nixos-configs/devices/nos/modules/arion/wg-easy/compose.nix
matt1432 f277c78ac1
All checks were successful
Discord / discord commits (push) Has been skipped
refactor: rename nas to nos
2024-03-01 18:20:32 -05:00

40 lines
743 B
Nix

{config, ...}: let
inherit (config.arion) rwDataDir;
rwPath = rwDataDir + "/wg-easy";
in {
arion.projects."wg-easy"."wg-easy" = {
image = ./images/wg-easy.nix;
restart = "always";
privileged = true;
capabilities = {
NET_ADMIN = true;
SYS_MODULE = true;
};
sysctls = {
"net.ipv4.ip_forward" = 1;
"net.ipv4.conf.all.src_valid_mark" = 1;
};
dns = ["1.0.0.1"];
environment = {
WG_HOST = "166.62.179.208";
WG_PORT = "51820";
WG_DEFAULT_ADDRESS = "10.6.0.x";
WG_DEFAULT_DNS = "1.0.0.1";
};
volumes =[
"${rwPath}/data:/etc/wireguard"
];
ports = [
"53:51820/udp"
"51822:51820/udp"
"51821:51821/tcp"
];
};
}