36 lines
798 B
Nix
36 lines
798 B
Nix
{ config, lib, ... }:
|
|
with lib; {
|
|
options = {
|
|
peerix = {
|
|
enable = mkOption {
|
|
description = "Enable peerix";
|
|
default = false;
|
|
example = true;
|
|
type = lib.types.bool;
|
|
};
|
|
privateKeyFile = mkOption {
|
|
description = "Private key file for signing";
|
|
default = "";
|
|
example = "./private_key";
|
|
type = lib.types.path;
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf config.peerix.enable {
|
|
services = {
|
|
peerix = {
|
|
enable = true;
|
|
openFirewall = false; # UDP/12304
|
|
privateKeyFile = "${config.peerix.privateKeyFile}";
|
|
publicKeyFile = ../../configs/peerix.pubs;
|
|
};
|
|
};
|
|
networking.firewall.interfaces = {
|
|
"tailscale0" = {
|
|
allowedUDPPorts = 12304;
|
|
};
|
|
};
|
|
};
|
|
}
|