SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-01-21 14:01:34 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Create networking abstraction

Browse source
This commit is contained in:
SebastianStork 2026-01-11 18:24:11 +01:00
parent 6804112df6
commit 9bbd0c3e89
Signed by: SebastianStork
SSH key fingerprint: SHA256:tRrGdjYOwgHxpSc/wTOZQZEjxcb15P0tyXRsbAfd+2Q
15 changed files with 221 additions and 165 deletions
Download patch file Download diff file Expand all files Collapse all files

12
hosts/desktop/default.nix
View file

@ -10,6 +10,11 @@
boot.kernelPackages = pkgs.linuxPackages_latest;
custom = {
networking = {
overlay.address = "10.254.250.1";
isClient = true;
};
sops.enable = true;
boot = {
@ -26,11 +31,8 @@
services = {
gc.enable = true;
sound.enable = true;
nebula.node = {
enable = true;
address = "10.254.250.1";
isClient = true;
};
nebula.node.enable = true;
sshd.enable = true;
syncthing = {
enable = true;
deviceId = "FAJS5WM-UAWGW2U-FXCGPSP-VAUOTGM-XUKSEES-D66PMCJ-WBODJLV-XTNCRA7";

12
hosts/laptop/default.nix
View file

@ -10,6 +10,11 @@
boot.kernelPackages = pkgs.linuxPackages_latest;
custom = {
networking = {
overlay.address = "10.254.250.3";
isClient = true;
};
sops.enable = true;
boot = {
@ -29,11 +34,8 @@
wlan.enable = true;
bluetooth.enable = true;
sound.enable = true;
nebula.node = {
enable = true;
address = "10.254.250.3";
isClient = true;
};
nebula.node.enable = true;
sshd.enable = true;
syncthing = {
enable = true;
deviceId = "Q4YPD3V-GXZPHSN-PT5X4PU-FBG4GX2-IASBX75-7NYMG75-4EJHBMZ-4WGDDAP";

23
hosts/vps-monitor/default.nix
View file

@ -14,6 +14,16 @@
};
custom = {
networking = {
overlay.address = "10.254.250.5";
underlay = {
address = "188.245.223.145";
isPublic = true;
};
isServer = true;
isLighthouse = true;
};
persistence.enable = true;
sops.enable = true;
@ -26,19 +36,14 @@
onlyCleanRoots = true;
};
nebula.node = {
enable = true;
address = "10.254.250.5";
routableAddress = "188.245.223.145";
isLighthouse = true;
isServer = true;
dns.enable = true;
};
nebula.node.enable = true;
sshd.enable = true;
dns.enable = true;
};
web-services =
let
privateDomain = config.custom.services.nebula.network.domain;
privateDomain = config.custom.networking.overlay.domain;
in
{
gatus = {

23
hosts/vps-private/default.nix
View file

@ -15,9 +15,19 @@
custom =
let
privateDomain = config.custom.services.nebula.network.domain;
privateDomain = config.custom.networking.overlay.domain;
in
{
networking = {
overlay.address = "10.254.250.2";
underlay = {
address = "49.13.231.235";
isPublic = true;
};
isServer = true;
isLighthouse = true;
};
persistence.enable = true;
sops.enable = true;
@ -30,14 +40,9 @@
onlyCleanRoots = true;
};
nebula.node = {
enable = true;
address = "10.254.250.2";
routableAddress = "49.13.231.235";
isLighthouse = true;
isServer = true;
dns.enable = true;
};
nebula.node.enable = true;
sshd.enable = true;
dns.enable = true;
syncthing = {
enable = true;

19
hosts/vps-public/default.nix
View file

@ -16,6 +16,15 @@
custom = {
persistence.enable = true;
networking = {
overlay.address = "10.254.250.4";
underlay = {
address = "167.235.73.246";
isPublic = true;
};
isServer = true;
};
sops.enable = true;
boot.loader.systemd-boot.enable = true;
@ -26,12 +35,8 @@
onlyCleanRoots = true;
};
nebula.node = {
enable = true;
address = "10.254.250.4";
routableAddress = "167.235.73.246";
isServer = true;
};
nebula.node.enable = true;
sshd.enable = true;
crowdsec = {
enable = true;
@ -76,7 +81,7 @@
alloy = {
enable = true;
domain = "alloy.${config.networking.hostName}.${config.custom.services.nebula.network.domain}";
domain = "alloy.${config.networking.hostName}.${config.custom.networking.overlay.domain}";
};
};
};