Cleanup services

2023-03-12 14:05:11 -06:00
parent aaa1800d0c
commit ab2cc0cc0a
4 changed files with 67 additions and 42 deletions
--- a/common/server/iodine.nix
+++ b/common/server/iodine.nix
@@ -0,0 +1,20 @@
+{ config, pkgs, lib, ... }:
+
+let
+  cfg = config.services.iodine.server;
+in {
+  config = lib.mkIf cfg.enable {
+    # iodine DNS-based vpn
+    services.iodine.server = {
+      ip = "192.168.99.1";
+      domain = "tun.neet.dev";
+      passwordFile = "/run/agenix/iodine";
+    };
+    age.secrets.iodine.file = ../../secrets/iodine.age;
+    networking.firewall.allowedUDPPorts = [ 53 ];
+
+    networking.nat.internalInterfaces = [
+      "dns0" # iodine
+    ];
+  };
+}