update & mullvad
This commit is contained in:
Henri Dohmen
parent
bdccb2f265
commit
075a0eb59a
3 changed files with 26 additions and 39 deletions
12
flake.lock
generated
12
flake.lock
generated
|
|
@ -60,11 +60,11 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1748227609,
|
"lastModified": 1748489961,
|
||||||
"narHash": "sha256-SaSdslyo6UGDpPUlmrPA4dWOEuxCy2ihRN9K6BnqYsA=",
|
"narHash": "sha256-uGnudxMoQi2c8rpPoHXuQSm80NBqlOiNF4xdT3hhzLM=",
|
||||||
"owner": "nix-community",
|
"owner": "nix-community",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "d23d20f55d49d8818ac1f1b2783671e8a6725022",
|
"rev": "95c988cf08e9a5a8fe7cc275d5e3f24e9e87bd51",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
@ -148,11 +148,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs_2": {
|
"nixpkgs_2": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1748190013,
|
"lastModified": 1748370509,
|
||||||
"narHash": "sha256-R5HJFflOfsP5FBtk+zE8FpL8uqE7n62jqOsADvVshhE=",
|
"narHash": "sha256-QlL8slIgc16W5UaI3w7xHQEP+Qmv/6vSNTpoZrrSlbk=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "62b852f6c6742134ade1abdd2a21685fd617a291",
|
"rev": "4faa5f5321320e49a78ae7848582f684d64783e9",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
|
||||||
|
|
@ -16,5 +16,7 @@
|
||||||
|
|
||||||
kernelPackages = pkgs.linuxPackages_6_13;
|
kernelPackages = pkgs.linuxPackages_6_13;
|
||||||
kernel.sysctl."kernel.sysrq" = 1;
|
kernel.sysctl."kernel.sysrq" = 1;
|
||||||
|
|
||||||
|
initrd.systemd.network.wait-online.enable = false;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -6,15 +6,28 @@
|
||||||
}:
|
}:
|
||||||
{
|
{
|
||||||
hardware.bluetooth.enable = true;
|
hardware.bluetooth.enable = true;
|
||||||
services.blueman.enable = true;
|
systemd.network.wait-online.enable = false;
|
||||||
systemd.services.NetworkManager-wait-online.enable = false;
|
|
||||||
|
|
||||||
services.tailscale = {
|
services = {
|
||||||
enable = true;
|
tailscale = {
|
||||||
useRoutingFeatures = "client";
|
enable = true;
|
||||||
|
useRoutingFeatures = "client";
|
||||||
|
};
|
||||||
|
mullvad-vpn.enable = true;
|
||||||
|
blueman.enable = true;
|
||||||
|
resolved = {
|
||||||
|
enable = true;
|
||||||
|
dnssec = "true";
|
||||||
|
dnsovertls = "true";
|
||||||
|
fallbackDns = [ ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
|
nameservers = [
|
||||||
|
"1.1.1.1#one.one.one.one"
|
||||||
|
"1.0.0.1#one.one.one.one"
|
||||||
|
];
|
||||||
enableIPv6 = true;
|
enableIPv6 = true;
|
||||||
|
|
||||||
wireguard.enable = true;
|
wireguard.enable = true;
|
||||||
|
|
@ -25,34 +38,6 @@
|
||||||
privateKeyFile = var.wg.keyFile;
|
privateKeyFile = var.wg.keyFile;
|
||||||
peers = [ (lib.removeAttrs var.wg.wireguard-network."roam" [ "ips" ]) ];
|
peers = [ (lib.removeAttrs var.wg.wireguard-network."roam" [ "ips" ]) ];
|
||||||
};
|
};
|
||||||
"mullvad" =
|
|
||||||
let
|
|
||||||
conf = {
|
|
||||||
"solo".ips = [
|
|
||||||
"10.68.140.249/32"
|
|
||||||
"fc00:bbbb:bbbb:bb01::5:8cf8/128"
|
|
||||||
];
|
|
||||||
"c2".ips = [
|
|
||||||
"10.64.179.105/32"
|
|
||||||
"fc00:bbbb:bbbb:bb01::1:b368/128"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
address = conf.${host}.ips;
|
|
||||||
privateKeyFile = var.wg.keyFile;
|
|
||||||
peers = [
|
|
||||||
{
|
|
||||||
allowedIPs = [
|
|
||||||
"0.0.0.0/0"
|
|
||||||
"::0/0"
|
|
||||||
];
|
|
||||||
endpoint = "185.213.155.72:51820";
|
|
||||||
publicKey = "flq7zR8W5FxouHBuZoTRHY0A0qFEMQZF5uAgV4+sHVw=";
|
|
||||||
persistentKeepalive = 23;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue