2024-04-19 18:28:40 +02:00
|
|
|
{ config, pkgs, lib, materusArg, ... }:
|
2023-10-08 11:42:08 +02:00
|
|
|
{
|
|
|
|
networking.useDHCP = lib.mkDefault true;
|
|
|
|
networking.hostName = "materusPC";
|
|
|
|
networking.wireless.iwd.enable = true;
|
|
|
|
networking.networkmanager.enable = true;
|
2023-10-20 23:29:09 +02:00
|
|
|
#networking.networkmanager.wifi.backend = "iwd";
|
2023-10-08 11:42:08 +02:00
|
|
|
networking.firewall.enable = true;
|
2024-03-11 16:19:31 +01:00
|
|
|
networking.firewall.allowedTCPPorts = [ 24800 5900 5357 4656 8080 9943 9944 ];
|
|
|
|
networking.firewall.allowedUDPPorts = [ 24800 5900 3702 4656 6000 9943 9944 ];
|
2023-10-08 11:42:08 +02:00
|
|
|
#Fix warning
|
|
|
|
networking.networkmanager.extraConfig = lib.mkDefault ''
|
|
|
|
[connectivity]
|
|
|
|
uri=http://nmcheck.gnome.org/check_network_status.txt
|
|
|
|
'';
|
2024-04-19 18:28:40 +02:00
|
|
|
sops.templates."networkmanager.env".content = ''
|
|
|
|
WIREGUARD_PRIVATEKEY="${config.sops.placeholder.wireguard}"
|
|
|
|
'';
|
|
|
|
networking.networkmanager.ensureProfiles.environmentFiles = [
|
|
|
|
config.sops.templates."networkmanager.env".path
|
|
|
|
];
|
|
|
|
networking.networkmanager.ensureProfiles.profiles = {
|
|
|
|
wg0 = {
|
|
|
|
connection = {
|
|
|
|
id = "wg0";
|
|
|
|
type = "wireguard";
|
|
|
|
interface-name = "wg0";
|
|
|
|
};
|
|
|
|
wireguard = {
|
|
|
|
private-key = "$WIREGUARD_PRIVATEKEY";
|
|
|
|
};
|
|
|
|
"wireguard-peer.${materusArg.wireguard.pubKeys.valkyrie}" = {
|
|
|
|
endpoint = "${materusArg.ips.valkyrie}:${materusArg.wireguard.port}";
|
|
|
|
allowed-ips = "${materusArg.ip-masks.wireguard.general};";
|
|
|
|
};
|
|
|
|
ipv4 = {
|
|
|
|
address1 = "${materusArg.ips.wireguard.materusPC}/23";
|
|
|
|
dns = "${materusArg.ips.wireguard.valkyrie};";
|
|
|
|
method = "manual";
|
|
|
|
never-default = "true";
|
|
|
|
};
|
|
|
|
ipv6 = {
|
|
|
|
addr-gen-mode = "stable-privacy";
|
|
|
|
method = "disabled";
|
|
|
|
};
|
|
|
|
proxy = { };
|
|
|
|
};
|
|
|
|
};
|
2023-10-08 11:42:08 +02:00
|
|
|
}
|