netconf: remove old Hurricane HW addr
This commit is contained in:
parent
ef76063cd3
commit
b44c7062b5
|
@ -4,18 +4,20 @@
|
||||||
networking.domain = "uninsane.org";
|
networking.domain = "uninsane.org";
|
||||||
|
|
||||||
# TODO: enable firewall
|
# TODO: enable firewall
|
||||||
networking.firewall.enable = false;
|
# networking.firewall.enable = false;
|
||||||
# networking.firewall.allowedTCPPorts = [ 25 80 443 ];
|
networking.firewall.enable = true;
|
||||||
# # DLNA ports: https://jellyfin.org/docs/general/networking/index.html
|
networking.firewall.allowedTCPPorts = [ 25 80 443 ];
|
||||||
# networking.firewall.allowedUDPPorts = [ 1900 7359 ];
|
# DLNA ports: https://jellyfin.org/docs/general/networking/index.html
|
||||||
|
networking.firewall.allowedUDPPorts = [ 1900 7359 ];
|
||||||
|
|
||||||
# OVPN CONFIG:
|
# OVPN CONFIG:
|
||||||
# DOCS: https://nixos.wiki/wiki/WireGuard
|
# DOCS: https://nixos.wiki/wiki/WireGuard
|
||||||
# note: without the namespace, you'll need to add a specific route through eth0 for the peer (185.157.162.7/32)
|
|
||||||
networking.wireguard.enable = true;
|
networking.wireguard.enable = true;
|
||||||
networking.wireguard.interfaces.wg0 = {
|
networking.wireguard.interfaces.wg0 = {
|
||||||
privateKeyFile = "/etc/nixos/wireguard.private";
|
privateKeyFile = "/etc/nixos/wireguard.private";
|
||||||
# listenPort = 51820; # shouldn't be necessary
|
# wg is active only in this namespace.
|
||||||
|
# run e.g. ip netns ovpns <some command like ping/curl/etc, it'll go through wg>
|
||||||
|
# note: without the namespace, you'll need to add a specific route through eth0 for the peer (185.157.162.7/32)
|
||||||
interfaceNamespace = "ovpns";
|
interfaceNamespace = "ovpns";
|
||||||
preSetup = "${pkgs.iproute2}/bin/ip netns add ovpns || true";
|
preSetup = "${pkgs.iproute2}/bin/ip netns add ovpns || true";
|
||||||
postShutdown = "${pkgs.iproute2}/bin/ip netns delete ovpns";
|
postShutdown = "${pkgs.iproute2}/bin/ip netns delete ovpns";
|
||||||
|
@ -26,12 +28,7 @@
|
||||||
{
|
{
|
||||||
publicKey = "Qno+hILmJ8TZ6/PpOOhtspmncyILY2phiTBFaER9IFE=";
|
publicKey = "Qno+hILmJ8TZ6/PpOOhtspmncyILY2phiTBFaER9IFE=";
|
||||||
endpoint = "vpn29.prd.amsterdam.ovpn.com:9930";
|
endpoint = "vpn29.prd.amsterdam.ovpn.com:9930";
|
||||||
# TODO: switch back to 0.0.0.0/0?
|
allowedIPs = [ "0.0.0.0/0" ];
|
||||||
# allowedIPs = [ "0.0.0.0/0" ];
|
|
||||||
allowedIPs = [
|
|
||||||
"0.0.0.0/1"
|
|
||||||
"128.0.0.0/1"
|
|
||||||
];
|
|
||||||
# nixOS says this is important for keeping NATs active
|
# nixOS says this is important for keeping NATs active
|
||||||
persistentKeepalive = 25;
|
persistentKeepalive = 25;
|
||||||
}
|
}
|
||||||
|
@ -62,11 +59,6 @@
|
||||||
# # address = "2001:470:a:466::2";
|
# # address = "2001:470:a:466::2";
|
||||||
# # prefixLength = 64;
|
# # prefixLength = 64;
|
||||||
# # }
|
# # }
|
||||||
# # HW addr?
|
|
||||||
# # {
|
|
||||||
# # address = "fe80::c0a8:16";
|
|
||||||
# # prefixLength = 64;
|
|
||||||
# # }
|
|
||||||
# ];
|
# ];
|
||||||
# routes = [
|
# routes = [
|
||||||
# {
|
# {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user