mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

feat: add proxy-home vpn to accelerate traffic between local nodes

Browse source
This commit is contained in:
oddlama 2024-05-20 01:35:01 +02:00
parent 34fd783e60
commit b01c521830
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
22 changed files with 123 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

6
hosts/sire/guests/grafana.nix
View file

@ -9,6 +9,10 @@ in {
wireguard.proxy-sentinel = {
client.via = "sentinel";
firewallRuleForNode.sentinel.allowedTCPPorts = [config.services.grafana.settings.server.http_port];
};
wireguard.proxy-home = {
client.via = "ward";
firewallRuleForNode.ward-web-proxy.allowedTCPPorts = [config.services.grafana.settings.server.http_port];
};
@ -82,7 +86,7 @@ in {
nodes.ward-web-proxy = {
services.nginx = {
upstreams.grafana = {
servers."${config.wireguard.proxy-sentinel.ipv4}:${toString config.services.grafana.settings.server.http_port}" = {};
servers."${config.wireguard.proxy-home.ipv4}:${toString config.services.grafana.settings.server.http_port}" = {};
extraConfig = ''
zone grafana 64k;
keepalive 2;

5
hosts/sire/guests/minecraft.nix
View file

@ -360,8 +360,9 @@ in {
];
nodes.sentinel = {
# Make sure to masquerade 25565 (wan) -> 25565 (proxy-sentinel)
# Make sure to masquerade 25566 (wan) -> 25566 (proxy-sentinel)
# Rewrite destination addr with dnat on incoming connections
# and masquerade responses to make them look like they originate from this host.
# - 25565,25566 (wan) -> 25565,25566 (proxy-sentinel)
networking.nftables.chains = {
postrouting.to-minecraft = {
after = ["hook"];