Whitelist zerotier interface
This commit is contained in:
parent
e0be8076cd
commit
37767ad75b
12
flake.nix
12
flake.nix
|
|
@ -62,6 +62,10 @@
|
|||
nixosConfigurations = {
|
||||
#Personal laptop, thinkpad t490
|
||||
athame = nixpkgs.lib.nixosSystem {
|
||||
specialArgs = {
|
||||
inherit inputs outputs;
|
||||
hostname = "athame";
|
||||
};
|
||||
modules = [
|
||||
./nixos/configuration.nix
|
||||
./nixos/kde-desktop.nix
|
||||
|
|
@ -71,6 +75,10 @@
|
|||
};
|
||||
#Work laptop, dell g15.
|
||||
metatron = nixpkgs.lib.nixosSystem {
|
||||
specialArgs = {
|
||||
inherit inputs outputs;
|
||||
hostname = "metatron";
|
||||
};
|
||||
modules = [
|
||||
./nixos/configuration.nix
|
||||
./nixos/kde-desktop.nix
|
||||
|
|
@ -80,6 +88,10 @@
|
|||
];
|
||||
};
|
||||
hearth = nixpkgs.lib.nixosSystem {
|
||||
specialArgs = {
|
||||
inherit inputs outputs;
|
||||
hostname = "hearth";
|
||||
};
|
||||
modules = [
|
||||
./nixos/configuration.nix
|
||||
./nixos/home-assistant.nix
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@
|
|||
services.fwupd.enable = true;
|
||||
|
||||
boot.plymouth = {
|
||||
enable = false;
|
||||
enable = true;
|
||||
themePackages = with pkgs; [ (adi1090x-plymouth-themes.override {selected_themes = [ "rings" ]; }) ];
|
||||
theme = "rings";
|
||||
};
|
||||
|
|
|
|||
|
|
@ -3,9 +3,10 @@
|
|||
{
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
users.extraGroups.vboxusers.members = [ "traverseda" ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
pkgs.qgroundcontrol
|
||||
|
||||
pkgs.distrobox
|
||||
];
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
let
|
||||
privateZeroTierInterfaces = [ "ztmwri5sbj" ]; # ZT NET INTERFACE
|
||||
privateZeroTierInterfaces = [ "zt_aura" ]; # ZT NET INTERFACE
|
||||
in {
|
||||
|
||||
networking.firewall.trustedInterfaces = privateZeroTierInterfaces; # TRUST VPN ONLY
|
||||
|
|
@ -14,6 +14,20 @@ in {
|
|||
services.avahi.nssmdns4 = true;
|
||||
services.avahi.publish.workstation = true; # ADDED TO DESKTOP MACHINES
|
||||
|
||||
systemd.services.createDevicemap = {
|
||||
description = "Create ZeroTier devicemap file";
|
||||
before = [ "zerotierone.service" ]; # Ensure ZeroTier service has started
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
};
|
||||
script = ''
|
||||
mkdir -p /var/lib/zerotier-one
|
||||
echo "e04fa485ed2a4dc4=zt_aura" > /var/lib/zerotier-one/devicemap
|
||||
'';
|
||||
};
|
||||
|
||||
services.zerotierone.enable = true;
|
||||
|
||||
#Don't join zerotier if I'm testing in a VM
|
||||
|
|
|
|||
Loading…
Reference in New Issue