noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2024-11-10 02:52:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: including disabled wireguard settings

Browse Source
This commit is contained in:
Noah Masur 2023-06-18 03:24:35 +00:00
parent 0f4914db95
commit 13c7859a78
3 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/nixos/services/jellyfin.nix
View File

@ -41,6 +41,8 @@
"VDPAU_DRIVER" = "radeonsi"; "VDPAU_DRIVER" = "radeonsi";
"LIBVA_DRIVER_NAME" = "radeonsi"; "LIBVA_DRIVER_NAME" = "radeonsi";
}; };
users.users.jellyfin.extraGroups =
[ "render" "video" ]; # Access to /dev/dri
}; };

8
modules/nixos/services/transmission.nix
View File

@ -42,8 +42,10 @@
# Create reverse proxy for web UI # Create reverse proxy for web UI
caddy.routes = lib.mkAfter [{ caddy.routes = lib.mkAfter [{
group = group = if (config.arrServer == config.transmissionServer) then
lib.mkIf (config.arrServer == config.transmissionServer) "download"; "download"
else
"transmission";
match = [{ match = [{
host = [ config.transmissionServer ]; host = [ config.transmissionServer ];
path = [ "/transmission*" ]; path = [ "/transmission*" ];
@ -76,7 +78,7 @@
# Create credentials file for transmission # Create credentials file for transmission
secrets.transmission = { secrets.transmission = {
source = ../../private/transmission.json.age; source = ../../../private/transmission.json.age;
dest = "${config.secretsDirectory}/transmission.json"; dest = "${config.secretsDirectory}/transmission.json";
owner = "transmission"; owner = "transmission";
group = "transmission"; group = "transmission";

10
modules/nixos/services/wireguard.nix
View File

@ -2,13 +2,16 @@
options.wireguard.enable = lib.mkEnableOption "Wireguard VPN setup."; options.wireguard.enable = lib.mkEnableOption "Wireguard VPN setup.";
config = lib.mkIf (pkgs.stdenv.isLinux && config.wireguard.enable) { config = lib.mkIf (pkgs.stdenv.isLinux) {
networking.wireguard = { networking.wireguard = {
enable = true; enable = config.wireguard.enable;
interfaces = { interfaces = {
wg0 = { wg0 = {
# Something to use as a default value
ips = lib.mkDefault [ "127.0.0.1/32" ];
# Establishes identity of this machine # Establishes identity of this machine
generatePrivateKeyFile = false; generatePrivateKeyFile = false;
privateKeyFile = config.secrets.wireguard.dest; privateKeyFile = config.secrets.wireguard.dest;
@ -23,6 +26,7 @@
# Create namespace for Wireguard # Create namespace for Wireguard
# This allows us to isolate specific programs to Wireguard # This allows us to isolate specific programs to Wireguard
systemd.services."netns@" = { systemd.services."netns@" = {
enable = config.wireguard.enable;
description = "%I network namespace"; description = "%I network namespace";
before = [ "network.target" ]; before = [ "network.target" ];
serviceConfig = { serviceConfig = {
@ -35,7 +39,7 @@
# Create private key file for wireguard # Create private key file for wireguard
secrets.wireguard = { secrets.wireguard = {
source = ../../private/wireguard.age; source = ../../../private/wireguard.age;
dest = "${config.secretsDirectory}/wireguard"; dest = "${config.secretsDirectory}/wireguard";
}; };