]> Git — Sourcephile - sourcephile-nix.git/blob - machines/mermet.nix
wireguard: setup external vpn
[sourcephile-nix.git] / machines / mermet.nix
1 # NixOS configuration of mermet.sourcephile.fr
2 # Laurent Mermet (1955-2019), strategist for the environment
3 # https://www.iddri.org/fr/iddri-en-bref/la-vie-de-liddri/hommage-laurent-mermet
4 { inputs, ... }:
5 {
6 system = "x86_64-linux";
7 extraArgs = rec {
8 ipv4 = "80.67.180.129";
9 wireguard = rec {
10 wg-intra = {
11 ipv4 = "192.168.42.1";
12 listenPort = 43642;
13 persistentKeepalive = null;
14 peer = {
15 publicKey = "XbTEP2X71LBTjmdmySdiOpQJ+uIomcXvg1aiQGUtWBI=";
16 allowedIPs = [ "${wg-intra.ipv4}/32" ];
17 endpoint = "${ipv4}:${toString wg-intra.listenPort}";
18 };
19 };
20 };
21 };
22 modules = [
23 (inputs.nixpkgs + "/nixos/modules/profiles/hardened.nix")
24 ../nixos/defaults.nix
25 ../nixos/profiles/services/unbound.nix
26 mermet/acme.nix
27 mermet/croc.nix
28 mermet/coturn.nix
29 mermet/debug.nix
30 mermet/dovecot.nix
31 mermet/fail2ban.nix
32 mermet/fileSystems.nix
33 mermet/gitolite.nix
34 mermet/hardware.nix
35 mermet/knot.nix
36 #mermet/mlmmj.nix
37 mermet/networking.nix
38 mermet/nginx.nix
39 mermet/openldap.nix
40 mermet/postfix.nix
41 mermet/public-inbox.nix
42 mermet/redis.nix
43 mermet/rspamd.nix
44 mermet/sanoid.nix
45 mermet/security.nix
46 mermet/system.nix
47 mermet/users.nix
48 (inputs.secrets + "/machines/mermet/users.nix")
49 ];
50 }