From 6b02a84975457baf19051a51dfa85c8d802d9189 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Wed, 12 Oct 2022 01:29:08 +0200 Subject: [PATCH] core01: initialize tunnels setup --- machines/core-services-01/configuration.nix | 4 +++- machines/core-services-01/tunnels.nix | 19 +++++++++++++++++++ machines/public-cof/minecraft.nix | 4 ++-- 3 files changed, 24 insertions(+), 3 deletions(-) create mode 100644 machines/core-services-01/tunnels.nix diff --git a/machines/core-services-01/configuration.nix b/machines/core-services-01/configuration.nix index dcf85af..9ff2a3f 100644 --- a/machines/core-services-01/configuration.nix +++ b/machines/core-services-01/configuration.nix @@ -25,6 +25,7 @@ ./oauth2_proxy.nix ./secrets ./matterbridge.nix + ./tunnels.nix # TODO push to gitea # TODO ./gotify.nix # TODO(Raito): ./backups.nix @@ -94,5 +95,6 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "20.09"; # Did you read the comment? + system.stateVersion = "22.05"; # Did you read the comment? + environment.variables.NIX_PATH = lib.mkForce "/var/src"; } diff --git a/machines/core-services-01/tunnels.nix b/machines/core-services-01/tunnels.nix new file mode 100644 index 0000000..a396adc --- /dev/null +++ b/machines/core-services-01/tunnels.nix @@ -0,0 +1,19 @@ +{ ... }: { + networking.wireguard.interfaces.wgalpha = { + privateKeyFile = "/etc/secrets/wireguard/wgalpha"; + listenPort = 9999; + + ips = [ + "fdee:a536:13fa:53ab::2/128" + ]; + + peers = [ + { + publicKey = "yAdQRTHn9Yko2r24j8tlxWBz0nYzHRxryPFq8t44Xw4="; + allowedIPs = [ "fdee:a536:13fa:53ab::1/128" ]; + } + ]; + }; + + networking.firewall.allowedUDPPorts = [ 9999 ]; +} diff --git a/machines/public-cof/minecraft.nix b/machines/public-cof/minecraft.nix index c56701f..089b0ae 100644 --- a/machines/public-cof/minecraft.nix +++ b/machines/public-cof/minecraft.nix @@ -2,8 +2,8 @@ let papermc = { ram = 4; # In GB - version = "1.18.2"; - build = 270; + version = "1.19.2"; + build = 200; sha256 = "M3/z7lgHVDG+WqxPvyrxvfobEvkkPf90bDoN/Dq+VZY="; }; port = 25565;