86 lines
1.8 KiB
Nix
86 lines
1.8 KiB
Nix
{ config
|
|
, lib
|
|
, pkgs
|
|
, ...
|
|
}: {
|
|
networking = {
|
|
firewall.checkReversePath = lib.mkForce false;
|
|
firewall.trustedInterfaces = [ "tailscale0" ];
|
|
|
|
networkmanager.enable = true;
|
|
networkmanager.dispatcherScripts = [
|
|
{
|
|
source = import ./moz-nm-hook.fish.nix {
|
|
inherit pkgs;
|
|
vpn_interface = "tailscale0";
|
|
vpn_network = "100.64.0.0/16";
|
|
};
|
|
type = "basic";
|
|
}
|
|
{
|
|
source = import ./moz-nm-hook.fish.nix {
|
|
inherit pkgs;
|
|
vpn_interface = "netmaker";
|
|
vpn_network = "10.231.190.0/24";
|
|
};
|
|
type = "basic";
|
|
}
|
|
];
|
|
|
|
useDHCP = lib.mkDefault true;
|
|
|
|
nameservers = [
|
|
"176.9.242.147#dns.vlt81.de"
|
|
"2a01:4f8:2200:44a1::baad:c0de#dns.vlt81.de"
|
|
"1.1.1.1#one.one.one.one"
|
|
"1.0.0.1#one.one.one.one"
|
|
# "100.64.0.8#dns.vlt81.de"
|
|
# "45.90.28.0#921984.dns.nextdns.io"
|
|
# "45.90.30.0#921984.dns.nextdns.io"
|
|
# "2a07:a8c0::#921984.dns.nextdns.io"
|
|
# "2a07:a8c1::#921984.dns.nextdns.io"
|
|
];
|
|
};
|
|
|
|
# security.wrappers.keybase-redirector = {
|
|
# setuid = true;
|
|
# owner = "root";
|
|
# group = "root";
|
|
# source = "${pkgs.kbfs}/bin/redirector";
|
|
# };
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
# keybase-gui
|
|
];
|
|
services = {
|
|
# keybase.enable = true;
|
|
# kbfs.enable = true;
|
|
# kbfs.enableRedirector = true;
|
|
resolved = {
|
|
enable = true;
|
|
dnssec = "true";
|
|
domains = [ "~." ];
|
|
fallbackDns = [
|
|
"1.1.1.1#one.one.one.one"
|
|
"1.0.0.1#one.one.one.one"
|
|
];
|
|
extraConfig = ''
|
|
DNSOverTLS=yes
|
|
'';
|
|
};
|
|
|
|
netclient = {
|
|
enable = false;
|
|
package = pkgs.netclient;
|
|
};
|
|
|
|
tailscale = {
|
|
enable = true;
|
|
useRoutingFeatures = "both";
|
|
};
|
|
|
|
mozillavpn = {
|
|
enable = true;
|
|
};
|
|
};
|
|
}
|