Compare commits
6 Commits
b56878bbf2
...
f7385e88de
| Author | SHA1 | Date | |
|---|---|---|---|
|
f7385e88de | ||
|
|
e0efe371cd | ||
| 18f67dff98 | |||
| 2e390e9ef9 | |||
| 7ca735fa6d | |||
| e90cde3c14 |
19
configuration/desktop/audio.nix
Normal file
19
configuration/desktop/audio.nix
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
hardware.pulseaudio.enable = false;
|
||||||
|
|
||||||
|
security.rtkit.enable = true;
|
||||||
|
services.pipewire = {
|
||||||
|
enable = true;
|
||||||
|
alsa = {
|
||||||
|
enable = true;
|
||||||
|
support32Bit = true;
|
||||||
|
};
|
||||||
|
pulse = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
}
|
||||||
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
./audio.nix
|
||||||
./fonts.nix
|
./fonts.nix
|
||||||
./gnome.nix
|
./gnome.nix
|
||||||
./networking.nix
|
./networking.nix
|
||||||
|
|||||||
@ -183,11 +183,11 @@
|
|||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1697049401,
|
"lastModified": 1697100850,
|
||||||
"narHash": "sha256-I/wCJBpW/K23h3o42bUD3OIeRQ5TRVoecu/RGIpfx6w=",
|
"narHash": "sha256-qSAzJVzNRIo+r3kBjL8TcpJctcgcHlnZyqdzpWgtg0M=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "d6b554a85caac840430a822aae963c811e9c7e26",
|
"rev": "fb6af288f6cf0f00d3af60cf9d5110433b954565",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|||||||
@ -15,8 +15,8 @@
|
|||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
root = pkgs.fetchgit {
|
root = pkgs.fetchgit {
|
||||||
url = "https://git.clerie.de/clerie/clerie.de.git";
|
url = "https://git.clerie.de/clerie/clerie.de.git";
|
||||||
rev = "d3f220899ecb98e87026ee0a7600bb8898ae3c42";
|
rev = "9417332ff85b058901d9875828f9dea8247bb431";
|
||||||
sha256 = "sha256-3o2/+m5OGSfc5RTrS4/j/aVibDasQISL7vY+J3yxbB8=";
|
hash = "sha256-bCTyhyPeCNHsGDfyYA5yM0OA8040XFO3Gvakrco+FEo=";
|
||||||
};
|
};
|
||||||
locations."= /ssh/known_hosts" = {
|
locations."= /ssh/known_hosts" = {
|
||||||
alias = pkgs.writeText "known_hosts" (import ../../lib/ssh-known-hosts.nix);
|
alias = pkgs.writeText "known_hosts" (import ../../lib/ssh-known-hosts.nix);
|
||||||
|
|||||||
@ -24,6 +24,8 @@
|
|||||||
|
|
||||||
networking.hostName = "zinc";
|
networking.hostName = "zinc";
|
||||||
|
|
||||||
|
security.sudo.wheelNeedsPassword = lib.mkForce false;
|
||||||
|
|
||||||
services.wg-clerie = {
|
services.wg-clerie = {
|
||||||
enable = true;
|
enable = true;
|
||||||
ipv6s = [ "2a01:4f8:c0c:15f1::8109/128" ];
|
ipv6s = [ "2a01:4f8:c0c:15f1::8109/128" ];
|
||||||
|
|||||||
@ -58,16 +58,16 @@ in
|
|||||||
persistent-keepalive "25" \
|
persistent-keepalive "25" \
|
||||||
allowed-ips "0.0.0.0/0,::/0,10.20.30.0/24,2a01:4f8:c0c:15f1::/113"
|
allowed-ips "0.0.0.0/0,::/0,10.20.30.0/24,2a01:4f8:c0c:15f1::/113"
|
||||||
|
|
||||||
ip route add "::/0" dev "wg-initrd" table 1337
|
#ip route add "::/0" dev "wg-initrd" table 1337
|
||||||
ip route add "0.0.0.0/0" dev "wg-initrd" table 1337
|
#ip route add "0.0.0.0/0" dev "wg-initrd" table 1337
|
||||||
|
|
||||||
|
|
||||||
${concatMapStringsSep "\n" (ip: ''
|
${concatMapStringsSep "\n" (ip: ''
|
||||||
ip -6 rule add from "${ip}" lookup 1337 prio 19000
|
ip -6 rule add from "${ip}" lookup 1337 prio 19000
|
||||||
ip -6 rule add from "${ip}" unreachable prio 19001
|
ip -6 rule add from "${ip}" unreachable prio 19001
|
||||||
'') cfg.ipv6s}
|
'') cfg.ipv6s}
|
||||||
ip -6 rule add from "2a01:4f8:c0c:15f1::1/128" ipproto udp dport 51820 lookup main prio 20000
|
ip -6 rule add to "2a01:4f8:c0c:15f1::1/128" ipproto udp dport 51820 lookup main prio 20000
|
||||||
ip -6 rule add from "2a01:4f8:c0c:15f1::1/128" ipproto udp dport 51820 unreachable prio 20001
|
ip -6 rule add to "2a01:4f8:c0c:15f1::1/128" ipproto udp dport 51820 unreachable prio 20001
|
||||||
ip -6 rule add lookup main prio 21000
|
ip -6 rule add lookup main prio 21000
|
||||||
ip -6 rule add lookup 1337 prio 21001
|
ip -6 rule add lookup 1337 prio 21001
|
||||||
ip -6 rule add unreachable prio 21000
|
ip -6 rule add unreachable prio 21000
|
||||||
@ -77,8 +77,8 @@ in
|
|||||||
ip -4 rule add from "${ip}" lookup 1337 prio 19000
|
ip -4 rule add from "${ip}" lookup 1337 prio 19000
|
||||||
ip -4 rule add from "${ip}" unreachable prio 19001
|
ip -4 rule add from "${ip}" unreachable prio 19001
|
||||||
'') cfg.ipv4s}
|
'') cfg.ipv4s}
|
||||||
ip -4 rule add from "78.47.183.82/32" ipproto udp dport 51820 lookup main prio 20000
|
ip -4 rule add to "78.47.183.82/32" ipproto udp dport 51820 lookup main prio 20000
|
||||||
ip -4 rule add from "78.47.183.82/32" ipproto udp dport 51820 unreachable prio 20001
|
ip -4 rule add to "78.47.183.82/32" ipproto udp dport 51820 unreachable prio 20001
|
||||||
ip -4 rule add lookup main prio 21000
|
ip -4 rule add lookup main prio 21000
|
||||||
ip -4 rule add lookup 1337 prio 21001
|
ip -4 rule add lookup 1337 prio 21001
|
||||||
ip -4 rule add unreachable prio 21000
|
ip -4 rule add unreachable prio 21000
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user