Test
This commit is contained in:
parent
7d0ddddbda
commit
ec63453531
6 changed files with 27 additions and 19 deletions
|
@ -48,11 +48,11 @@
|
||||||
};
|
};
|
||||||
bashrcExtra = ''
|
bashrcExtra = ''
|
||||||
restart-docker() {
|
restart-docker() {
|
||||||
pushd /Storage/Data/docker-compose/sysctl.io
|
pushd /Storage/Data/docker compose/sysctl.io
|
||||||
docker stop $1
|
docker stop $1
|
||||||
docker rm $1
|
docker rm $1
|
||||||
git pull
|
git pull
|
||||||
docker-compose up -d $1
|
docker compose up -d $1
|
||||||
popd
|
popd
|
||||||
}
|
}
|
||||||
# Build ISOs/SD Card Images
|
# Build ISOs/SD Card Images
|
||||||
|
@ -162,7 +162,7 @@
|
||||||
|
|
||||||
# docker
|
# docker
|
||||||
d = "docker";
|
d = "docker";
|
||||||
dc = "docker-compose";
|
dc = "docker compose";
|
||||||
de = "docker exec -it";
|
de = "docker exec -it";
|
||||||
dl = "docker logs -f ";
|
dl = "docker logs -f ";
|
||||||
dps = ''docker ps --format "table [{{.ID}}] {{.Names}}\t{{.Status}}\t{{.State}}\t{{.Label \"type\"}}"'';
|
dps = ''docker ps --format "table [{{.ID}}] {{.Names}}\t{{.Status}}\t{{.State}}\t{{.Label \"type\"}}"'';
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
{
|
{
|
||||||
plugin = power-theme;
|
plugin = power-theme;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
set -g @tmux_power_theme '#${config.lib.stylix.colors.base01}'
|
set -g @tmux_power_theme '#${config.lib.stylix.colors.base06}'
|
||||||
set -g @tmux_power_right_arrow_icon ' '
|
set -g @tmux_power_right_arrow_icon ' '
|
||||||
set -g @tmux_power_left_arrow_icon ' '
|
set -g @tmux_power_left_arrow_icon ' '
|
||||||
set -g @tmux_power_prefix_highlight_pos 'R'
|
set -g @tmux_power_prefix_highlight_pos 'R'
|
||||||
|
|
|
@ -22,8 +22,8 @@
|
||||||
allowedUDPPorts = [
|
allowedUDPPorts = [
|
||||||
53 # DNS (udp)
|
53 # DNS (udp)
|
||||||
10000 # Jitsi Meet (udp)
|
10000 # Jitsi Meet (udp)
|
||||||
15636 # Enshrouded
|
15636 # Enshrouded - Game
|
||||||
15637 # Enshrouded
|
15637 # Enshrouded - Query Port
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
{ pkgs, config, lib, ... }: {
|
{ ... }: {
|
||||||
|
|
||||||
# Allow these hosts to directly communicate with their hostnames
|
# Allow these hosts to directly communicate with their hostnames
|
||||||
networking.extraHosts = ''
|
networking.extraHosts = ''
|
||||||
|
@ -19,7 +19,6 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# Wireguard Forwarder
|
# Wireguard Forwarder
|
||||||
networking.firewall.allowPing = true;
|
|
||||||
networking.wireguard = {
|
networking.wireguard = {
|
||||||
enable = true;
|
enable = true;
|
||||||
interfaces = {
|
interfaces = {
|
||||||
|
@ -40,4 +39,4 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -19,8 +19,8 @@
|
||||||
allowedUDPPorts = [
|
allowedUDPPorts = [
|
||||||
3478 # Headscale DERP (udp)
|
3478 # Headscale DERP (udp)
|
||||||
10000 # Jitsi Meet (udp)
|
10000 # Jitsi Meet (udp)
|
||||||
15636 # Enshrouded
|
15636 # Enshrouded - Game
|
||||||
15637 # Enshrouded
|
15637 # Enshrouded - Query Port
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -31,8 +31,8 @@
|
||||||
chain PREROUTING {
|
chain PREROUTING {
|
||||||
type nat hook prerouting priority dstnat; policy accept;
|
type nat hook prerouting priority dstnat; policy accept;
