From d1620a9680392e4c5e545cfa878fff5b956d6479 Mon Sep 17 00:00:00 2001 From: Illia Chub Date: Sun, 6 Feb 2022 11:44:00 +0200 Subject: [PATCH] Added fixes for disk expansion and VPN networking --- .gitignore | 4 +--- configuration.nix | 8 ++++++-- hardware-configuration.nix | 9 +++++++++ 3 files changed, 16 insertions(+), 5 deletions(-) create mode 100644 hardware-configuration.nix diff --git a/.gitignore b/.gitignore index d128ad9..8089eb0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ -userdata/userdata.json -hardware-configuration.nix -networking.nix \ No newline at end of file +userdata/userdata.json \ No newline at end of file diff --git a/configuration.nix b/configuration.nix index 1281ac4..50f3ecf 100644 --- a/configuration.nix +++ b/configuration.nix @@ -6,7 +6,6 @@ in { imports = [ ./hardware-configuration.nix - ./variables-module.nix ./variables.nix ./files.nix @@ -34,9 +33,14 @@ in boot.cleanTmpDir = true; networking = { hostName = config.services.userdata.hostname; + usePredictableInterfaceNames = false; firewall = { allowedTCPPorts = lib.mkForce [ 22 25 80 143 443 465 587 993 8443 ]; allowedUDPPorts = lib.mkForce [ 8443 ]; + extraCommands = '' + iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE + iptables --append FORWARD --in-interface vpn00 -j ACCEPT + ''; }; nameservers = [ "1.1.1.1" "1.0.0.1" ]; }; @@ -84,4 +88,4 @@ in enable = true; }; }; -} +} \ No newline at end of file diff --git a/hardware-configuration.nix b/hardware-configuration.nix new file mode 100644 index 0000000..7480c73 --- /dev/null +++ b/hardware-configuration.nix @@ -0,0 +1,9 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot.loader.grub.device = "/dev/sda"; + fileSystems = { + "/" = { device = "/dev/sda1"; fsType = "ext4"; }; + "/var" = { device = "/dev/sdb"; fsType = "ext4"; }; + }; +} \ No newline at end of file