From 9e632ce4905fe46d285ad36f0e5b8a90f5d53dfd Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Dec 2018 16:54:00 +0100 Subject: l: add wirelum.nix --- lass/2configs/default.nix | 1 + lass/2configs/wirelum.nix | 44 ++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 45 insertions(+) create mode 100644 lass/2configs/wirelum.nix (limited to 'lass/2configs') diff --git a/lass/2configs/default.nix b/lass/2configs/default.nix index a4311317..dea32d4d 100644 --- a/lass/2configs/default.nix +++ b/lass/2configs/default.nix @@ -10,6 +10,7 @@ with import ; ./zsh.nix ./htop.nix ./security-workarounds.nix + ./wirelum.nix { users.extraUsers = mapAttrs (_: h: { hashedPassword = h; }) diff --git a/lass/2configs/wirelum.nix b/lass/2configs/wirelum.nix new file mode 100644 index 00000000..cd8a20c6 --- /dev/null +++ b/lass/2configs/wirelum.nix @@ -0,0 +1,44 @@ +with import ; +{ config, pkgs, ... }: let + + self = config.krebs.build.host.nets.wirelum; + isRouter = !isNull self.via; + +in mkIf (hasAttr "wirelum" config.krebs.build.host.nets) { + #hack for modprobe inside containers + systemd.services."wireguard-wirelum".path = mkIf config.boot.isContainer (mkBefore [ + (pkgs.writeDashBin "modprobe" ":") + ]); + + boot.kernel.sysctl = mkIf isRouter { + "net.ipv6.conf.all.forwarding" = 1; + }; + krebs.iptables.tables.filter.INPUT.rules = [ + { predicate = "-p udp --dport ${toString self.wireguard.port}"; target = "ACCEPT"; } + ]; + krebs.iptables.tables.filter.FORWARD.rules = mkIf isRouter [ + { precedence = 1000; predicate = "-i wirelum -o wirelum"; target = "ACCEPT"; } + ]; + + networking.wireguard.interfaces.wirelum = { + ips = + (optional (!isNull self.ip4) self.ip4.addr) ++ + (optional (!isNull self.ip6) self.ip6.addr); + listenPort = 51820; + privateKeyFile = (toString ) + "/wirelum.key"; + allowedIPsAsRoutes = true; + peers = mapAttrsToList + (_: host: { + allowedIPs = if isRouter then + (optional (!isNull host.nets.wirelum.ip4) host.nets.wirelum.ip4.addr) ++ + (optional (!isNull host.nets.wirelum.ip6) host.nets.wirelum.ip6.addr) + else + host.nets.wirelum.wireguard.subnets + ; + endpoint = mkIf (!isNull host.nets.wirelum.via) (host.nets.wirelum.via.ip4.addr + ":${toString host.nets.wirelum.wireguard.port}"); + persistentKeepalive = mkIf (!isNull host.nets.wirelum.via) 61; + publicKey = host.nets.wirelum.wireguard.pubkey; + }) + (filterAttrs (_: h: hasAttr "wirelum" h.nets) config.krebs.hosts); + }; +} -- cgit v1.2.3 From 848ababbe1d050b12ca98da2ca713e7de7eca286 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Dec 2018 17:04:02 +0100 Subject: l: add more mails --- lass/2configs/exim-smarthost.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/exim-smarthost.nix b/lass/2configs/exim-smarthost.nix index 1ee45bb4..1acfe505 100644 --- a/lass/2configs/exim-smarthost.nix +++ b/lass/2configs/exim-smarthost.nix @@ -94,6 +94,7 @@ with import ; { from = "osmocom@lassul.us"; to = lass.mail; } { from = "lesswrong@lassul.us"; to = lass.mail; } { from = "nordvpn@lassul.us"; to = lass.mail; } + { from = "csv-direct@lassul.us"; to = lass.mail; } ]; system-aliases = [ { from = "mailer-daemon"; to = "postmaster"; } -- cgit v1.2.3 From 72e9832f73ba27aafe0fe819d8dc160235222897 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Dec 2018 17:04:13 +0100 Subject: l games: add dolhinEmu to pkgs --- lass/2configs/games.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'lass/2configs') diff --git a/lass/2configs/games.nix b/lass/2configs/games.nix index 49602898..62e3f6d5 100644 --- a/lass/2configs/games.nix +++ b/lass/2configs/games.nix @@ -57,6 +57,7 @@ let in { environment.systemPackages = with pkgs; [ + dolphinEmu doom1 doom2 vdoom1 -- cgit v1.2.3 From dfa8e29fd82219849676244b3e90574cfaf7fe2c Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 9 Dec 2018 17:07:53 +0100 Subject: l: rebind capslock, enable libinput --- lass/2configs/baseX.nix | 4 ++-- lass/2configs/mouse.nix | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'lass/2configs') diff --git a/lass/2configs/baseX.nix b/lass/2configs/baseX.nix index d781f8c7..53d90ed7 100644 --- a/lass/2configs/baseX.nix +++ b/lass/2configs/baseX.nix @@ -97,9 +97,9 @@ in { enable = true; layout = "us"; display = mkForce 0; - xkbModel = "evdev"; xkbVariant = "altgr-intl"; - xkbOptions = "caps:backspace"; + xkbOptions = "caps:escape"; + libinput.enable = true; displayManager.lightdm.enable = true; windowManager.default = "xmonad"; windowManager.session = [{ diff --git a/lass/2configs/mouse.nix b/lass/2configs/mouse.nix index 098809d6..f5f9319e 100644 --- a/lass/2configs/mouse.nix +++ b/lass/2configs/mouse.nix @@ -1,4 +1,4 @@ -{ ... }: +{ lib, ... }: { hardware.trackpoint = { enable = true; @@ -7,6 +7,7 @@ emulateWheel = true; }; + services.xserver.libinput.enable = lib.mkForce false; services.xserver.synaptics = { enable = true; horizEdgeScroll = false; -- cgit v1.2.3