upRootNutrition/dotfiles
1
0
Fork 0
mirror of https://gitlab.com/upRootNutrition/dotfiles.git synced 2025-08-08 12:54:38 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: wireguard test

Browse source
This commit is contained in:
Nick 2025-07-01 05:07:45 -05:00
parent ec2e9e42a3
commit c9da48766b
2 changed files with 6 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/nixos/services/searx/default.nix
View file

@ -46,9 +46,7 @@ in
virtualHosts = { virtualHosts = {
"${configHelpers.host}" = { "${configHelpers.host}" = {
extraConfig = '' extraConfig = ''
@allowed_ips { @not_allowed not remote_ip 10.100.0.2
remote_ip 10.100.0.2
}
respond @not_allowed 403 respond @not_allowed 403
redir /.well-known/carddav /remote.php/dav/ 301 redir /.well-known/carddav /remote.php/dav/ 301

7
systems/mars/config/wireguard.nix Normal file → Executable file
View file

@ -8,12 +8,15 @@ in
networking = { networking = {
wg-quick.interfaces = { wg-quick.interfaces = {
wg0 = { wg0 = {
address = [ mars.wireguard.ip0 ]; address = [ "${mars.wireguard.ip0}/24" ];
privateKeyFile = config.sops.secrets."${service.name}-mars-private".path; privateKeyFile = config.sops.secrets."${service.name}-mars-private".path;
peers = [ peers = [
{ {
publicKey = "fs58+Kz+eG9qAXvvMB2NkW+wa88yP61uam4HHWaBJVw="; publicKey = "fs58+Kz+eG9qAXvvMB2NkW+wa88yP61uam4HHWaBJVw=";
allowedIPs = [ "${web.localhost.address1}/0" ]; allowedIPs = [
"10.100.0.0/24"
"192.168.1.0/24"
];
endpoint = "${web.remotehost.address0}:${builtins.toString service.ports.port0}"; endpoint = "${web.remotehost.address0}:${builtins.toString service.ports.port0}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }