50 lines
1.1 KiB
Nix
50 lines
1.1 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
...
|
|
}: {
|
|
vpnNamespaces."wg" = {
|
|
enable = true;
|
|
wireguardConfigFile = config.sops.secrets.wireguard.path;
|
|
accessibleFrom = [
|
|
"192.168.0.0/24"
|
|
# "127.0.0.1"
|
|
];
|
|
|
|
# Forwarded to my vpn, for making things accessible from outside
|
|
openVPNPorts = [
|
|
{
|
|
port = 8336;
|
|
protocol = "tcp";
|
|
}
|
|
{
|
|
port = config.services.slskd.settings.soulseek.listen_port;
|
|
protocol = "both";
|
|
}
|
|
{
|
|
port = config.services.slskd.settings.soulseek.listen_port + 1;
|
|
protocol = "both";
|
|
}
|
|
{
|
|
port = config.services.transmission.settings.peer-port;
|
|
protocol = "both";
|
|
}
|
|
];
|
|
|
|
# From inside of the vpn namespace to outside of it, for making things inside accessible to LAN
|
|
portMappings = let
|
|
passthrough = [
|
|
8336 # caddy
|
|
80 # caddy
|
|
443 # caddy
|
|
2019 # caddy admin, for prometheus metrics
|
|
1900 # jellyfin discovery
|
|
7359 # jellyfin discovery
|
|
];
|
|
in (lib.map (x: {
|
|
from = x;
|
|
to = x;
|
|
})
|
|
passthrough);
|
|
};
|
|
}
|