24 lines
707 B
Nix
24 lines
707 B
Nix
|
# Shared configuration values
|
||
|
let
|
||
|
nebula-port = 4242;
|
||
|
empyrean-vpn-ip = "10.22.20.1";
|
||
|
empyrean-ext-dns = "vpn.alogoulogoi.com";
|
||
|
in {
|
||
|
nebula-defaults = {
|
||
|
listen.port = nebula-port;
|
||
|
|
||
|
# Don't filter at the VPN level
|
||
|
firewall.outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
|
||
|
firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
|
||
|
|
||
|
settings = {
|
||
|
# Enable UDP holepunching both ways, which allows nodes to establish more direct connections with each other
|
||
|
punchy = { punch = true; response = true; };
|
||
|
};
|
||
|
};
|
||
|
|
||
|
inherit empyrean-vpn-ip;
|
||
|
empyrean-host-map = { ${empyrean-vpn-ip} = [ "${empyrean-ext-dns}:${toString nebula-port}" ]; };
|
||
|
}
|
||
|
|