Compare commits
5 Commits
bb6f0ab772
...
fa1392dce8
Author | SHA1 | Date | |
---|---|---|---|
fa1392dce8 | |||
0751e0ac30 | |||
a2cf986bc4 | |||
0a95372a68 | |||
ecf5065588 |
@ -130,12 +130,14 @@ in {
|
|||||||
swayimg
|
swayimg
|
||||||
tea
|
tea
|
||||||
teams-for-linux
|
teams-for-linux
|
||||||
|
tectonic
|
||||||
tessen
|
tessen
|
||||||
texlive.combined.scheme-full
|
texlive.combined.scheme-full
|
||||||
thunderbird
|
thunderbird
|
||||||
upx
|
upx
|
||||||
waybar
|
waybar
|
||||||
wdisplays
|
wdisplays
|
||||||
|
weechat
|
||||||
whatsapp-for-linux
|
whatsapp-for-linux
|
||||||
wine
|
wine
|
||||||
wireshark
|
wireshark
|
||||||
|
@ -238,8 +238,8 @@
|
|||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "oneshot";
|
Type = "oneshot";
|
||||||
RemainAfterExit = true;
|
RemainAfterExit = true;
|
||||||
ExecStart = "${pkgs.iproute}/bin/ip netns add %I";
|
ExecStart = "${pkgs.iproute2}/bin/ip netns add %I";
|
||||||
ExecStop = "${pkgs.iproute}/bin/ip netns del %I";
|
ExecStop = "${pkgs.iproute2}/bin/ip netns del %I";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -256,23 +256,23 @@
|
|||||||
ExecStart = pkgs.writers.writeBash "wg-up" ''
|
ExecStart = pkgs.writers.writeBash "wg-up" ''
|
||||||
set -e
|
set -e
|
||||||
ENDPOINT_IP=$(${pkgs.coreutils-full}/bin/cat "${config.sops.secrets."wg_endpoint_proton".path}")
|
ENDPOINT_IP=$(${pkgs.coreutils-full}/bin/cat "${config.sops.secrets."wg_endpoint_proton".path}")
|
||||||
${pkgs.iproute}/bin/ip link add proton_wg type wireguard
|
${pkgs.iproute2}/bin/ip link add proton_wg type wireguard
|
||||||
${pkgs.iproute}/bin/ip link set proton_wg netns wg
|
${pkgs.iproute2}/bin/ip link set proton_wg netns wg
|
||||||
${pkgs.iproute}/bin/ip -n wg address add 10.2.0.2/32 dev proton_wg
|
${pkgs.iproute2}/bin/ip -n wg address add 10.2.0.2/32 dev proton_wg
|
||||||
${pkgs.iproute}/bin/ip netns exec wg \
|
${pkgs.iproute2}/bin/ip netns exec wg \
|
||||||
${pkgs.wireguard-tools}/bin/wg set "proton_wg" private-key "${config.sops.secrets."wg_privkey_proton".path}"
|
${pkgs.wireguard-tools}/bin/wg set "proton_wg" private-key "${config.sops.secrets."wg_privkey_proton".path}"
|
||||||
${pkgs.iproute}/bin/ip netns exec wg \
|
${pkgs.iproute2}/bin/ip netns exec wg \
|
||||||
${pkgs.wireguard-tools}/bin/wg set "proton_wg" peer "g6DkXWKI/68RsLjROIwCEcyB/ZhyK5Q7OWcz1TtqER0=" \
|
${pkgs.wireguard-tools}/bin/wg set "proton_wg" peer "g6DkXWKI/68RsLjROIwCEcyB/ZhyK5Q7OWcz1TtqER0=" \
|
||||||
endpoint "$ENDPOINT_IP:51820" \
|
endpoint "$ENDPOINT_IP:51820" \
|
||||||
persistent-keepalive "25" \
|
persistent-keepalive "25" \
|
||||||
allowed-ips "0.0.0.0/0"
|
allowed-ips "0.0.0.0/0"
|
||||||
${pkgs.iproute}/bin/ip -n wg link set lo up
|
${pkgs.iproute2}/bin/ip -n wg link set lo up
|
||||||
${pkgs.iproute}/bin/ip -n wg link set proton_wg up
|
${pkgs.iproute2}/bin/ip -n wg link set proton_wg up
|
||||||
${pkgs.iproute}/bin/ip -n wg route add default dev proton_wg
|
${pkgs.iproute2}/bin/ip -n wg route add default dev proton_wg
|
||||||
'';
|
'';
|
||||||
ExecStop = pkgs.writers.writeBash "wg-down" ''
|
ExecStop = pkgs.writers.writeBash "wg-down" ''
|
||||||
${pkgs.iproute}/bin/ip -n wg route del default dev proton_wg
|
${pkgs.iproute2}/bin/ip -n wg route del default dev proton_wg
|
||||||
${pkgs.iproute}/bin/ip -n wg link del proton_wg
|
${pkgs.iproute2}/bin/ip -n wg link del proton_wg
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
@ -528,7 +528,7 @@
|
|||||||
jetbrains-mono
|
jetbrains-mono
|
||||||
liberation_ttf
|
liberation_ttf
|
||||||
noto-fonts
|
noto-fonts
|
||||||
noto-fonts-cjk
|
noto-fonts-cjk-sans
|
||||||
noto-fonts-emoji
|
noto-fonts-emoji
|
||||||
proggyfonts
|
proggyfonts
|
||||||
siji
|
siji
|
||||||
@ -539,6 +539,7 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
|
spiceUSBRedirection.enable = true;
|
||||||
containers.storage.settings = {
|
containers.storage.settings = {
|
||||||
storage = {
|
storage = {
|
||||||
graphroot = "/var/lib/containers/storage";
|
graphroot = "/var/lib/containers/storage";
|
||||||
|
Loading…
Reference in New Issue
Block a user