annika/nixos
1
0
Fork 0
mirror of https://forgejo.merr.is/annika/nixos.git synced 2025-12-11 11:05:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

I Have a Passable Netbird Config Now

Browse source
This commit is contained in:
Annika Merris 2024-09-03 09:43:58 -04:00
parent 8770d3791b
commit f11ae539c1
7 changed files with 53 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

3
hosts/kim/default.nix
View file

@ -90,9 +90,6 @@ inputs.nixpkgs.lib.nixosSystem {
yubikey.enable = true;
kdeconnect.enable = true;
tailscale.enable = true;
# TODO: Move this out
}
];
}

8
hosts/kim/netbird.nix
View file

@ -1,6 +1,8 @@
{ config, lib, pkgs, ... }:
{
sops.secrets."netbird/setup_keys/end_user" = { };
{ config, lib, pkgs, ... }: {
sops.secrets."netbird/setup_keys/end_user" = {
owner = config.users.users.annika.name;
group = config.users.users.annika.group;
};
netbird = {
enable = true;
opts = {

64
modules/common/applications/netbird.nix
View file

@ -1,5 +1,4 @@
{ config, pkgs, lib, ... }:
{
{ config, pkgs, lib, ... }: {
options = {
netbird = {
enable = lib.mkEnableOption {
@ -43,33 +42,40 @@
# (lib.mkIf p yes)
# (lib.mkif (!p) no)
# ];
config = lib.mkIf (config.netbird.enable)
(lib.mkMerge [
{
services.netbird = {
enable = true;
tunnels = {
wt0.environment = (lib.mkMerge [
{
NB_MANAGEMENT_URL = config.netbird.opts.management_url;
NB_ADMIN_URL = config.netbird.opts.admin_url;
}
(lib.mkIf (config.netbird.opts.setup_key != "") {
NB_SETUP_KEY = config.netbird.opts.setup_key;
})
(lib.mkIf(config.netbird.opts.setup_key_file != "") {
NB_SETUP_KEY_FILE = config.netbird.opts.setup_key_file;
})
]);
};
config = lib.mkIf (config.netbird.enable) (lib.mkMerge [
{
services.netbird = {
enable = true;
tunnels = {
wt0.environment = (lib.mkMerge [
{
NB_MANAGEMENT_URL = config.netbird.opts.management_url;
NB_ADMIN_URL = config.netbird.opts.admin_url;
}
(lib.mkIf (config.netbird.opts.setup_key != "") {
NB_SETUP_KEY = config.netbird.opts.setup_key;
})
(lib.mkIf (config.netbird.opts.setup_key_file != "") {
NB_SETUP_KEY_FILE = config.netbird.opts.setup_key_file;
})
]);
};
}
(lib.mkIf (config.gui.enable) {
home-manager.users.${config.user} = {
home.packages = [
pkgs.netbird-ui
];
};
environment = {
variables = {
NB_MANAGEMENT_URL = config.netbird.opts.management_url;
NB_ADMIN_URL = config.netbird.opts.admin_url;
NB_SETUP_KEY = config.netbird.opts.setup_key;
NB_SETUP_KEY_FILE = config.netbird.opts.setup_key_file;
};
})
]);
};
}
(lib.mkIf (config.gui.enable) {
home-manager.users.${config.user} = {
home.packages = [
pkgs.netbird-ui
];
};
})
]);
}

1
modules/common/programming/nixpkgs-fmt.nix
View file

@ -12,6 +12,7 @@
home-manager.users.${config.user} = {
home.packages = [
pkgs.nixpkgs-fmt
pkgs.nixfmt-classic
];
};
};

9
modules/common/programming/vscode.nix
View file

@ -1,5 +1,4 @@
{ config, pkgs, lib, ... }:
{
{ config, pkgs, lib, ... }: {
options = {
vscode = {
enable = lib.mkEnableOption {
@ -11,10 +10,10 @@
config = lib.mkIf (config.gui.enable && config.vscode.enable) {
home-manager.users.${config.user} = {
nixpkgs.config.allowUnfree = true;
programs.vscode = {
enable = true;
enableUpdateCheck = false;
enableExtensionUpdateCheck = false;
mutableExtensionsDir = false;
@ -32,13 +31,13 @@
golang.go
mkhl.direnv
ms-vscode-remote.remote-ssh
ms-vscode-remote.remote-containers
];
userSettings = {
"workbench.colorTheme" = "Catppuccin Mocha";
"editor.tabSize" = 2;
"editor.insertSpaces" = true;
"git.autofetch" = true;
# "git.enableSmartCommit" = true;
"git.confirmSync" = false;
};
};

5
modules/common/utilities/git.nix
View file

@ -22,6 +22,11 @@ in
enable = true;
userName = config.gitName;
userEmail = config.gitEmail;
extraConfig = {
pull = {
rebase = true;
};
};
};
};
};

6
secrets/secrets.yaml
View file

@ -5,7 +5,7 @@ spotifyd:
annika_password: ENC[AES256_GCM,data:qRdNYmU7Z0A0r3rhyTQMa9I/uNjlSMSjPzRNDBUvpV8t+jlN+l+5XzGawS7E1cwBTuU/rkdSha2vU2hCyWgxqOmLjSp8okCUSw==,iv:12lV4/zC5uneYnDrps9cdv5J1fXiuMfIGmoaYDaVD5c=,tag:d8SNVCcbYOT0iiUjeKVsWA==,type:str]
netbird:
setup_keys:
end_user: ENC[AES256_GCM,data:9fFfVWHO2e3lACEl1+g+rWUQ1o6jZUQfTKBCXRcGTLClZ+ho,iv:LPaUSzZHy+iN9w7kjvDyGhHajR56G+S26JlMeur+Bko=,tag:SAASFjfyya3cigsyaR/mlg==,type:str]
end_user: ENC[AES256_GCM,data:XjgsnBmh0pzRoFBlrB9Bcaa6vtyw9Uzy0lzqLyl74S4TBMQu,iv:QMXT9RivPRerlc6/L0GACUp0Eys1fPWMX9BBbaHKoOM=,tag:2wG7cz0bV+axaAszxz6ueQ==,type:str]
servers: ENC[AES256_GCM,data:2x2OPHTTTK3bltlzE/bQWuy+4l5/qxlkmyS8Ll1rvZVm5L0t,iv:+kXwJCQsg4qxNWzhTekwaSHOdTlM1HHFwIBK9iRKMA0=,tag:aQjYYU0MvMccwoOBtvzYdg==,type:str]
sops:
kms: []
@ -31,8 +31,8 @@ sops:
akR2d2ZrWjd5cWZ4NnJoSko3SWR3NmsKuq10DkZpKclYzpcl1BURi3oiHCNabrih
svx2Rm2xAvWQZldB3i0Bhie7NszqWM0qQ82dKUkia8GDmz8HNC3pdA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-08-13T18:16:36Z"
mac: ENC[AES256_GCM,data:6WrgKVG9k6MupgyoclYxBNuo1KL4GShO6v+dfIZtthgaN3EVXFflG2ZnmVQfy5Y1lkxnLYcjD0kUeEsT4h5pjR9tMw7ZOwXclWdR8CskInhhAqcLUhtORjuW2gxxeR7JYFXoizuSFKh6C4ebG1TFugWK47DjfBA6yHLFDjUwBjw=,iv:3kAxoBN0FD3E6jtlR9B8NOywoyzKS1ihjUVWpHErdvY=,tag:ljQt4hrhvmRIwhENNUYduw==,type:str]
lastmodified: "2024-09-02T21:20:03Z"
mac: ENC[AES256_GCM,data:5lz7qVbblzjAA3Kpmckvb1AhuuuHDu2g2vO/mh0h3DQFdX5t32VkM7FBsrl+i0r79yduhRhZ2cqNpvmeWPmwvQ1g4tctunqwul139WEfm39P1gqRXCP1PfVIwCT6WOhMwnzd6UyCSA57CbjJodMXHIj/A3nre0L5DgPJFy5imNQ=,iv:58d0HqoTobZcv2S3+L5Fe3lk+ctxLiDBOlTnjsQZGQM=,tag:p/i0C2jAcijaCN2vLy8blQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0