jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

code rules
All checks were successful
MCP Tests / mcp-tests (push) Successful in 19s
Details

Browse Source
This commit is contained in:
Danilo Reyes
2026-03-23 15:49:51 -06:00
parent 32729627b1
commit 66483c89ac
75 changed files with 530 additions and 512 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
config/derek.nix
View File

@@ -15,6 +15,9 @@ let
};
in
{
sops.secrets = lib.mkIf config.my.secureHost {
derek-password.neededForUsers = true;
};
my = {
stylix = enableForDerek;
emacs = enableForDerek;
@@ -34,9 +37,6 @@ in
multimedia = enableForDerek;
};
};
sops.secrets = lib.mkIf config.my.secureHost {
derek-password.neededForUsers = true;
};
services = {
tailscale.enable = true;
sunshine = {
@@ -48,17 +48,15 @@ in
};
networking.nftables = {
enable = true;
tables = {
local-uid-block = {
family = "inet";
content = ''
chain output {
type filter hook output priority 0; policy accept;
meta skuid ${toString derekUid} ip daddr 127.0.0.1 tcp dport { ${toString openWebuiPort}, ${toString sillytavernPort} } drop
meta skuid ${toString derekUid} ip6 daddr ::1 tcp dport { ${toString openWebuiPort}, ${toString sillytavernPort} } drop
}
'';
};
tables.local-uid-block = {
family = "inet";
content = ''
chain output {
type filter hook output priority 0; policy accept;
meta skuid ${toString derekUid} ip daddr 127.0.0.1 tcp dport { ${toString openWebuiPort}, ${toString sillytavernPort} } drop
meta skuid ${toString derekUid} ip6 daddr ::1 tcp dport { ${toString openWebuiPort}, ${toString sillytavernPort} } drop
}
'';
};
};
users.users.bearded_dragonn = {