mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-config.git
synced 2024-11-26 04:51:26 +00:00
Added fixes for disk expansion and VPN networking
This commit is contained in:
parent
8878832ff9
commit
d1620a9680
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -1,3 +1 @@
|
||||||
userdata/userdata.json
|
userdata/userdata.json
|
||||||
hardware-configuration.nix
|
|
||||||
networking.nix
|
|
|
@ -6,7 +6,6 @@ in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
||||||
./variables-module.nix
|
./variables-module.nix
|
||||||
./variables.nix
|
./variables.nix
|
||||||
./files.nix
|
./files.nix
|
||||||
|
@ -34,9 +33,14 @@ in
|
||||||
boot.cleanTmpDir = true;
|
boot.cleanTmpDir = true;
|
||||||
networking = {
|
networking = {
|
||||||
hostName = config.services.userdata.hostname;
|
hostName = config.services.userdata.hostname;
|
||||||
|
usePredictableInterfaceNames = false;
|
||||||
firewall = {
|
firewall = {
|
||||||
allowedTCPPorts = lib.mkForce [ 22 25 80 143 443 465 587 993 8443 ];
|
allowedTCPPorts = lib.mkForce [ 22 25 80 143 443 465 587 993 8443 ];
|
||||||
allowedUDPPorts = lib.mkForce [ 8443 ];
|
allowedUDPPorts = lib.mkForce [ 8443 ];
|
||||||
|
extraCommands = ''
|
||||||
|
iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
|
||||||
|
iptables --append FORWARD --in-interface vpn00 -j ACCEPT
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
nameservers = [ "1.1.1.1" "1.0.0.1" ];
|
nameservers = [ "1.1.1.1" "1.0.0.1" ];
|
||||||
};
|
};
|
||||||
|
|
9
hardware-configuration.nix
Normal file
9
hardware-configuration.nix
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
{ modulesPath, ... }:
|
||||||
|
{
|
||||||
|
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
|
||||||
|
boot.loader.grub.device = "/dev/sda";
|
||||||
|
fileSystems = {
|
||||||
|
"/" = { device = "/dev/sda1"; fsType = "ext4"; };
|
||||||
|
"/var" = { device = "/dev/sdb"; fsType = "ext4"; };
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue