2022-10-02 23:33:47 +02:00
|
|
|
{ config, pkgs, ... }:
|
2022-12-01 22:13:05 +01:00
|
|
|
let vs = config.vault-secrets.secrets;
|
|
|
|
in {
|
|
|
|
imports = [ ./rtorrent.nix ];
|
2022-10-02 23:33:47 +02:00
|
|
|
|
|
|
|
networking.interfaces.eth0.useDHCP = true;
|
|
|
|
system.stateVersion = "22.05";
|
|
|
|
|
|
|
|
fileSystems."/mnt/storage" = {
|
|
|
|
device = "storage:/mnt/storage";
|
|
|
|
fsType = "nfs";
|
|
|
|
};
|
|
|
|
|
|
|
|
services.flood = {
|
|
|
|
enable = true;
|
|
|
|
host = "0.0.0.0";
|
|
|
|
openFirewall = true;
|
2022-12-01 22:13:05 +01:00
|
|
|
inherit (config.services.rtorrent) downloadDir;
|
2022-10-02 23:33:47 +02:00
|
|
|
};
|
|
|
|
|
2022-12-01 22:13:05 +01:00
|
|
|
vault-secrets.secrets.rtorrent = { services = [ "wg-quick-wg0" ]; };
|
2022-10-02 23:33:47 +02:00
|
|
|
|
|
|
|
# Mullvad VPN
|
2022-12-01 22:13:05 +01:00
|
|
|
networking.wg-quick.interfaces = let
|
2022-10-17 18:28:54 +02:00
|
|
|
postUpScript = pkgs.writeScriptBin "post_up" ''
|
|
|
|
#!${pkgs.stdenv.shell}
|
|
|
|
${pkgs.iproute2}/bin/ip route add 10.42.42.0/23 via 192.168.0.1
|
|
|
|
${pkgs.iproute2}/bin/ip route add 10.100.0.0/24 via 192.168.0.1
|
|
|
|
'';
|
2022-12-01 22:13:05 +01:00
|
|
|
in {
|
2022-10-02 23:33:47 +02:00
|
|
|
wg0 = {
|
|
|
|
address = [ "10.66.153.191/32" "fc00:bbbb:bbbb:bb01::3:99be/128" ];
|
2023-03-25 16:50:16 +01:00
|
|
|
dns = [ "10.64.0.1" ];
|
2022-10-02 23:33:47 +02:00
|
|
|
privateKeyFile = "${vs.rtorrent}/wireguardKey";
|
2022-10-17 22:00:49 +02:00
|
|
|
postUp = "${postUpScript}/bin/post_up || true";
|
2022-10-02 23:33:47 +02:00
|
|
|
|
2022-12-01 22:13:05 +01:00
|
|
|
peers = [{
|
2023-03-25 16:50:16 +01:00
|
|
|
publicKey = "DVui+5aifNFRIVDjH3v2y+dQ+uwI+HFZOd21ajbEpBo=";
|
2022-12-01 22:13:05 +01:00
|
|
|
allowedIPs = [ "0.0.0.0/0" "::/0" ];
|
2023-03-25 16:50:16 +01:00
|
|
|
endpoint = "185.65.134.82:51820";
|
2022-12-01 22:13:05 +01:00
|
|
|
persistentKeepalive = 25;
|
|
|
|
}];
|
2022-10-02 23:33:47 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|