This commit is contained in:
albert 2024-03-15 20:41:29 +09:00
parent ca14a8ce6c
commit ced197e765
No known key found for this signature in database
GPG key ID: 64F6C4EB46C4543A
5 changed files with 15 additions and 25 deletions

View file

@ -11,9 +11,12 @@
dockerSocket.enable = true;
dockerCompat = true;
autoPrune = {
enable = true;
dates = "weekly";
flags = [ "--all" ];
enable = true;
dates = "weekly";
flags = [ "--all" ];
};
defaultNetwork.settings = {
dns_enabled = true;
};
};

View file

@ -39,4 +39,5 @@
networking.hostName = "milan-linode-01";
services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];
boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; };
}

View file

@ -35,18 +35,10 @@
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [
"podman-network-headscale-default.service"
];
requires = [
"podman-network-headscale-default.service"
];
partOf = [
"podman-compose-headscale-root.target"
];
wantedBy = [
"podman-compose-headscale-root.target"
];
after = [ "podman-network-headscale-default.service" ];
requires = [ "podman-network-headscale-default.service" ];
partOf = [ "podman-compose-headscale-root.target" ];
wantedBy = [ "podman-compose-headscale-root.target" ];
};
# Networks
@ -60,7 +52,7 @@
script = ''
podman network inspect headscale-default || podman network create headscale-default --opt isolate=true
'';
partOf = [ "podman-compose-headscale-root.target" ];
partOf = [ "podman-compose-headscale-root.target" ];
wantedBy = [ "podman-compose-headscale-root.target" ];
};

View file

@ -38,9 +38,6 @@
iifname "enp0s4" tcp dport 443 dnat to 10.100.0.2:443; # HTTPS
iifname "enp0s4" tcp dport 42420 dnat to 10.100.0.2:42420; # Vintage Story
iifname "enp0s4" tcp dport 25565 dnat to 10.100.0.2:25565; # Minecraft
# iifname "enp0s4" tcp dport 1443 dnat to 10.100.0.2:1443; # Headscale DERP (tcp)
# iifname "enp0s4" udp dport 3478 dnat to 10.100.0.2:3478; # Headscale DERP (udp)
# iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000; # Headscale DERP (udp)
iifname "enp0s4" tcp dport 4443 dnat to 10.100.0.2:4443; # Jitsi
}
}
@ -62,9 +59,6 @@
{ sourcePort = 443; proto = "tcp"; destination = "10.100.0.2:443"; } # HTTPS
{ sourcePort = 42420; proto = "tcp"; destination = "10.100.0.2:42420"; } # Vintage Story
{ sourcePort = 25565; proto = "tcp"; destination = "10.100.0.2:25565"; } # Minecraft
# { sourcePort = 1443; proto = "tcp"; destination = "10.100.0.2:1443"; } # Headscale DERP (tcp)
# { sourcePort = 3478; proto = "udp"; destination = "10.100.0.2:3478"; } # Headscale DERP (udp)
# { sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; } # Headscale DERP (udp)
{ sourcePort = 4443; proto = "tcp"; destination = "10.100.0.2:4443"; } # Jitsi
];
};

View file

@ -22,9 +22,9 @@
serviceConfig = {
Restart = lib.mkOverride 500 "always";
};
after = [ "podman-network-piaware-default.service" ];
after = [ "podman-network-piaware-default.service" ];
requires = [ "podman-network-piaware-default.service" ];
partOf = [ "podman-compose-piaware-root.target" ];
partOf = [ "podman-compose-piaware-root.target" ];
wantedBy = [ "podman-compose-piaware-root.target" ];
};
@ -39,7 +39,7 @@
script = ''
podman network inspect piaware-default || podman network create piaware-default --opt isolate=true
'';
partOf = [ "podman-compose-piaware-root.target" ];
partOf = [ "podman-compose-piaware-root.target" ];
wantedBy = [ "podman-compose-piaware-root.target" ];
};