jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

no idea

Browse Source
This commit is contained in:
Danilo Reyes
2026-02-15 14:58:30 -06:00
parent a5f45292ff
commit 8b425259d5
6 changed files with 78 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
hosts/vps/configuration.nix
View File

@@ -10,6 +10,7 @@ let
wgInterface = "wg0";
ips = {
homeServer = config.my.ips.wg-server;
wgWorkstation = config.my.ips.wg-workstation;
wgFriend1 = config.my.ips.wg-friend1;
wgGuest1 = config.my.ips.wg-guest1;
wgGuest2 = config.my.ips.wg-guest2;
@@ -20,15 +21,15 @@ let
wgHomelab = config.my.subnets.wg-homelab;
};
ports = {
giteaSsh = 22;
ssh = 3456;
giteaSsh = config.my.ports.giteaSsh;
ssh = config.my.ports.ssh;
web = [
80
443
];
wg = 51820;
syncthing = 22000;
synapseFederation = 8448;
wg = config.my.ports.wg;
syncthing = config.my.ports.syncthingRelay;
synapseFederation = config.my.ports.synapseSsl;
};
portsStr = {
giteaSsh = toString ports.giteaSsh;
@@ -40,6 +41,10 @@ let
jellyfin = toString config.my.servers.jellyfin.port;
audiobookshelf = toString config.my.servers.audiobookshelf.port;
kavita = toString config.my.servers.kavita.port;
openWebui = toString config.my.ports.openWebui;
sillytavern = toString config.my.ports.sillytavern;
ollama = toString config.my.ports.ollama;
comfyui = toString config.my.ports.comfyui;
};
in
{
@@ -114,6 +119,8 @@ in
iifname "${wgInterface}" ip saddr ${subnets.wgGuests} ip daddr ${ips.homeServer}/32 icmp type echo-request accept
iifname "${wgInterface}" ip saddr ${subnets.wgHomelab} ip daddr ${ips.homeServer}/32 accept
iifname "${wgInterface}" ip saddr ${subnets.wgHomelab} ip daddr ${ips.wgWorkstation}/32 tcp dport { ${portsStr.openWebui}, ${portsStr.sillytavern}, ${portsStr.ollama}, ${portsStr.comfyui} } accept
iifname "${wgInterface}" ip saddr ${ips.wgWorkstation}/32 ip daddr ${subnets.wgHomelab} tcp sport { ${portsStr.openWebui}, ${portsStr.sillytavern}, ${portsStr.ollama}, ${portsStr.comfyui} } accept
iifname "${wgInterface}" ip saddr ${subnets.wgFriends} oifname "${externalInterface}" accept
iifname "${wgInterface}" ip saddr ${subnets.wgGuests} oifname "${externalInterface}" accept