From 4b3f3279dd67d454a832f43f55f6c412350e9236 Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Tue, 10 Jan 2023 17:31:11 +0100 Subject: Add yggdrasil --- kusanagi/nixos/Makefile | 3 +++ kusanagi/nixos/configuration.nix | 25 ++++++++++++++++++++++--- kusanagi/nixos/kde.nix | 1 + 3 files changed, 26 insertions(+), 3 deletions(-) (limited to 'kusanagi/nixos') diff --git a/kusanagi/nixos/Makefile b/kusanagi/nixos/Makefile index eb96d6f..2ae1ef5 100644 --- a/kusanagi/nixos/Makefile +++ b/kusanagi/nixos/Makefile @@ -1,2 +1,5 @@ all: sudo nixos-rebuild switch -I nixos-config=configuration.nix + +up: + sudo nixos-rebuild switch --upgrade -I nixos-config=configuration.nix diff --git a/kusanagi/nixos/configuration.nix b/kusanagi/nixos/configuration.nix index aa998fa..fc2f58c 100644 --- a/kusanagi/nixos/configuration.nix +++ b/kusanagi/nixos/configuration.nix @@ -71,7 +71,7 @@ users.users.lx = { isNormalUser = true; description = "Alex"; - extraGroups = [ "networkmanager" "wheel" ]; # Enable ‘sudo’ for the user. + extraGroups = [ "networkmanager" "wheel" "yggdrasil" ]; # Enable ‘sudo’ for the user. }; nixpkgs.config.allowUnfree = true; @@ -106,6 +106,7 @@ wget gcc gnumake + rclone restic borgbackup nomad @@ -114,7 +115,9 @@ alacritty firefox qutebrowser - tor-browser-bundle-bin + (tor-browser-bundle-bin.override { + useHardenedMalloc = false; + }) lagrange thunderbird keepassxc @@ -123,10 +126,16 @@ spotify jellyfin-media-player nheko - steam ]; + programs.vim.defaultEditor = true; + programs.steam = { + enable = true; + remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play + dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server + }; + # Some programs need SUID wrappers, can be configured further or are # started in user sessions. programs.mtr.enable = true; @@ -140,6 +149,16 @@ # Enable the OpenSSH daemon. # services.openssh.enable = true; + services.yggdrasil = { + enable = true; + persistentKeys = true; + settings = { + Peers = [ + "tls://37.187.118.206:53103" + ]; + }; + }; + # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; diff --git a/kusanagi/nixos/kde.nix b/kusanagi/nixos/kde.nix index 06b7c51..80ff523 100644 --- a/kusanagi/nixos/kde.nix +++ b/kusanagi/nixos/kde.nix @@ -5,5 +5,6 @@ environment.systemPackages = with pkgs.libsForQt5; [ kgpg + ark ]; } -- cgit v1.2.3