From 2524a1b80a983d0e4ef4796477bd2a8c812acb69 Mon Sep 17 00:00:00 2001 From: Mike Vink Date: Sun, 11 Feb 2024 13:03:07 +0100 Subject: error --- machines/lemptop.nix | 29 +++++++++++++++++++++++------ machines/pump.nix | 19 +++++++++++++++++++ 2 files changed, 42 insertions(+), 6 deletions(-) (limited to 'machines') diff --git a/machines/lemptop.nix b/machines/lemptop.nix index 667db8f..5c9b5e0 100644 --- a/machines/lemptop.nix +++ b/machines/lemptop.nix @@ -1,6 +1,3 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: { @@ -10,15 +7,35 @@ networking.nameservers = ["192.168.2.13"]; sops.age.keyFile = "${config.hm.xdg.configHome}/sops/age/keys.txt"; + services.tailscale.enable = true; + networking.firewall = { + trustedInterfaces = [ "tailscale0" ]; + allowedUDPPorts = [ config.services.tailscale.port ]; + }; + services.syncthing = { + cert = builtins.toFile "syncthing-cert" '' + -----BEGIN CERTIFICATE----- + MIICHDCCAaKgAwIBAgIIFZKAkMwT4FgwCgYIKoZIzj0EAwIwSjESMBAGA1UEChMJ + U3luY3RoaW5nMSAwHgYDVQQLExdBdXRvbWF0aWNhbGx5IEdlbmVyYXRlZDESMBAG + A1UEAxMJc3luY3RoaW5nMB4XDTI0MDIxMTAwMDAwMFoXDTQ0MDIwNjAwMDAwMFow + SjESMBAGA1UEChMJU3luY3RoaW5nMSAwHgYDVQQLExdBdXRvbWF0aWNhbGx5IEdl + bmVyYXRlZDESMBAGA1UEAxMJc3luY3RoaW5nMHYwEAYHKoZIzj0CAQYFK4EEACID + YgAE3vRYSYSQ0ZRPG97Bo9m+0LMVGGiJ3/2I+QBaWHe+pDMh3nB7cOV04z9s2q7z + MNjIsWYBPVUxIKFdIMfFN4svH2YpDt1Ps4AdfdPVUv/EsCIoyrtAc13Y64GJSKtF + GFKao1UwUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG + AQUFBwMCMAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJc3luY3RoaW5nMAoGCCqG + SM49BAMCA2gAMGUCMQDgWiqyibzhjXcbVVj0ZR8uITLTrZrrpUT13iiL674JK7uV + DRY28bmdBaZXrOPvOgICMDq8lNeqdQ/jq5CCLe+KJZdtJ/E4XWtls3av09XP+DXK + BtFKP2jvlC7HHtZMKManKQ== + -----END CERTIFICATE----- + ''; + }; documentation.dev.enable = true; networking.hostName = "lemptop"; networking.networkmanager.enable = true; programs.slock.enable = true; - services.transmission = { - enable = true; - }; services.xserver.enable = true; services.xserver.displayManager.startx.enable = true; services.xserver.libinput.enable = true; diff --git a/machines/pump.nix b/machines/pump.nix index 69a2720..4045b79 100644 --- a/machines/pump.nix +++ b/machines/pump.nix @@ -12,6 +12,25 @@ settings.X11Forwarding = true; }; sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; + services.syncthing = { + cert = builtins.toFile "syncthing-cert" '' + -----BEGIN CERTIFICATE----- + MIICGzCCAaKgAwIBAgIIRGieK4FEhD0wCgYIKoZIzj0EAwIwSjESMBAGA1UEChMJ + U3luY3RoaW5nMSAwHgYDVQQLExdBdXRvbWF0aWNhbGx5IEdlbmVyYXRlZDESMBAG + A1UEAxMJc3luY3RoaW5nMB4XDTI0MDIxMTAwMDAwMFoXDTQ0MDIwNjAwMDAwMFow + SjESMBAGA1UEChMJU3luY3RoaW5nMSAwHgYDVQQLExdBdXRvbWF0aWNhbGx5IEdl + bmVyYXRlZDESMBAGA1UEAxMJc3luY3RoaW5nMHYwEAYHKoZIzj0CAQYFK4EEACID + YgAEH/4taBY2lcNBXZCxNOklTahIlhN+ypYMOqw7LNlKZVdv7JzRR67akp/F99mF + PA+IB1CQoPOTXUjnhm84Tob/8MoUA1jM5uspclxXG95eMw2J7E7svBEGJA2RsEQE + dsU3o1UwUzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG + AQUFBwMCMAwGA1UdEwEB/wQCMAAwFAYDVR0RBA0wC4IJc3luY3RoaW5nMAoGCCqG + SM49BAMCA2cAMGQCMCP0Ro0ZjGfQf9R3x3neKZzrJxkD11ZK9NBNTaeWAKbrhkjp + qqW9uTONfIOXZmgtrQIwf6Ykr934UA5I6Rk8qNV8d082n3FNMw1NgK9GmUv2XMZ5 + eOpDAYJrhLx5jb7d3L4/ + -----END CERTIFICATE----- + ''; + }; + networking.hostName = "pump"; networking.domain = "vinkies.net"; -- cgit v1.2.3