deploy wireguard
This commit is contained in:
parent
a47d096503
commit
8bb7ffd92a
6 changed files with 175 additions and 212 deletions
|
|
@ -6,11 +6,11 @@
|
|||
./containers.nix
|
||||
./proxy.nix
|
||||
../system-default.nix
|
||||
../../../modules/vpn/tailscale.nix
|
||||
../../../modules/podman.nix
|
||||
../../../modules/traefik.nix
|
||||
../../../modules/borg/client.nix
|
||||
../../../modules/git/server.nix
|
||||
../../../modules/vpn/server.nix
|
||||
];
|
||||
|
||||
# GRUB bootloader with UEFI support
|
||||
|
|
@ -44,7 +44,6 @@
|
|||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 22 80 443 27017 ];
|
||||
trustedInterfaces = [ "tailscale0" ];
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -71,7 +70,14 @@
|
|||
];
|
||||
};
|
||||
|
||||
services.tailscale-custom.exitNode = true;
|
||||
services.wireguard-server = {
|
||||
enable = true;
|
||||
address = "10.2.2.1/24";
|
||||
peers = [{
|
||||
publicKey = "<nfss-public-key>";
|
||||
allowedIPs = [ "10.2.2.10/32" ];
|
||||
}];
|
||||
};
|
||||
|
||||
services.git-server-custom = {
|
||||
enable = true;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue