Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add sane

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-09-20 10:07:34 +02:00
parent 1a32dd6b4c
commit 05d9aa0be2
2 changed files with 22 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
hosts/nb-01.cloonar.com/configuration.nix
View File

@@ -165,29 +165,27 @@
ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
''; '';
}; };
# networking.wireguard.interfaces = { networking.wireguard.interfaces = {
# wg0 = { wg0 = {
# # Determines the IP address and subnet of the client's end of the tunnel interface. # Determines the IP address and subnet of the client's end of the tunnel interface.
# ips = [ "10.42.98.201/32" ]; ips = [ "10.42.98.201/32" ];
# listenPort = 51820; # to match firewall allowedUDPPorts (without this wg uses random port numbers) # Path to the private key file.
# #
# # Path to the private key file. # Note: The private key can also be included inline via the privateKey option,
# # # but this makes the private key world-readable; thus, using privateKeyFile is
# # Note: The private key can also be included inline via the privateKey option, # recommended.
# # but this makes the private key world-readable; thus, using privateKeyFile is privateKeyFile = config.sops.secrets.wg-cloonar-key.path;
# # recommended.
# privateKeyFile = config.sops.secrets.wg-cloonar-key.path; peers = [
# {
# peers = [ publicKey = "TKQVDmBnf9av46kQxLQSBDhAeaK8r1zh8zpU64zuc1Q=";
# { allowedIPs = [ "10.42.97.0/20" "10.14.0.0/16" "10.25.0.0/16" ];
# publicKey = "TKQVDmBnf9av46kQxLQSBDhAeaK8r1zh8zpU64zuc1Q="; endpoint = "vpn.cloonar.com:51820"; # ToDo: route to endpoint not automatically configured https://wiki.archlinux.org/index.php/WireGuard#Loop_routing https://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577
# allowedIPs = [ "0.0.0.0/0" ]; persistentKeepalive = 25;
# endpoint = "vpn.cloonar.com:51820"; # ToDo: route to endpoint not automatically configured https://wiki.archlinux.org/index.php/WireGuard#Loop_routing https://discourse.nixos.org/t/solved-minimal-firewall-setup-for-wireguard-client/7577 }
# persistentKeepalive = 25; ];
# } };
# ]; };
# };
# };
# Facial recognition "Windows hello" # Facial recognition "Windows hello"
# services.ir-toggle.enable = true; # services.ir-toggle.enable = true;

1
hosts/nb-01.cloonar.com/modules/sway/sway.nix
View File

@@ -21,6 +21,7 @@ in {
./parsec.nix ./parsec.nix
]; ];
hardware.sane.enable = true;
hardware.pulseaudio.enable = false; hardware.pulseaudio.enable = false;
services.xserver = { services.xserver = {