From 70fb2d9be2ef24448d1a7dbae88c385d782ee5f1 Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Mon, 24 Feb 2025 12:06:38 -0600 Subject: [PATCH 1/6] set use routing features for tailscale --- configurations/nixos/defiant/configuration.nix | 1 + configurations/nixos/horizon/configuration.nix | 1 + configurations/nixos/twilight/configuration.nix | 1 + 3 files changed, 3 insertions(+) diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index c8edcba..18ef99e 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -161,6 +161,7 @@ tailscale = { enable = true; authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/defiant".path; + useRoutingFeatures = "server"; }; }; diff --git a/configurations/nixos/horizon/configuration.nix b/configurations/nixos/horizon/configuration.nix index a4f4f77..1dc88b7 100644 --- a/configurations/nixos/horizon/configuration.nix +++ b/configurations/nixos/horizon/configuration.nix @@ -62,6 +62,7 @@ tailscale = { enable = true; authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/horizon".path; + useRoutingFeatures = "client"; }; }; diff --git a/configurations/nixos/twilight/configuration.nix b/configurations/nixos/twilight/configuration.nix index 4f4b355..00facbe 100644 --- a/configurations/nixos/twilight/configuration.nix +++ b/configurations/nixos/twilight/configuration.nix @@ -45,6 +45,7 @@ tailscale = { enable = true; authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/twilight".path; + useRoutingFeatures = "both"; }; }; programs.steam = { From 79c130dc4bd542d3d346fad0ba087a643586bdb3 Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Mon, 24 Feb 2025 12:10:01 -0600 Subject: [PATCH 2/6] disabled ollama on defiant --- configurations/nixos/defiant/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 18ef99e..1ba8127 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -149,7 +149,7 @@ }; ollama = { - enable = true; + enable = false; loadModels = [ "deepseek-coder:6.7b" From 500cbc213c9916b72d1154b29d86b2b8740cbdea Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Mon, 24 Feb 2025 12:23:12 -0600 Subject: [PATCH 3/6] added advertise-exit-node flags to tailscale --- configurations/nixos/defiant/configuration.nix | 1 + configurations/nixos/twilight/configuration.nix | 1 + 2 files changed, 2 insertions(+) diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 1ba8127..e8674a2 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -162,6 +162,7 @@ enable = true; authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/defiant".path; useRoutingFeatures = "server"; + extraUpFlags = ["--advertise-exit-node"]; }; }; diff --git a/configurations/nixos/twilight/configuration.nix b/configurations/nixos/twilight/configuration.nix index 00facbe..488c748 100644 --- a/configurations/nixos/twilight/configuration.nix +++ b/configurations/nixos/twilight/configuration.nix @@ -46,6 +46,7 @@ enable = true; authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/twilight".path; useRoutingFeatures = "both"; + extraUpFlags = ["--advertise-exit-node"]; }; }; programs.steam = { From ab94cb1dae10631b87f37d603aaa5d00fe9b1c11 Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Mon, 24 Feb 2025 12:27:29 -0600 Subject: [PATCH 4/6] added advertise-routes to defiant tailscale config --- configurations/nixos/defiant/configuration.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index e8674a2..189ee9e 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -162,7 +162,10 @@ enable = true; authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/defiant".path; useRoutingFeatures = "server"; - extraUpFlags = ["--advertise-exit-node"]; + extraUpFlags = [ + "--advertise-exit-node" + "--advertise-routes=192.168.1.0/24" + ]; }; }; From 6d6e34e06a6a103ad06cb15afc4d45f0e120d335 Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Mon, 24 Feb 2025 12:38:42 -0600 Subject: [PATCH 5/6] added extra set flags to configs --- configurations/nixos/defiant/configuration.nix | 4 ++++ configurations/nixos/twilight/configuration.nix | 3 +++ 2 files changed, 7 insertions(+) diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 189ee9e..80308ed 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -166,6 +166,10 @@ "--advertise-exit-node" "--advertise-routes=192.168.1.0/24" ]; + extraSetFlags = [ + "--advertise-exit-node" + "--advertise-routes=192.168.1.0/24" + ]; }; }; diff --git a/configurations/nixos/twilight/configuration.nix b/configurations/nixos/twilight/configuration.nix index 488c748..27b47ac 100644 --- a/configurations/nixos/twilight/configuration.nix +++ b/configurations/nixos/twilight/configuration.nix @@ -47,6 +47,9 @@ authKeyFile = config.sops.secrets."wireguard-keys/tailscale-authkey/twilight".path; useRoutingFeatures = "both"; extraUpFlags = ["--advertise-exit-node"]; + extraSetFlags = [ + "--advertise-exit-node" + ]; }; }; programs.steam = { From c9bc06f594901a28df37ed00ad3e5f9aeda55813 Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Mon, 24 Feb 2025 12:49:54 -0600 Subject: [PATCH 6/6] added syncthing to other computers --- .../nixos/defiant/configuration.nix | 10 ++ .../nixos/twilight/configuration.nix | 10 ++ modules/nixos-modules/sync.nix | 131 +++++++++++------- 3 files changed, 101 insertions(+), 50 deletions(-) diff --git a/configurations/nixos/defiant/configuration.nix b/configurations/nixos/defiant/configuration.nix index 80308ed..f300185 100644 --- a/configurations/nixos/defiant/configuration.nix +++ b/configurations/nixos/defiant/configuration.nix @@ -118,6 +118,16 @@ enable = true; subdomain = "drive"; }; + sync = { + enable = true; + folders = { + leyla = { + documents.enable = true; + calendar.enable = true; + notes.enable = true; + }; + }; + }; }; networking = { hostId = "c51763d6"; diff --git a/configurations/nixos/twilight/configuration.nix b/configurations/nixos/twilight/configuration.nix index 27b47ac..46dfd8a 100644 --- a/configurations/nixos/twilight/configuration.nix +++ b/configurations/nixos/twilight/configuration.nix @@ -29,6 +29,16 @@ openRGB.enable = true; graphicsAcceleration.enable = true; }; + sync = { + enable = true; + folders = { + leyla = { + documents.enable = true; + calendar.enable = true; + notes.enable = true; + }; + }; + }; }; services = { diff --git a/modules/nixos-modules/sync.nix b/modules/nixos-modules/sync.nix index 00036f4..ac399f2 100644 --- a/modules/nixos-modules/sync.nix +++ b/modules/nixos-modules/sync.nix @@ -35,56 +35,87 @@ in { }; }; - config = { - systemd = lib.mkIf config.services.syncthing.enable { - tmpfiles.rules = [ - "d ${mountDir} 755 syncthing syncthing -" - "d ${config.services.syncthing.dataDir} 755 syncthing syncthing -" - "d ${config.services.syncthing.configDir} 755 syncthing syncthing -" - ]; - }; - services.syncthing = { - enable = config.host.sync.enable; - user = "syncthing"; - group = "syncthing"; - dataDir = "${mountDir}/default"; - configDir = "/etc/syncthing"; - overrideDevices = true; - overrideFolders = true; - settings = { - devices = { - ceder = { - id = "MGXUJBS-7AENXHB-7YQRNWG-QILKEJD-5462U2E-WAQW4R4-I2TVK5H-SMK6LAA"; - }; - coven = { - id = "QGU7NN6-OMXTWVA-YCZ73S5-2O7ECTS-MUCTN4M-YH6WLEL-U4U577I-7PBNCA5"; - }; - }; - folders = lib.mkMerge [ - config.host.sync.folders.extraFolders - (lib.mkIf config.host.sync.folders.leyla.documents.enable { - "documents" = { - id = "hvrj0-9bm1p"; - path = "/mnt/sync/leyla/documents"; - devices = ["ceder" "coven"]; - }; - }) - (lib.mkIf config.host.sync.folders.leyla.calendar.enable { - "calendar" = { - id = "8oatl-1rv6w"; - path = "/mnt/sync/leyla/calendar"; - devices = ["ceder" "coven"]; - }; - }) - (lib.mkIf config.host.sync.folders.leyla.notes.enable { - "notes" = { - id = "dwbuv-zffnf"; - path = "/mnt/sync/leyla/notes"; - devices = ["ceder" "coven"]; - }; - }) + config = lib.mkMerge [ + { + systemd = lib.mkIf config.services.syncthing.enable { + tmpfiles.rules = [ + "d ${mountDir} 755 syncthing syncthing -" + "d ${config.services.syncthing.dataDir} 755 syncthing syncthing -" + "d ${config.services.syncthing.configDir} 755 syncthing syncthing -" ]; }; - }; - }; + } + (lib.mkIf config.host.sync.enable (lib.mkMerge [ + { + services.syncthing = { + enable = true; + user = "syncthing"; + group = "syncthing"; + dataDir = "${mountDir}/default"; + configDir = "/etc/syncthing"; + overrideDevices = true; + overrideFolders = true; + settings = { + devices = { + ceder = { + id = "MGXUJBS-7AENXHB-7YQRNWG-QILKEJD-5462U2E-WAQW4R4-I2TVK5H-SMK6LAA"; + }; + coven = { + id = "QGU7NN6-OMXTWVA-YCZ73S5-2O7ECTS-MUCTN4M-YH6WLEL-U4U577I-7PBNCA5"; + }; + defiant = lib.mkIf (config.networking.hostName != "defiant") { + id = "TQGGO5F-PUXQYVV-LVVM7PR-Q4TKI6T-NR576PH-CFTVB4O-RP5LL6C-WKQMXQR"; + }; + twilight = lib.mkIf (config.networking.hostName != "twilight") { + id = "UDIYL7V-OAZ2BI3-EJRAWFB-GZYVDWR-JNUYW3F-FFQ35MU-XBTGWEF-QD6K6QN"; + }; + horizon = lib.mkIf (config.networking.hostName != "horizon") { + id = "OGPAEU6-5UR56VL-SP7YC4Y-IMVCRTO-XFD4CYN-Z6T5TZO-PFZNAT6-4MKWPQS"; + }; + }; + folders = lib.mkMerge [ + config.host.sync.folders.extraFolders + (lib.mkIf config.host.sync.folders.leyla.documents.enable { + "documents" = { + id = "hvrj0-9bm1p"; + path = "${mountDir}/leyla/documents"; + devices = ["ceder" "coven"]; + }; + }) + (lib.mkIf config.host.sync.folders.leyla.calendar.enable { + "calendar" = { + id = "8oatl-1rv6w"; + path = "${mountDir}/leyla/calendar"; + devices = ["ceder" "coven"]; + }; + }) + (lib.mkIf config.host.sync.folders.leyla.notes.enable { + "notes" = { + id = "dwbuv-zffnf"; + path = "${mountDir}/leyla/notes"; + devices = ["ceder" "coven"]; + }; + }) + ]; + }; + }; + } + + (lib.mkIf config.host.impermanence.enable { + environment.persistence = { + "/persist/system/root" = { + enable = true; + hideMounts = true; + directories = [ + { + directory = mountDir; + user = "syncthing"; + group = "syncthing"; + } + ]; + }; + }; + }) + ])) + ]; }