mirror of
https://github.com/donovanglover/nix-config.git
synced 2025-01-24 14:48:37 +01:00
meta: Add options for networking module
Now it's possible to use the system without mullvad vpn.
This commit is contained in:
parent
ecb2463ee7
commit
3da9c62869
14
flake.nix
14
flake.nix
@ -57,10 +57,16 @@
|
|||||||
home-manager.sharedModules = builtins.attrValues self.homeManagerModules;
|
home-manager.sharedModules = builtins.attrValues self.homeManagerModules;
|
||||||
environment.systemPackages = builtins.attrValues self.packages.x86_64-linux;
|
environment.systemPackages = builtins.attrValues self.packages.x86_64-linux;
|
||||||
|
|
||||||
modules.hardware = {
|
modules = {
|
||||||
disableLaptopKeyboard = true;
|
hardware = {
|
||||||
lidIgnore = true;
|
disableLaptopKeyboard = true;
|
||||||
powerIgnore = true;
|
lidIgnore = true;
|
||||||
|
powerIgnore = true;
|
||||||
|
};
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
mullvad = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
@ -1,40 +1,62 @@
|
|||||||
|
{ config, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
inherit (lib) mkEnableOption mkOption mkIf;
|
||||||
|
inherit (lib.types) string;
|
||||||
|
|
||||||
|
cfg = config.modules.networking;
|
||||||
|
in
|
||||||
{
|
{
|
||||||
networking = {
|
options.modules.networking = {
|
||||||
hostName = "nixos";
|
mullvad = mkEnableOption "mullvad vpn";
|
||||||
|
|
||||||
networkmanager = {
|
hostName = mkOption {
|
||||||
enable = true;
|
type = string;
|
||||||
wifi.macAddress = "random";
|
default = "nixos";
|
||||||
ethernet.macAddress = "random";
|
|
||||||
|
|
||||||
unmanaged = [ "interface-name:ve-*" ];
|
|
||||||
};
|
};
|
||||||
|
|
||||||
useHostResolvConf = true;
|
allowSRB2Port = mkEnableOption "port for srb2";
|
||||||
|
allowZolaPort = mkEnableOption "port for zola";
|
||||||
resolvconf.enable = false;
|
|
||||||
|
|
||||||
nat = {
|
|
||||||
enable = true;
|
|
||||||
internalInterfaces = [ "ve-+" ];
|
|
||||||
externalInterface = "wg-mullvad";
|
|
||||||
};
|
|
||||||
|
|
||||||
firewall = {
|
|
||||||
allowedUDPPorts = [
|
|
||||||
5029
|
|
||||||
];
|
|
||||||
|
|
||||||
allowedTCPPorts = [
|
|
||||||
1111
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.resolved.llmnr = "false";
|
config = with cfg; {
|
||||||
|
networking = {
|
||||||
|
inherit hostName;
|
||||||
|
|
||||||
services.mullvad-vpn = {
|
networkmanager = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableExcludeWrapper = false;
|
wifi.macAddress = "random";
|
||||||
|
ethernet.macAddress = "random";
|
||||||
|
|
||||||
|
unmanaged = [ "interface-name:ve-*" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
useHostResolvConf = true;
|
||||||
|
|
||||||
|
resolvconf.enable = mkIf mullvad false;
|
||||||
|
|
||||||
|
nat = mkIf mullvad {
|
||||||
|
enable = true;
|
||||||
|
internalInterfaces = [ "ve-+" ];
|
||||||
|
externalInterface = "wg-mullvad";
|
||||||
|
};
|
||||||
|
|
||||||
|
firewall = {
|
||||||
|
allowedUDPPorts = mkIf allowSRB2Port [
|
||||||
|
5029
|
||||||
|
];
|
||||||
|
|
||||||
|
allowedTCPPorts = mkIf allowZolaPort [
|
||||||
|
1111
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
services.resolved.llmnr = "false";
|
||||||
|
|
||||||
|
services.mullvad-vpn = mkIf mullvad {
|
||||||
|
enable = true;
|
||||||
|
enableExcludeWrapper = false;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user