annika/nixos
1
0
Fork 0
mirror of https://forgejo.merr.is/annika/nixos.git synced 2025-12-12 01:07:44 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Trying to improve Netbird Setup

Browse source
This commit is contained in:
Annika Merris 2024-07-25 10:15:25 -04:00
parent f030235976
commit 514205e1d9
4 changed files with 55 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

8
hosts/kim/default.nix
View file

@ -60,7 +60,13 @@ inputs.nixpkgs.lib.nixosSystem {
element.enable = true; element.enable = true;
firefox.enable = true; firefox.enable = true;
kitty.enable = true; kitty.enable = true;
netbird.enable = true; # netbird.enable = true;
netbird = {
enable = true;
management_url = "https://netbird.moosenet.work:443";
admin_url = "https://netbird.moosenet.work";
setup_key = sops.netbird.setup_keys.end_user;
}
openrgb.enable = true; openrgb.enable = true;
prusa-slicer.enable = true; prusa-slicer.enable = true;
spotifyd.enable = true; spotifyd.enable = true;

1
hosts/virt-nix/default.nix
View file

@ -71,7 +71,6 @@ inputs.nixpkgs.lib.nixosSystem {
]; ];
services.openssh.enable = true; services.openssh.enable = true;
services.flatpak.enable = true; services.flatpak.enable = true;
services.netbird.enable = true; # TODO: Move this to the netbird configs
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true; hardware.bluetooth.powerOnBoot = true;
sound.enable = true; # TODO: Add the rest of the sound stuff... sound.enable = true; # TODO: Add the rest of the sound stuff...

53
modules/common/applications/netbird.nix
View file

@ -6,25 +6,58 @@
description = "Enable Netbird"; description = "Enable Netbird";
default = false; default = false;
}; };
opts = {
setup_key = lib.mkOption {
type = lib.types.str;
description = ''
Setup key obtained from the Management Service Dashboard (used to register peer)
'';
default = "";
};
management_url = lib.mkOption {
type = lib.types.str;
description = ''
Management Service URL [http|https]://[host]:[port]
'';
default = "https://api.wiretrustee.com:443";
};
admin_url = lib.mkOption {
type = lib.types.str;
description = ''
Admin Panel URL [http|https]://[host]:[port]
'';
default = "https://app.netbird.io";
}; };
}; };
};
};
# TODO: This code should live somewhere else and be available to everything.
# mkIfElse = p: yes: no: lib.mkMerge [
# (lib.mkIf p yes)
# (lib.mkif (!p) no)
# ];
config = lib.mkIf (config.netbird.enable) config = lib.mkIf (config.netbird.enable)
(lib.mkMerge [ (lib.mkMerge [
(lib.mkIf (config.gui.enable) { {
services.netbird.tunnels = {
wt0.environment = (lib.mkMerge [
{
NB_MANAGEMENT_URL = config.netbird.opts.management_url;
NB_ADMIN_URL = config.netbird.opts.admin_url;
}
# isString e
(lib.mkIf (config.netbird.opts.setup_key != "") {
NB_SETUP_KEY = config.netbird.opts.setup_key;
})
]);
};
}
(lib.mIf (config.gui.enable) {
home-manager.users.${config.user} = { home-manager.users.${config.user} = {
home.packages = [ home.packages = [
pkgs.netbird-ui pkgs.netbird-ui
]; ];
}; };
services.netbird.enable = true;
})
(lib.mkIf (!config.gui.enable) {
home-manager.users.${config.user} = {
home.packages = [
pkgs.netbird
];
};
services.netbird.enable = true;
}) })
]); ]);
} }

