From 2b13b6b9f6847be95cc2c02bd1c2ef34751b1f80 Mon Sep 17 00:00:00 2001 From: zuckerberg <5-zuckerberg@users.noreply.git.neet.dev> Date: Mon, 6 Sep 2021 11:48:21 -0400 Subject: [PATCH] iodine DNS tunnel --- machines/liza/configuration.nix | 9 +++++++++ secrets/iodine.age | 22 ++++++++++++++++++++++ secrets/secrets.nix | 1 + 3 files changed, 32 insertions(+) create mode 100644 secrets/iodine.age diff --git a/machines/liza/configuration.nix b/machines/liza/configuration.nix index 0eaba57..6113665 100644 --- a/machines/liza/configuration.nix +++ b/machines/liza/configuration.nix @@ -215,6 +215,15 @@ in { forceSSL = true; }; + services.iodine.server = { + enable = true; + ip = "94.23.33.23"; + domain = "tun.neet.dev"; + passwordFile = "/run/secrets/iodine"; + }; + age.secrets.iodine.file = ../../secrets/iodine.age; + boot.kernel.sysctl."net.ipv4.ip_forward" = 1; + security.acme.acceptTerms = true; security.acme.email = "zuckerberg@neet.dev"; } diff --git a/secrets/iodine.age b/secrets/iodine.age new file mode 100644 index 0000000..f71011c --- /dev/null +++ b/secrets/iodine.age @@ -0,0 +1,22 @@ +age-encryption.org/v1 +-> ssh-ed25519 ebHUtA zHUfNgWpc9O2MpB+Rtg5iSMUMXCPSDZkns7S62gyrzI +WyHassd+bdQaVtf/Ne6lpm6c0K754feNFKFC8nxUTOs +-> ssh-ed25519 WVH30Q 9aEV/X/NIqI0fW1WkH+cS5o+hhglM+3fOewMCx1Gp3I +Wpr+zd2Kk3ePs4q9qo5NlyJ43y0csnKJObXbQkGR5h4 +-> ssh-ed25519 G2eSCQ q8lSPjkM8SeBSIrNxh/UEoqTsKkvABhvQMQj9NfoulE +a3XRqJdIuC/UTwU+NOk8mKdH0QYhdgub7g+Ymsg7Y+I +-> ssh-ed25519 Xqs6ZQ INtw5GswTfZOEMpPtMpAS4TyepY2fY5CwmLg6zyz+X8 +HqX2gfMKO0NwLUJ2sqOJ0nLlITp6RZgyIhNjejACwaY +-> ssh-ed25519 2a2Yhw VjoNED/kjCWe8x26edWoLf/+xtfESzx4VTCRGqc0OAk +cqG1i8ahg+Suun+dGuv+uNMvLbbmMZ9v/RwLbsy4rFQ +-> ssh-ed25519 N240Tg AreG8wZZP/rX5jg8oVxd7a6xkQB7CxwHsDoYlmwVkBI +yD/X2Vtcp7LHcBB7p7zopgpxA8h8mMmulTB+eFOmqOo +-> ssh-ed25519 mbw8xA JnH6Pa4Ay3ksfZKZOpPlgYy7LVl2BsjvsND+nFP14Dc +sqP9rOtVo8GflGFXOr2tC9FqfVCbCieViJogYXnNLwY +-> ssh-ed25519 xoAm7w 8/jktRjnJx6UwwuJ+xfQ1lPVEO9y2BG8ZIeTG96JOB4 +qcjI/o0hhTFJ+r/nkR70KLwtJ9MtzPk++2OzhOccQ5U +-> R/s&I\[A-grease +Gf7kDJJz1vaeSXbI+WwdAwXPb85nWC9mSyLxUTmUphmttvSLTWLWcNS2BaadtmcQ +RE7RQJWmxirRYGRD88Q/I1t/jhWn5NyMQjx7y764crZLzdqursqHwJY +--- /qt8ny4iAkKcQMccaQ1z39VH/Sju2POQkj6iW//ISDw +U4ݮN59Eei}E\Q`кe6Kin]).&I'}" \ No newline at end of file diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 05249b4..27df09b 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -13,4 +13,5 @@ in "peertube-smtp.age".publicKeys = all; "email-pw.age".publicKeys = all; "nextcloud-pw.age".publicKeys = all; + "iodine.age".publicKeys = all; } \ No newline at end of file