59 lines
1.8 KiB
Nix
59 lines
1.8 KiB
Nix
{ config, pkgs, ... }:
|
|
{
|
|
imports = [
|
|
# Import the main module
|
|
../modules/cloonar-assistant
|
|
|
|
# Include your hardware-configuration.nix and other custom modules
|
|
./hardware-configuration.nix
|
|
# ...
|
|
];
|
|
|
|
sops.defaultSopsFile = ./secrets.yaml;
|
|
|
|
# --- Configure Cloonar Assistant Options ---
|
|
cloonar-assistant = {
|
|
# Required: Define the first two octets for your internal networks
|
|
networkPrefix = "10.42"; # Example: Results in 10.42.96.0/24, 10.42.97.0/24, etc.
|
|
|
|
# Required: Define the domain name for local services and DDNS
|
|
domain = "home.example.com"; # Example
|
|
|
|
# Required: Define the network interface connected to the WAN/Internet
|
|
firewall.interfaces.wan = "eth0"; # Example
|
|
|
|
# Required: Define the network interface for internal VLANs
|
|
# Set to null if you only have one interface (WAN)
|
|
firewall.interfaces.internal = null; # Example
|
|
|
|
# Enable VPN Server
|
|
vpn.enable = true;
|
|
vpn.privateKeyFile = "/path/to/your/wireguard_private_key"; # Store securely!
|
|
vpn.clients = [
|
|
{
|
|
name = "myphone";
|
|
publicKey = "...";
|
|
allowedIPs = [ "${config.cloonar-assistant.networkPrefix}.98.2/32" ];
|
|
}
|
|
];
|
|
|
|
# Enable Dynamic DNS Updates
|
|
updns-client.enable = true;
|
|
updns-client.key = "your-updns-key"; # Key provided by updns-client.cloonar.com
|
|
updns-client.secretFile = "/path/to/your/updns_secret"; # Store securely!
|
|
|
|
# Enable setup mode (allows WAN access for initial setup - disable for production)
|
|
setup = false;
|
|
|
|
# ... other options can be configured as needed.
|
|
};
|
|
|
|
# --- Other System Configuration ---
|
|
networking.hostName = "myrouter"; # Example hostname
|
|
|
|
# Ensure necessary packages for fetching are available if not using flakes
|
|
environment.systemPackages = [ pkgs.nix ];
|
|
|
|
system.stateVersion = "23.11"; # Set to your NixOS version
|
|
}
|