|
||||||
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000;
|
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000;
|
||||||
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15636;
|
iifname "enp0s4" udp dport 15636 dnat to 10.100.1.2:15636;
|
||||||
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15637;
|
iifname "enp0s4" udp dport 15637 dnat to 10.100.1.2:15637;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
|
@ -44,8 +44,8 @@
|
||||||
externalInterface = "wireguard0";
|
externalInterface = "wireguard0";
|
||||||
forwardPorts = [
|
forwardPorts = [
|
||||||
{ sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; }
|
{ sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; }
|
||||||
{ sourcePort = 15636; proto = "udp"; destination = "10.100.0.2:15636"; }
|
{ sourcePort = 15636; proto = "udp"; destination = "10.100.1.2:15636"; }
|
||||||
{ sourcePort = 15637; proto = "udp"; destination = "10.100.0.2:15637"; }
|
{ sourcePort = 15637; proto = "udp"; destination = "10.100.1.2:15637"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -71,7 +71,7 @@
|
||||||
bind :4190
|
bind :4190
|
||||||
bind :4443
|
bind :4443
|
||||||
default_backend backend_tcp
|
default_backend backend_tcp
|
||||||
|
|
||||||
backend backend_tcp
|
backend backend_tcp
|
||||||
mode tcp
|
mode tcp
|
||||||
option forwarded
|
option forwarded
|
||||||
|
|
|
@ -38,7 +38,10 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
interfaces = {
|
interfaces = {
|
||||||
"wireguard0" = {
|
"wireguard0" = {
|
||||||
ips = [ "10.100.0.1/24" ];
|
ips = [
|
||||||
|
"10.100.0.1/24"
|
||||||
|
"10.100.1.1/24"
|
||||||
|
];
|
||||||
listenPort = 51820;
|
listenPort = 51820;
|
||||||
privateKeyFile = "/run/secrets/wireguard_key";
|
privateKeyFile = "/run/secrets/wireguard_key";
|
||||||
postSetup = ''${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp0s4 -j MASQUERADE'';
|
postSetup = ''${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp0s4 -j MASQUERADE'';
|
||||||
|
@ -47,14 +50,20 @@
|
||||||
{ # framework-server
|
{ # framework-server
|
||||||
publicKey = "trHvfNtQ7HKMiJjxEXo2Iubq5G6egjx7gHiBlDmJ5Ek=";
|
publicKey = "trHvfNtQ7HKMiJjxEXo2Iubq5G6egjx7gHiBlDmJ5Ek=";
|
||||||
presharedKeyFile = "/run/secrets/preshared_key";
|
presharedKeyFile = "/run/secrets/preshared_key";
|
||||||
persistentKeepalive = 5;
|
|
||||||
allowedIPs = [ "10.100.0.2/32" ];
|
allowedIPs = [ "10.100.0.2/32" ];
|
||||||
|
persistentKeepalive = 5;
|
||||||
}
|
}
|
||||||
{ # backups-rpi4
|
{ # backups-rpi4
|
||||||
publicKey = "cqocpMyY8Z0Jl0hoAdghn3dR3VhkkOYyeSwW6UKk9Fs=";
|
publicKey = "cqocpMyY8Z0Jl0hoAdghn3dR3VhkkOYyeSwW6UKk9Fs=";
|
||||||
presharedKeyFile = "/run/secrets/preshared_key";
|
presharedKeyFile = "/run/secrets/preshared_key";
|
||||||
persistentKeepalive = 5;
|
|
||||||
allowedIPs = [ "10.100.0.3/32" ];
|
allowedIPs = [ "10.100.0.3/32" ];
|
||||||
|
persistentKeepalive = 5;
|
||||||
|
}
|
||||||
|
{ # framewrk-server docker:wg-enshrouded
|
||||||
|
publicKey = "ucV6LgUwSbEyyxPlS83OayFPK6ysQKu6cVBV97S07mI=";
|
||||||
|
presharedKeyFile = "/run/secrets/preshared_key";
|
||||||
|
allowedIPs = [ "10.100.1.2/32" ];
|
||||||
|
persistentKeepalive = 5;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue