infra/nixos/hosts/eidola/nebula.nix

{config, ...}: let
  inherit (import ../../modules/nebula/shared.nix) userGroup;
in {
  sops.secrets."nebula-key" = {
    mode = "0440";
    owner = userGroup;
    group = userGroup;
  };

  gen.nebula = {
    enable = true;
    enableLighthouse = false;

    cert = ../../keys/n-srv-eidola.crt;
    key = config.sops.secrets."nebula-key".path;

    extraInbound = [
      # Allow iperf3 from anyone
      {
        port = 5201;
        proto = "any";
        host = "any";
      }
    ];
  };
}
Fix Nebula on eidola 2024-10-15 16:53:31 -05:00			`{config, ...}: let`
Make a module for Nebula mesh (and fix hardening module) 2024-12-14 17:15:55 -06:00			`inherit (import ../../modules/nebula/shared.nix) userGroup;`
Fix Nebula on eidola 2024-10-15 16:53:31 -05:00			`in {`
			`sops.secrets."nebula-key" = {`
			`mode = "0440";`
			`owner = userGroup;`
			`group = userGroup;`
			`};`

Make a module for Nebula mesh (and fix hardening module) 2024-12-14 17:15:55 -06:00			`gen.nebula = {`
			`enable = true;`
			`enableLighthouse = false;`
Revert kubernetes 2024-11-03 20:30:30 -06:00
Fix Nebula on eidola 2024-10-15 16:53:31 -05:00			`cert = ../../keys/n-srv-eidola.crt;`
			`key = config.sops.secrets."nebula-key".path;`

Make a module for Nebula mesh (and fix hardening module) 2024-12-14 17:15:55 -06:00			`extraInbound = [`
Refactor + Proxmox VE 2024-12-13 16:47:09 -06:00			`# Allow iperf3 from anyone`
			`{`
			`port = 5201;`
			`proto = "any";`
			`host = "any";`
			`}`
Fix Nebula on eidola 2024-10-15 16:53:31 -05:00			`];`
			`};`
			`}`