverseda/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Whitelist zerotier interface

Browse Source
This commit is contained in:
Alex Davies 2024-05-14 18:33:28 -03:00
parent e0be8076cd
commit 37767ad75b
4 changed files with 30 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
flake.nix
View File

@ -62,6 +62,10 @@
nixosConfigurations = { nixosConfigurations = {
#Personal laptop, thinkpad t490 #Personal laptop, thinkpad t490
athame = nixpkgs.lib.nixosSystem { athame = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs outputs;
hostname = "athame";
};
modules = [ modules = [
./nixos/configuration.nix ./nixos/configuration.nix
./nixos/kde-desktop.nix ./nixos/kde-desktop.nix
@ -71,6 +75,10 @@
}; };
#Work laptop, dell g15. #Work laptop, dell g15.
metatron = nixpkgs.lib.nixosSystem { metatron = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs outputs;
hostname = "metatron";
};
modules = [ modules = [
./nixos/configuration.nix ./nixos/configuration.nix
./nixos/kde-desktop.nix ./nixos/kde-desktop.nix
@ -80,6 +88,10 @@
]; ];
}; };
hearth = nixpkgs.lib.nixosSystem { hearth = nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs outputs;
hostname = "hearth";
};
modules = [ modules = [
./nixos/configuration.nix ./nixos/configuration.nix
./nixos/home-assistant.nix ./nixos/home-assistant.nix

2
nixos/kde-desktop.nix
View File

@ -13,7 +13,7 @@
services.fwupd.enable = true; services.fwupd.enable = true;
boot.plymouth = { boot.plymouth = {
enable = false; enable = true;
themePackages = with pkgs; [ (adi1090x-plymouth-themes.override {selected_themes = [ "rings" ]; }) ]; themePackages = with pkgs; [ (adi1090x-plymouth-themes.override {selected_themes = [ "rings" ]; }) ];
theme = "rings"; theme = "rings";
}; };

3
nixos/work.nix
View File

@ -3,9 +3,10 @@
{ {
virtualisation.virtualbox.host.enable = true; virtualisation.virtualbox.host.enable = true;
users.extraGroups.vboxusers.members = [ "traverseda" ]; users.extraGroups.vboxusers.members = [ "traverseda" ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
pkgs.qgroundcontrol pkgs.qgroundcontrol
pkgs.distrobox
]; ];
} }

16
nixos/zerotier.nix
View File

@ -1,5 +1,5 @@
let let
privateZeroTierInterfaces = [ "ztmwri5sbj" ]; # ZT NET INTERFACE privateZeroTierInterfaces = [ "zt_aura" ]; # ZT NET INTERFACE
in { in {
networking.firewall.trustedInterfaces = privateZeroTierInterfaces; # TRUST VPN ONLY networking.firewall.trustedInterfaces = privateZeroTierInterfaces; # TRUST VPN ONLY
@ -13,6 +13,20 @@ in {
services.avahi.publish.domain = true; services.avahi.publish.domain = true;
services.avahi.nssmdns4 = true; services.avahi.nssmdns4 = true;
services.avahi.publish.workstation = true; # ADDED TO DESKTOP MACHINES services.avahi.publish.workstation = true; # ADDED TO DESKTOP MACHINES
systemd.services.createDevicemap = {
description = "Create ZeroTier devicemap file";
before = [ "zerotierone.service" ]; # Ensure ZeroTier service has started
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
mkdir -p /var/lib/zerotier-one
echo "e04fa485ed2a4dc4=zt_aura" > /var/lib/zerotier-one/devicemap
'';
};
services.zerotierone.enable = true; services.zerotierone.enable = true;