Koen/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Overhaul luna complete

Browse source
This commit is contained in:
KoenDR06 2025-02-25 15:56:58 +01:00
parent 06f5971965
commit 6f9fdca876
110 changed files with 2408 additions and 2129 deletions
Download patch file Download diff file Expand all files Collapse all files

8
modules/network/default.nix Normal file
View file

@ -0,0 +1,8 @@
{inputs, ...}: {
imports = [
./mullvad.nix
./ssh.nix
./syncthing.nix
./tailscale.nix
];
}

33
modules/network/mullvad.nix Normal file
View file

@ -0,0 +1,33 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: let
inherit (lib) mkEnableOption mkIf mkOption types;
cfg = config.horseman.network.mullvad;
in {
options = {
horseman.network.mullvad = {
enable = mkEnableOption "Enables the Mullvad VPN";
};
};
config = {
services = {
mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
resolved = {
enable = true;
dnssec = "true";
domains = ["~."];
fallbackDns = ["1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one"];
};
};
networking.nameservers = ["1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one"];
};
}

41
modules/network/ssh.nix Normal file
View file

@ -0,0 +1,41 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: let
inherit (lib) mkEnableOption mkIf mkOption types;
cfg = config.horseman.network.ssh;
in {
options = {
horseman.network.ssh = {
enable = mkEnableOption "";
};
};
config = {
services.openssh = {
banner = ''
==================================================================
=== ==== ==== ========= ================================= ===
=== ==== ==== ========= ================================= ===
=== ==== ==== ========= ================================= ===
=== ==== ==== === === === ==== === = = ==== === ===
=== == == === = == == = == == == = == ===
==== == == === == == ===== = == = = == == ===
==== == == === ===== == ===== = == = = == ==========
===== == ==== = == == = == = == = = == = == ===
====== ==== ====== === === ==== === = = === === ===
==================================================================
'';
enable = true;
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
};
};
};
}

59
modules/network/syncthing.nix Normal file
View file

@ -0,0 +1,59 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: let
inherit (lib) mkEnableOption mkIf mkOption types;
cfg = config.horseman.network.syncthing;
in {
options = {
horseman.network.syncthing = {
enable = mkEnableOption "";
};
};
config = {
services.syncthing = {
enable = true;
user = "horseman";
dataDir = "/home/horseman";
configDir = "/home/horseman/.config/syncthing";
overrideDevices = true;
overrideFolders = true;
settings = {
options = {
urAccepted = -1;
};
devices = {
"luna" = {
id = "MW4ZTAX-D7KDLRL-YHNGNCF-V6FW5L4-SCKQKES-BO7KV43-L5667GL-JHIYEAA";
autoAcceptFolders = true;
name = "luna";
};
"terra" = {
id = "2QWRFLY-ZUY5C6C-X36R5CY-PJSGLYY-5HWIWJN-2YYWRPU-T66GJMU-GXTQ6QK";
autoAcceptFolders = true;
name = "terra";
};
"solis" = {
id = "YOSYADZ-3OZ3XBH-7XEIK2W-DHAEIFD-5P5ZIHB-PAP74DH-T7GHLKT-O32YEA4";
autoAcceptFolders = true;
name = "solis";
};
};
folders = {
"Documents" = {
id = "documentFolder";
path = "/home/horseman/Documents";
devices = ["luna" "terra" "solis"];
};
};
};
};
networking.firewall.allowedUDPPorts = [22000 21027];
networking.firewall.allowedTCPPorts = [8384 22000];
};
}

21
modules/network/tailscale.nix Normal file
View file

@ -0,0 +1,21 @@
{
inputs,
outputs,
lib,
config,
pkgs,
...
}: let
inherit (lib) mkEnableOption mkIf mkOption types;
cfg = config.horseman.network.tailscale;
in {
options = {
horseman.network.tailscale = {
enable = mkEnableOption "Enable the Tailscale VPN service";
};
};
config = {
services.tailscale.enable = true;
};
}