Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Blunkall-Technologies:181f5689e0c2725ff5e8763a4c412df6a3395549
Branches Tags
Blunkall-Technologies:master
...
compare: Blunkall-Technologies:b7f5611d9bf4749f7e323c2b414bb488459d0bc2
Branches Tags
Blunkall-Technologies:master

2 Commits
181f5689e0 ... b7f5611d9b

Author SHA1 Message Date
Nathan
b7f5611d9b test netbird 2025-07-17 18:15:07 -05:00
Nathan
2a91d8e950 import 2025-07-17 10:50:55 -05:00
3 changed files with 56 additions and 2 deletions
Expand all files Collapse all files

1
system-config/services/containers/default.nix
View File

@@ -12,5 +12,6 @@
./ntfy ./ntfy
./homeassistant ./homeassistant
./rustdesk ./rustdesk
./netbird
]; ];
} }

48
system-config/services/containers/netbird/default.nix
View File

@@ -21,7 +21,13 @@
enable = config.sysconfig.opts.netbird.enable; enable = config.sysconfig.opts.netbird.enable;
}; };
environment.systemPackages = lib.mkIf config.sysconfig.opts.netbird.enable [ pkgs.netbird-ui ]; #environment.systemPackages = lib.mkIf config.sysconfig.opts.netbird.enable [ pkgs.netbird-ui ];
networking.firewall = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable {
allowedTCPPorts = [ 80 443 33073 33080 10000 ];
allowedUDPPorts = [ 3478 ];
allowedUDPPortRanges = [{ from = 49152; to = 65535; }];
};
containers.netbird = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable { containers.netbird = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable {
@@ -29,10 +35,43 @@
privateNetwork = true; privateNetwork = true;
hostAddress = "192.168.100.10"; hostAddress = "192.168.100.10";
localAddress = "192.168.100.21"; localAddress = "192.168.100.21";
forwardPorts = [
{
containerPort = 33073;
hostPort = 33073;
protocol = "tcp";
}
{
containerPort = 33080;
hostPort = 33080;
protocol = "tcp";
}
{
containerPort = 10000;
hostPort = 10000;
protocol = "tcp";
}
{
containerPort = 3478;
hostPort = 3478;
protocol = "udp";
}
] ++ map (x : {
containerPort = x;
hostPort = x;
protocol = "udp";
}) (builtins.genList (y: y + 49152) (65535 - 49152));
bindMounts = {}; bindMounts = {};
config = { config = {
networking.firewall = {
allowedTCPPorts = [ 80 443 33073 33080 10000 ];
allowedUDPPorts = [ 3478 ];
allowedUDPPortRanges = [{ from = 49152; to = 65535; }];
};
services.netbird = { services.netbird = {
@@ -42,25 +81,30 @@
enable = true; enable = true;
domain = "vpn.blunkall.us"; domain = "vpn.blunkall.us";
/*
management = { management = {
enable = true; enable = true;
dnsDomain = ".vpn"; dnsDomain = ".vpn";
turnDomain = "localhost";
disableAnonymousMetrics = true; disableAnonymousMetrics = true;
}; };
dashboard = { dashboard = {
enable = true; enable = true;
managementServer = "localhost";
}; };
coturn = { coturn = {
domain = "turn.blunkall.us";
enable = true; enable = true;
}; };
signal = { signal = {
enable = true; enable = true;
}; };
*/
}; };
}; };
}; };

9
system-config/services/containers/traefik/default.nix
View File

@@ -216,6 +216,13 @@
service = "pihole"; service = "pihole";
tls.certResolver = "cloudflare"; tls.certResolver = "cloudflare";
};*/ };*/
netbird = {
entryPoints = [ "websecure" ];
rule = "Host(`vpn.blunkall.us`)";
service = "netbird";
tls.certResolver = "cloudflare";
};
}; };
middlewares = { middlewares = {
@@ -261,6 +268,8 @@
nextcloud.loadBalancer.servers = [ { url = "http://192.168.100.15:80"; } ]; nextcloud.loadBalancer.servers = [ { url = "http://192.168.100.15:80"; } ];
ntfy.loadBalancer.servers = [ { url = "http://192.168.100.19"; } ]; ntfy.loadBalancer.servers = [ { url = "http://192.168.100.19"; } ];
netbird.loadBalancer.servers = [ { url = "http://192.168.100.21"; } ];
homeassistant.loadBalancer.servers = [ { url = "http://192.168.100.10:8123"; } ]; homeassistant.loadBalancer.servers = [ { url = "http://192.168.100.10:8123"; } ];