yorick
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

new torrent wg setup

auto-flake-update
Yorick van Pelt 2021-01-03 16:39:47 +01:00
parent 11a1b894f0
commit f49c665b68
Signed by: yorick
GPG Key ID: A36E70F9DC014A15
3 changed files with 6 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
keys/wg.mullvad-nl4.key Normal file
View File

Binary file not shown.

2
logical/frumar.nix
View File

@ -18,7 +18,7 @@
};
boot.supportedFilesystems = [ "zfs" ];
services.yorick.torrent-vpn = {
enable = true; name = "mullvad-nl3"; namespace = "torrent";
enable = true; name = "mullvad-nl4"; namespace = "torrent";
};
services.plex = {
enable = true;

15
services/torrent-wg.nix
View File

@ -1,4 +1,4 @@
{lib, config, ...}:
{pkgs, lib, config, ...}:
let
cfg = config.services.yorick.torrent-vpn;
in
@ -12,21 +12,16 @@ in
deployment.keyys = [ (<yori-nix/keys>+"/wg.${cfg.name}.key") ];
networking.wireguard.interfaces.${cfg.name} = {
# curl -s https://api.mullvad.net/www/relays/all/ | jq '.[] | select(.type == "wireguard" and .country_code == "nl")'
ips = ["10.64.19.76/32" "fc00:bbbb:bbbb:bb01::1:134b/128"];
ips = [ "10.66.30.26/32" "fc00:bbbb:bbbb:bb01::3:1e19/128" ];
privateKeyFile = "/root/keys/wg.${cfg.name}.key";
peers = [{
publicKey = "hnRyse6QxPPcZOoSwRsHUtK1W+APWXnIoaDTmH6JsHQ=";
allowedIPs = ["0.0.0.0/0" "::0/0"];
endpoint = "185.65.134.224:31173";
endpoint = "[2a03:1b20:3:f011::a04f]:51820";
}];
interfaceNamespace = cfg.namespace;
};
systemd.services."wireguard-${cfg.name}" = {
preStart = ''
ip netns add "${cfg.namespace}"
'';
postStop = ''
ip netns del "${cfg.namespace}"
preSetup = ''
${pkgs.iproute}/bin/ip netns add "${cfg.namespace}" || true
'';
};
environment.etc."netns/torrent/resolv.conf".text = ''