7
secrets/secrets.yaml
View file

@ -3,6 +3,9 @@ spotifyd:
global: global:
password: ENC[AES256_GCM,data:YnfXoQ7pbqoZ8QcqfkYd3A==,iv:+QwDqlZ5HEIasmeMAT48kvF3LpbTzJMu4OR1kjWOZCQ=,tag:rANAqr1GlYzHNItb2AmCmg==,type:str] password: ENC[AES256_GCM,data:YnfXoQ7pbqoZ8QcqfkYd3A==,iv:+QwDqlZ5HEIasmeMAT48kvF3LpbTzJMu4OR1kjWOZCQ=,tag:rANAqr1GlYzHNItb2AmCmg==,type:str]
annika_password: ENC[AES256_GCM,data:qRdNYmU7Z0A0r3rhyTQMa9I/uNjlSMSjPzRNDBUvpV8t+jlN+l+5XzGawS7E1cwBTuU/rkdSha2vU2hCyWgxqOmLjSp8okCUSw==,iv:12lV4/zC5uneYnDrps9cdv5J1fXiuMfIGmoaYDaVD5c=,tag:d8SNVCcbYOT0iiUjeKVsWA==,type:str] annika_password: ENC[AES256_GCM,data:qRdNYmU7Z0A0r3rhyTQMa9I/uNjlSMSjPzRNDBUvpV8t+jlN+l+5XzGawS7E1cwBTuU/rkdSha2vU2hCyWgxqOmLjSp8okCUSw==,iv:12lV4/zC5uneYnDrps9cdv5J1fXiuMfIGmoaYDaVD5c=,tag:d8SNVCcbYOT0iiUjeKVsWA==,type:str]
netbird:
setup_keys:
end_user: ENC[AES256_GCM,data:9fFfVWHO2e3lACEl1+g+rWUQ1o6jZUQfTKBCXRcGTLClZ+ho,iv:LPaUSzZHy+iN9w7kjvDyGhHajR56G+S26JlMeur+Bko=,tag:SAASFjfyya3cigsyaR/mlg==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -27,8 +30,8 @@ sops:
YUxQYnZmRUc0TkZkaEFHSGp6RzdwdGcK/Y8BuOQrcOgWpA18FijIpRR7zw+VYl2+ YUxQYnZmRUc0TkZkaEFHSGp6RzdwdGcK/Y8BuOQrcOgWpA18FijIpRR7zw+VYl2+
bJLhkeIjYvDc+mNoKf/GCVmJVtSAWanoHGKasDfkDkuSkAJfao9WzA== bJLhkeIjYvDc+mNoKf/GCVmJVtSAWanoHGKasDfkDkuSkAJfao9WzA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-23T19:08:33Z" lastmodified: "2024-07-24T14:26:38Z"
mac: ENC[AES256_GCM,data:6XxNXxnjzCxVHOK/7+e4x+PLEzyqDtClfvdPyOXJnvX7iz8p5zjXazUV0gq1kbUVrD6Uh2XumomNOeyA+VP7g5bpxkbOEGUoptzU+VsEQtTIvRlQn09J3J733yKlwDJ6dglTUuyOD66e21dIRF6JJ1UWOFkwptToHdEe+PqcWLc=,iv:T0Vr851SJcv6tprN0+wshu+WfSMWug5tEkPluVKRx4A=,tag:Dt10qxRJuUPBlK4oNyNgNg==,type:str] mac: ENC[AES256_GCM,data:xT/DXBA4zTPW+LqZhPW8kwJrCDrQliPLiVsKirNlJ6DZ4bJDpHob+drdi8qT8FVcFyenhBULrVW+f/keDbwhPp8o0NgLzi+5MiIS9yPux6krw47K8Y0CxJ2gS/TqrtNGuBIyuxwL8od9j6/wiz8RIGJ1r8Ng19KJH9sqvowVCKo=,iv:qtLV4+AgdSMOJwqzB4fwqdOnm+iOxPEEoUQRrp3o3ek=,tag:E9Sf8tBiryCKX40utWJkxQ==,type:str]
pgp: [] pgp: []
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.9.0 version: 3.9.0