sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: generate secrets

Browse source
This commit is contained in:
oddlama 2023-06-12 01:03:44 +02:00
parent f33fa54b65
commit 69bd2a71ce
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
24 changed files with 154 additions and 65 deletions
Download patch file Download diff file Expand all files Collapse all files

1
modules/distributed-config.nix
View file

@ -34,6 +34,7 @@ in {
foreignConfigs = map (n: colmenaNodes.${n}.config.nodes.${nodeName} or {}) otherNodes;
toplevelAttrs = ["age" "networking" "systemd" "services"];
in
todo wrong, currently extension FROM microvms is not possible
{
assertions =
map (n: {

25
modules/proxy-via-sentinel.nix Normal file
View file

@ -0,0 +1,25 @@
{
lib,
nodes,
...
}: {
extra.wireguard.proxy-sentinel.client.via = "sentinel";
networking.nftables.firewall = {
zones = lib.mkForce {
proxy-sentinel.interfaces = ["proxy-sentinel"];
sentinel = {
parent = "proxy-sentinel";
ipv4Addresses = [nodes.sentinel.config.extra.wireguard.proxy-sentinel.ipv4];
ipv6Addresses = [nodes.sentinel.config.extra.wireguard.proxy-sentinel.ipv6];
};
};
rules = lib.mkForce {
sentinel-to-local = {
from = ["sentinel"];
to = ["local"];
};
};
};
}