core01: initialize tunnels setup

machines/core-services-01/configuration.nix

@@ -25,6 +25,7 @@
       ./oauth2_proxy.nix
       ./secrets
       ./matterbridge.nix
+      ./tunnels.nix
       # TODO push to gitea
       # TODO ./gotify.nix
       # TODO(Raito): ./backups.nix
@@ -94,5 +95,6 @@
   # this value at the release version of the first install of this system.
   # Before changing this value read the documentation for this option
   # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "20.09"; # Did you read the comment?
+  system.stateVersion = "22.05"; # Did you read the comment?
+  environment.variables.NIX_PATH = lib.mkForce "/var/src";
 }

machines/core-services-01/tunnels.nix

@@ -0,0 +1,19 @@
+{ ... }: {
+  networking.wireguard.interfaces.wgalpha = {
+    privateKeyFile = "/etc/secrets/wireguard/wgalpha";
+    listenPort = 9999;
+
+    ips = [
+      "fdee:a536:13fa:53ab::2/128"
+    ];
+
+    peers = [
+      {
+        publicKey = "yAdQRTHn9Yko2r24j8tlxWBz0nYzHRxryPFq8t44Xw4=";
+        allowedIPs = [ "fdee:a536:13fa:53ab::1/128" ];
+      }
+    ];
+  };
+
+  networking.firewall.allowedUDPPorts = [ 9999 ];
+}

machines/public-cof/minecraft.nix

@@ -2,8 +2,8 @@
 let
   papermc = {
     ram = 4; # In GB
-    version = "1.18.2";
+    version = "1.19.2";
-    build = 270;
+    build = 200;
     sha256 = "M3/z7lgHVDG+WqxPvyrxvfobEvkkPf90bDoN/Dq+VZY=";
   };
   port = 25565;