lukrecja/nixos-dots
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor into modules

Browse Source
This commit is contained in:
Lukrecja Pleskaczyńska
2026-03-10 23:22:08 +01:00
parent 1b9d24ce15
commit e58d5a7a18
29 changed files with 386 additions and 365 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
nixos/modules/networking/general.nix Normal file
View File

@@ -0,0 +1,11 @@
{ ... }:
{
networking.hostName = "lusia-laptop";
networking.networkmanager.enable = true;
networking.networkmanager.wifi.powersave = true;
networking.nameservers = [ "9.9.9.9" ];
services.resolved.enable = true;
}

11
nixos/modules/networking/tailscale.nix Normal file
View File

@@ -0,0 +1,11 @@
{ ... }:
{
services.tailscale.enable = true;
networking.firewall.trustedInterfaces = [ "tailscale0" ];
boot.kernel.sysctl = {
"net.ipv4.conf.tailscale0.rp_filter" = 0;
};
}

55
nixos/modules/networking/vpn.nix Normal file
View File

@@ -0,0 +1,55 @@
{ pkgs, ... }:
{
# VSTech VPN (with DNS for bgs.local domain)
services.openvpn.servers.vstech = {
config = ''
client
remote 51.83.143.81
proto udp
port 649
dev tun
topology subnet
ca /home/lusia/VSTech-vpn/ca.crt
cert /home/lusia/VSTech-vpn/Klient251.crt
key /home/lusia/VSTech-vpn/Klient251.inline
tls-crypt /home/lusia/VSTech-vpn/ta.key
auth sha512
data-ciphers aes-256-cbc
data-ciphers-fallback aes-256-cbc
key-direction 1
keepalive 10 120
'';
updateResolvConf = false;
up = ''
${pkgs.systemd}/bin/resolvectl dns $dev 10.10.10.1
${pkgs.systemd}/bin/resolvectl domain $dev bgs.local
'';
down = ''
${pkgs.systemd}/bin/resolvectl revert $dev
'';
};
# CAT VPN
services.openvpn.servers.cat = {
config = ''
client
remote 79.133.193.211
proto tcp
port 1194
dev tun
topology subnet
ca /home/lusia/vpn/ca.crt
cert /home/lusia/vpn/client18.crt
key /home/lusia/vpn/client18.key
auth sha256
data-ciphers AES-256-CBC
key-direction 1
'';
updateResolvConf = true;
};
}