1
1
Fork 0

Add Nebula config

This commit is contained in:
Jaculabilis 2022-02-10 15:06:16 +00:00
parent de0ec2365a
commit 0c19b401c5
1 changed files with 25 additions and 0 deletions

View File

@ -102,6 +102,31 @@
chroot = false; chroot = false;
}; };
services.nebula.networks.beatific = {
enable = true;
# Network certificate and host credentials
ca = "/etc/nebula/beatific/ca.crt";
cert = "/etc/nebula/beatific/empyrean.crt";
key = "/etc/nebula/beatific/empyrean.key";
# This host has a well-known IP at prgmr, so it can function as a lighthouse/entry node
isLighthouse = true;
# Listen to connection requests from the public Internet
listen.port = 4242;
listen.host = "vpn.alogoulogoi.com";
# Don't filter anything at the VPN level.
firewall.outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
settings = {
# Enable UDP holepunching both ways, which allows nodes to establish more direct connections with each other
punchy = { punch = true; response = true; };
};
};
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowPing = true; allowPing = true;