Git/Nixconfigs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Openvpn instead

Browse source
This commit is contained in:
Maxiem Geldhof 2025-12-14 20:40:52 +01:00
parent bf16d0a22b
commit 374e44e5ad
3 changed files with 16 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
keys/scribe Normal file
View file

Binary file not shown.

1
keys/secrets.nix
View file

@ -15,5 +15,6 @@ in
"wg-ren.priv".publicKeys = macbook++master++ren; "wg-ren.priv".publicKeys = macbook++master++ren;
"ren.priv".publicKeys = master ++ ren; "ren.priv".publicKeys = master ++ ren;
"wg-scribe".publicKeys = master ++ ren ++ macbook; "wg-scribe".publicKeys = master ++ ren ++ macbook;
"scribe".publicKeys = master ++ ren ++ macbook;
"smbshare".publicKeys = master ++ macbook ++ ren ++ selene; "smbshare".publicKeys = master ++ macbook ++ ren ++ selene;
} }

24
modules/servermodules/arr/arr.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, config, ... }:
let let
mediaGroup = "media"; mediaGroup = "media";
in in
@ -15,12 +15,18 @@ in
]; ];
}; };
age.secrets.wg-scribe = { age.secrets.vpn = {
file = ../../../keys/wg-scribe; file = ../../../keys/scribe;
path = "/etc/wireguard/wg-scribe.conf"; owner = "ren";
}; };
networking.firewall.trustedInterfaces = [ "wg-selene" "wg-scribe" ]; services.openvpn.servers = {
officeVPN = {
config = ''config ${config.age.secrets.vpn.path} '';
};
};
networking.firewall.trustedInterfaces = [ "wg-selene" ];
networking.firewall.allowedUDPPorts = [ 23379 ]; networking.firewall.allowedUDPPorts = [ 23379 ];
networking.firewall.allowedTCPPorts = [ 23379 ]; networking.firewall.allowedTCPPorts = [ 23379 ];
@ -28,10 +34,10 @@ in
services.prowlarr.enable = true; services.prowlarr.enable = true;
services.deluge = { services.deluge = {
enable = true; enable = true;
web.enable = true; web.enable = true;
user = "torrenter"; user = "torrenter";
group = mediaGroup; group = mediaGroup;
}; };