diff options
Diffstat (limited to 'nixos/alpha/configuration.nix')
| -rw-r--r-- | nixos/alpha/configuration.nix | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix index 4136b05..51d9082 100644 --- a/nixos/alpha/configuration.nix +++ b/nixos/alpha/configuration.nix @@ -202,6 +202,37 @@ services.tailscale.useRoutingFeatures = "both"; programs.trayscale.enable = true; + # User = networkId; + # nameToId = netName: "nebula-${netName}"; + sops.secrets.nebula-sefidel-internal-ca = { owner = "nebula-sefidel-internal"; }; + sops.secrets.nebula-sefidel-internal-cert = { owner = "nebula-sefidel-internal"; }; + sops.secrets.nebula-sefidel-internal-key = { owner = "nebula-sefidel-internal"; }; + + services.nebula.networks = { + sefidel-internal = { + enable = false; + + ca = config.sops.secrets.nebula-sefidel-internal-ca.path; + cert = config.sops.secrets.nebula-sefidel-internal-cert.path; + key = config.sops.secrets.nebula-sefidel-internal-key.path; + + staticHostMap = { + "100.64.0.1" = [ "v-coord1.sefidel.net:4242" ]; + }; + + lighthouses = [ "100.64.0.1" ]; + relays = [ "100.64.0.1" ]; + + firewall.inbound = [ + { + host = "any"; + port = "any"; + proto = "any"; + } + ]; + }; + }; + services.greetd = { enable = true; vt = 2; |