This commit is contained in:
albert 2024-03-30 23:53:56 +09:00
parent 7d0ddddbda
commit ec63453531
No known key found for this signature in database
GPG key ID: 64F6C4EB46C4543A
6 changed files with 27 additions and 19 deletions

View file

@ -48,11 +48,11 @@
};
bashrcExtra = ''
restart-docker() {
pushd /Storage/Data/docker-compose/sysctl.io
pushd /Storage/Data/docker compose/sysctl.io
docker stop $1
docker rm $1
git pull
docker-compose up -d $1
docker compose up -d $1
popd
}
# Build ISOs/SD Card Images
@ -162,7 +162,7 @@
# docker
d = "docker";
dc = "docker-compose";
dc = "docker compose";
de = "docker exec -it";
dl = "docker logs -f ";
dps = ''docker ps --format "table [{{.ID}}] {{.Names}}\t{{.Status}}\t{{.State}}\t{{.Label \"type\"}}"'';

View file

@ -8,7 +8,7 @@
{
plugin = power-theme;
extraConfig = ''
set -g @tmux_power_theme '#${config.lib.stylix.colors.base01}'
set -g @tmux_power_theme '#${config.lib.stylix.colors.base06}'
set -g @tmux_power_right_arrow_icon ' '
set -g @tmux_power_left_arrow_icon ' '
set -g @tmux_power_prefix_highlight_pos 'R'

View file

@ -22,8 +22,8 @@
allowedUDPPorts = [
53 # DNS (udp)
10000 # Jitsi Meet (udp)
15636 # Enshrouded
15637 # Enshrouded
15636 # Enshrouded - Game
15637 # Enshrouded - Query Port
];
};
};

View file

@ -1,4 +1,4 @@
{ pkgs, config, lib, ... }: {
{ ... }: {
# Allow these hosts to directly communicate with their hostnames
networking.extraHosts = ''
@ -19,7 +19,6 @@
};
# Wireguard Forwarder
networking.firewall.allowPing = true;
networking.wireguard = {
enable = true;
interfaces = {

View file

@ -19,8 +19,8 @@
allowedUDPPorts = [
3478 # Headscale DERP (udp)
10000 # Jitsi Meet (udp)
15636 # Enshrouded
15637 # Enshrouded
15636 # Enshrouded - Game
15637 # Enshrouded - Query Port
];
};
@ -31,8 +31,8 @@
chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept;
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:10000;
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15636;
iifname "enp0s4" udp dport 10000 dnat to 10.100.0.2:15637;
iifname "enp0s4" udp dport 15636 dnat to 10.100.1.2:15636;
iifname "enp0s4" udp dport 15637 dnat to 10.100.1.2:15637;
}
}
'';
@ -44,8 +44,8 @@
externalInterface = "wireguard0";
forwardPorts = [
{ sourcePort = 10000; proto = "udp"; destination = "10.100.0.2:10000"; }
{ sourcePort = 15636; proto = "udp"; destination = "10.100.0.2:15636"; }
{ sourcePort = 15637; proto = "udp"; destination = "10.100.0.2:15637"; }
{ sourcePort = 15636; proto = "udp"; destination = "10.100.1.2:15636"; }
{ sourcePort = 15637; proto = "udp"; destination = "10.100.1.2:15637"; }
];
};
};

View file

@ -38,7 +38,10 @@
enable = true;
interfaces = {
"wireguard0" = {
ips = [ "10.100.0.1/24" ];
ips = [
"10.100.0.1/24"
"10.100.1.1/24"
];
listenPort = 51820;
privateKeyFile = "/run/secrets/wireguard_key";
postSetup = ''${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -o enp0s4 -j MASQUERADE'';
@ -47,14 +50,20 @@
{ # framework-server
publicKey = "trHvfNtQ7HKMiJjxEXo2Iubq5G6egjx7gHiBlDmJ5Ek=";
presharedKeyFile = "/run/secrets/preshared_key";
persistentKeepalive = 5;
allowedIPs = [ "10.100.0.2/32" ];
persistentKeepalive = 5;
}
{ # backups-rpi4
publicKey = "cqocpMyY8Z0Jl0hoAdghn3dR3VhkkOYyeSwW6UKk9Fs=";
presharedKeyFile = "/run/secrets/preshared_key";
persistentKeepalive = 5;
allowedIPs = [ "10.100.0.3/32" ];
persistentKeepalive = 5;
}
{ # framewrk-server docker:wg-enshrouded
publicKey = "ucV6LgUwSbEyyxPlS83OayFPK6ysQKu6cVBV97S07mI=";
presharedKeyFile = "/run/secrets/preshared_key";
allowedIPs = [ "10.100.1.2/32" ];
persistentKeepalive = 5;
}
];
};