TheWanderingCrow/CrOS
1
0
Fork 0
mirror of https://github.com/TheWanderingCrow/CrOS.git synced 2026-01-11 09:44:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

working nebula inhstance

Browse source
This commit is contained in:
TheWanderingCrow 2025-08-07 15:50:23 +00:00
parent 71518094fe
commit 54deb035f7
1 changed files with 4 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

15
hosts/common/core/nebula.nix
View file

@ -11,21 +11,14 @@ in {
then [''Hey you don't have a nebula config for this host, you should fix this ASAP so you can be connected to the mesh. If you don't know how to do this then contact your admin'']
else [];
sops.secrets."keys/nebula" = lib.mkIf (builtins.hasAttr "${config.hostSpec.hostName}" s.hosts) {};
sops.secrets."keys/nebula" = lib.mkIf (builtins.hasAttr "${config.hostSpec.hostName}" s.hosts) {
owner = "nebula-wce";
inherit (config.users.users.${config.hostSpec.username}) group;
};
services.nebula.networks.wce = lib.mkIf (builtins.hasAttr "${config.hostSpec.hostName}" s.hosts) {
inherit (s) ca lighthouses staticHostMap;
inherit (s.hosts.${config.hostSpec.hostName}) cert isLighthouse;
key = config.sops.secrets."keys/nebula".path;
enable = true;
firewall.outbound = {
host = lib.mkDefault "any";
port = lib.mkDefault "any";
proto = lib.mkDefault "any";
};
firewall.inbound = {
host = lib.mkDefault "any";
port = lib.mkDefault "any";
proto = lib.mkDefault "any";
};
};
}