From 47161357f7a5a7d4fdb2d5689909e26c3a59d987 Mon Sep 17 00:00:00 2001
From: jaina heartles <me@heartles.xyz>
Date: Mon, 12 Aug 2024 07:57:27 -0400
Subject: [PATCH] nebula vpn setup

---
 configuration.nix |  1 +
 nebula.nix        | 25 +++++++++++++++++++++++++
 2 files changed, 26 insertions(+)
 create mode 100644 nebula.nix

diff --git a/configuration.nix b/configuration.nix
index ae182e1..517f319 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -16,6 +16,7 @@ in {
     ./hardware-configuration.nix
     ./egirls-qa.nix
     ./postfix.nix
+    ./nebula.nix
     #./stalwart.nix
     #./vpn.nix
     #/home/jaina/src/nix-deployments/nordvpn/containers.nix
diff --git a/nebula.nix b/nebula.nix
new file mode 100644
index 0000000..a32d2c6
--- /dev/null
+++ b/nebula.nix
@@ -0,0 +1,25 @@
+{ lib, pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [ nebula ];
+  services.nebula.networks.home = {
+    enable = true;
+    cert = "/var/lib/nebula/harrowhark.crt";
+    key = "/var/lib/nebula/harrowhark.key";
+    ca = "/var/lib/nebula/ca.crt";
+
+    lighthouses = [ "172.16.0.1" ];
+    staticHostMap."172.16.0.1" = [ "5.78.100.40:4242" ];
+
+    firewall.inbound = [{
+      host = "any";
+      port = "any";
+      proto = "any";
+    }];
+    firewall.outbound = [{
+      host = "any";
+      port = "any";
+      proto = "any";
+    }];
+  };
+}