Test
This commit is contained in:
parent
7d0ddddbda
commit
ec63453531
6 changed files with 27 additions and 19 deletions
|
@ -48,11 +48,11 @@
|
|||
};
|
||||
bashrcExtra = ''
|
||||
restart-docker() {
|
||||
pushd /Storage/Data/docker-compose/sysctl.io
|
||||
pushd /Storage/Data/docker compose/sysctl.io
|
||||
docker stop $1
|
||||
docker rm $1
|
||||
git pull
|
||||
docker-compose up -d $1
|
||||
docker compose up -d $1
|
||||
popd
|
||||
}
|
||||
# Build ISOs/SD Card Images
|
||||
|
@ -162,7 +162,7 @@
|
|||
|
||||
# docker
|
||||
d = "docker";
|
||||
dc = "docker-compose";
|
||||
dc = "docker compose";
|
||||
de = "docker exec -it";
|
||||
dl = "docker logs -f ";
|
||||
dps = ''docker ps --format "table [{{.ID}}] {{.Names}}\t{{.Status}}\t{{.State}}\t{{.Label \"type\"}}"'';
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
{
|
||||
plugin = power-theme;
|
||||
extraConfig = ''
|
||||
set -g @tmux_power_theme '#${config.lib.stylix.colors.base01}'
|
||||
set -g @tmux_power_theme '#${config.lib.stylix.colors.base06}'
|
||||
set -g @tmux_power_right_arrow_icon ' '
|
||||
set -g @tmux_power_left_arrow_icon ' '
|
||||
set -g @tmux_power_prefix_highlight_pos 'R'
|
||||
|
|
|
@ -22,8 +22,8 @@
|
|||
allowedUDPPorts = [
|
||||
53 # DNS (udp)
|
||||
10000 # Jitsi Meet (udp)
|
||||
15636 # Enshrouded
|
||||
15637 # Enshrouded
|
||||
15636 # Enshrouded - Game
|
||||
15637 # Enshrouded - Query Port
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, config, lib, ... }: {
|
||||
{ ... }: {
|
||||
|
||||
# Allow these hosts to directly communicate with their hostnames
|
||||
networking.extraHosts = ''
|
||||
|
@ -19,7 +19,6 @@
|
|||
};
|
||||
|
||||
# Wireguard Forwarder
|
||||
networking.firewall.allowPing = true;
|
||||
networking.wireguard = {
|
||||
enable = true;
|
||||
interfaces = {
|
||||
|
|
|
@ -19,8 +19,8 @@
|
|||
allowedUDPPorts = [
|
||||
3478 # Headscale DERP (udp)
|
||||
10000 # Jitsi Meet (udp)
|
||||
15636 # Enshrouded
|
||||
15637 # Enshrouded
|
||||
15636 # Enshrouded - Game
|
||||
15637 # Enshrouded - Query Port
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -31,8 +31,8 @@
|
|||
chain PREROUTING {
|
||||
type nat hook prerouting priority dstnat; policy accept;
|
||||
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000;
|
||||
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15636;
|
||||
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15637;
|
||||
iifname "enp0s4" udp dport 15636 dnat to 10.100.1.2:15636;
|
||||
iifname "enp0s4" udp dport 15637 dnat to 10.100.1.2:15637;
|
||||
}
|
||||
}
|
||||
'';
|
||||
|
@ -44,8 +44,8 @@
|
|||
externalInterface = "wireguard0";
|
||||
forwardPorts = [
|
||||
{ sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; }
|
||||
{ sourcePort = 15636; proto = "udp"; destination = "10.100.0.2:15636"; }
|
||||
{ sourcePort = 15637; proto = "udp"; destination = "10.100.0.2:15637"; }
|
||||
{ sourcePort = 15636; proto = "udp"; destination = "10.100.1.2:15636"; }
|
||||
{ sourcePort = 15637; proto = "udp"; destination = "10.100.1.2:15637"; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -38,7 +38,10 @@
|
|||
enable = true;
|
||||
interfaces = {
|
||||
"wireguard0" = {
|
||||
ips = [ "10.100.0.1/24" ];
|
||||
ips = [
|
||||
"10.100.0.1/24"
|
||||
"10.100.1.1/24"
|
||||
];
|
||||
listenPort = 51820;
|
||||
privateKeyFile = "/run/secrets/wireguard_key";
|
||||
postSetup = ''${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp0s4 -j MASQUERADE'';
|
||||
|
@ -47,14 +50,20 @@
|
|||
{ # framework-server
|
||||
publicKey = "trHvfNtQ7HKMiJjxEXo2Iubq5G6egjx7gHiBlDmJ5Ek=";
|
||||
presharedKeyFile = "/run/secrets/preshared_key";
|
||||
persistentKeepalive = 5;
|
||||
allowedIPs = [ "10.100.0.2/32" ];
|
||||
persistentKeepalive = 5;
|
||||
}
|
||||
{ # backups-rpi4
|
||||
publicKey = "cqocpMyY8Z0Jl0hoAdghn3dR3VhkkOYyeSwW6UKk9Fs=";
|
||||
presharedKeyFile = "/run/secrets/preshared_key";
|
||||
persistentKeepalive = 5;
|
||||
allowedIPs = [ "10.100.0.3/32" ];
|
||||
persistentKeepalive = 5;
|
||||
}
|
||||
{ # framewrk-server docker:wg-enshrouded
|
||||
publicKey = "ucV6LgUwSbEyyxPlS83OayFPK6ysQKu6cVBV97S07mI=";
|
||||
presharedKeyFile = "/run/secrets/preshared_key";
|
||||
allowedIPs = [ "10.100.1.2/32" ];
|
||||
persistentKeepalive = 5;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue