2022-08-22-08-33-31

configs/user.nix

@@ -187,9 +187,5 @@ in {
     };
 
     services.vscode-server.enable = true;
-
-    # manuals not needed
-    manual.html.enable = false;
-    manual.json.enable = false;
   };
 }

ddclient.conf

@@ -0,0 +1 @@
+rtGAAbKqSiCi9yqJDezwTl40YXniShCWWoBygXMyIMJWFellAXMRbl9dZY2fNwcB

machine/mini.nix

@@ -1,16 +1,14 @@
 { config, pkgs, ... }:
-let
+let secrets = import ../configs/secrets.nix;
-  secrets = import ../configs/secrets.nix;
+in {
-in
+  imports = [
-{
+    <nixos-hardware/common/cpu/intel>
-  imports =
+    /etc/nixos/hardware-configuration.nix
-    [
+    ../configs/docker.nix
-      <nixos-hardware/common/cpu/intel>
+    ../configs/libvirt.nix
-      /etc/nixos/hardware-configuration.nix
+    ../configs/common.nix
-      ../configs/docker.nix
+    ../configs/user.nix
-      ../configs/common.nix
+  ];
-      ../configs/user.nix
-    ];
 
   # Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;
@@ -21,49 +19,74 @@ in
   networking = {
     hostName = "mini";
     useDHCP = false;
-    firewall = {
+    firewall = { enable = false; };
-      enable = false;
-    };
     networkmanager.enable = true;
     wireguard.interfaces = {
       wg0 = {
         ips = [ "10.100.0.3/24" ];
         privateKey = secrets.wireguard-mini-private;
 
-        peers = [
+        peers = [{
-          {
+          publicKey = secrets.wireguard-vps-public;
-            publicKey = secrets.wireguard-vps-public;
+          presharedKey = secrets.wireguard-preshared;
-            presharedKey = secrets.wireguard-preshared;
+          allowedIPs = [ "10.100.0.0/24" ];
-            allowedIPs = [ "10.100.0.0/24" ];
+          endpoint = "szczepan.ski:51820";
-            endpoint = "szczepan.ski:51820";
+          persistentKeepalive = 25;
-            persistentKeepalive = 25;
+        }];
-          }
-        ];
       };
     };
   };
 
   services = {
-    k3s = {
+    # k3s = {
+    #   enable = true;
+    #   role = "server";
+    # };
+
+    # nextdns = {
+    #   arguments = pkgs.lib.mkForce [
+    #     "-config"
+    #     secrets.nextdnshash
+    #     "-cache-size"
+    #     "10MB"
+    #     "-listen"
+    #     "0.0.0.0:53"
+    #     "-listen"
+    #     ":::53"
+    #     "-forwarder"
+    #     secrets.nextdnsforwarder
+    #     "-report-client-info"
+    #   ];
+    # };
+
+    ddclient = {
       enable = true;
-      role = "server";
+      verbose = true;
+      server = "dyndns.strato.com/nic/update";
+      username = "beinacht.org";
+      passwordFile = "/home/alex/nixos-config/ddclient.conf";
+      domains = [ "home.beinacht.org" ];
     };
 
-    nextdns = {
+    printing = {
-      arguments = pkgs.lib.mkForce [
+      enable = true;
-        "-config"
+      drivers = [ pkgs.brlaser ];
-        secrets.nextdnshash
+      browsing = true;
-        "-cache-size"
+      listenAddresses = [
-        "10MB"
+        "*:631"
-        "-listen"
+      ]; # Not 100% sure this is needed and you might want to restrict to the local network
-        "0.0.0.0:53"
+      allowFrom = [
-        "-listen"
+        "all"
-        ":::53"
+      ]; # this gives access to anyone on the interface you might want to limit it see the official documentation
-        "-forwarder"
+      defaultShared = true; # If you want
-        secrets.nextdnsforwarder
-        "-report-client-info"
-      ];
     };
+
+    avahi = {
+      enable = true;
+      publish.enable = true;
+      publish.userServices = true;
+    };
+
   };
 
   system.stateVersion = "22.05";