This commit is contained in:
albert 2024-03-30 23:53:56 +09:00
parent 7d0ddddbda
commit ec63453531
No known key found for this signature in database
GPG key ID: 64F6C4EB46C4543A
6 changed files with 27 additions and 19 deletions

View file

@ -48,11 +48,11 @@
}; };
bashrcExtra = '' bashrcExtra = ''
restart-docker() { restart-docker() {
pushd /Storage/Data/docker-compose/sysctl.io pushd /Storage/Data/docker compose/sysctl.io
docker stop $1 docker stop $1
docker rm $1 docker rm $1
git pull git pull
docker-compose up -d $1 docker compose up -d $1
popd popd
} }
# Build ISOs/SD Card Images # Build ISOs/SD Card Images
@ -162,7 +162,7 @@
# docker # docker
d = "docker"; d = "docker";
dc = "docker-compose"; dc = "docker compose";
de = "docker exec -it"; de = "docker exec -it";
dl = "docker logs -f "; dl = "docker logs -f ";
dps = ''docker ps --format "table [{{.ID}}] {{.Names}}\t{{.Status}}\t{{.State}}\t{{.Label \"type\"}}"''; dps = ''docker ps --format "table [{{.ID}}] {{.Names}}\t{{.Status}}\t{{.State}}\t{{.Label \"type\"}}"'';

View file

@ -8,7 +8,7 @@
{ {
plugin = power-theme; plugin = power-theme;
extraConfig = '' extraConfig = ''
set -g @tmux_power_theme '#${config.lib.stylix.colors.base01}' set -g @tmux_power_theme '#${config.lib.stylix.colors.base06}'
set -g @tmux_power_right_arrow_icon ' ' set -g @tmux_power_right_arrow_icon ' '
set -g @tmux_power_left_arrow_icon ' ' set -g @tmux_power_left_arrow_icon ' '
set -g @tmux_power_prefix_highlight_pos 'R' set -g @tmux_power_prefix_highlight_pos 'R'

View file

@ -22,8 +22,8 @@
allowedUDPPorts = [ allowedUDPPorts = [
53 # DNS (udp) 53 # DNS (udp)
10000 # Jitsi Meet (udp) 10000 # Jitsi Meet (udp)
15636 # Enshrouded 15636 # Enshrouded - Game
15637 # Enshrouded 15637 # Enshrouded - Query Port
]; ];
}; };
}; };

View file

@ -1,4 +1,4 @@
{ pkgs, config, lib, ... }: { { ... }: {
# Allow these hosts to directly communicate with their hostnames # Allow these hosts to directly communicate with their hostnames
networking.extraHosts = '' networking.extraHosts = ''
@ -19,7 +19,6 @@
}; };
# Wireguard Forwarder # Wireguard Forwarder
networking.firewall.allowPing = true;
networking.wireguard = { networking.wireguard = {
enable = true; enable = true;
interfaces = { interfaces = {
@ -40,4 +39,4 @@
}; };
}; };
}; };
} }

View file

@ -19,8 +19,8 @@
allowedUDPPorts = [ allowedUDPPorts = [
3478 # Headscale DERP (udp) 3478 # Headscale DERP (udp)
10000 # Jitsi Meet (udp) 10000 # Jitsi Meet (udp)
15636 # Enshrouded 15636 # Enshrouded - Game
15637 # Enshrouded 15637 # Enshrouded - Query Port
]; ];
}; };
@ -31,8 +31,8 @@
chain PREROUTING { chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept; type nat hook prerouting priority dstnat; policy accept;
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000; iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000;
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15636; iifname "enp0s4" udp dport 15636 dnat to 10.100.1.2:15636;
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15637; iifname "enp0s4" udp dport 15637 dnat to 10.100.1.2:15637;
} }
} }
''; '';
@ -44,8 +44,8 @@
externalInterface = "wireguard0"; externalInterface = "wireguard0";
forwardPorts = [ forwardPorts = [
{ sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; } { sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; }
{ sourcePort = 15636; proto = "udp"; destination = "10.100.0.2:15636"; } { sourcePort = 15636; proto = "udp"; destination = "10.100.1.2:15636"; }
{ sourcePort = 15637; proto = "udp"; destination = "10.100.0.2:15637"; } { sourcePort = 15637; proto = "udp"; destination = "10.100.1.2:15637"; }
]; ];
}; };
}; };
@ -71,7 +71,7 @@
bind :4190 bind :4190
bind :4443 bind :4443
default_backend backend_tcp default_backend backend_tcp
backend backend_tcp backend backend_tcp
mode tcp mode tcp
option forwarded option forwarded

View file

@ -38,7 +38,10 @@
enable = true; enable = true;
interfaces = { interfaces = {
"wireguard0" = { "wireguard0" = {
ips = [ "10.100.0.1/24" ]; ips = [
"10.100.0.1/24"
"10.100.1.1/24"
];
listenPort = 51820; listenPort = 51820;
privateKeyFile = "/run/secrets/wireguard_key"; privateKeyFile = "/run/secrets/wireguard_key";
postSetup = ''${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp0s4 -j MASQUERADE''; postSetup = ''${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp0s4 -j MASQUERADE'';
@ -47,14 +50,20 @@
{ # framework-server { # framework-server
publicKey = "trHvfNtQ7HKMiJjxEXo2Iubq5G6egjx7gHiBlDmJ5Ek="; publicKey = "trHvfNtQ7HKMiJjxEXo2Iubq5G6egjx7gHiBlDmJ5Ek=";
presharedKeyFile = "/run/secrets/preshared_key"; presharedKeyFile = "/run/secrets/preshared_key";
persistentKeepalive = 5;
allowedIPs = [ "10.100.0.2/32" ]; allowedIPs = [ "10.100.0.2/32" ];
persistentKeepalive = 5;
} }
{ # backups-rpi4 { # backups-rpi4
publicKey = "cqocpMyY8Z0Jl0hoAdghn3dR3VhkkOYyeSwW6UKk9Fs="; publicKey = "cqocpMyY8Z0Jl0hoAdghn3dR3VhkkOYyeSwW6UKk9Fs=";
presharedKeyFile = "/run/secrets/preshared_key"; presharedKeyFile = "/run/secrets/preshared_key";
persistentKeepalive = 5;
allowedIPs = [ "10.100.0.3/32" ]; allowedIPs = [ "10.100.0.3/32" ];
persistentKeepalive = 5;
}
{ # framewrk-server docker:wg-enshrouded
publicKey = "ucV6LgUwSbEyyxPlS83OayFPK6ysQKu6cVBV97S07mI=";
presharedKeyFile = "/run/secrets/preshared_key";
allowedIPs = [ "10.100.1.2/32" ];
persistentKeepalive = 5;
} }
]; ];
}; };