test netbird daemon

2024-07-01 12:01:57 +03:00 · 2024-07-01 12:01:57 +03:00 · dbc7be6376
commit dbc7be6376
parent 7cb753b5ae
2 changed files with 37 additions and 6 deletions
--- a/machines/AMD-Workstation/default.nix
+++ b/machines/AMD-Workstation/default.nix
@ -120,10 +120,24 @@
    home.stateVersion = "24.05";
  };

-  services.netbird.tunnels.wt0.stateDir = "netbird";
+  services.netbird.clients.priv = {
+    interface = "wt0";
+    port = 58467;
+    hardened = false;
+    ui.enable = true;
+    autoStart = false;
+    config = {
+      AdminURL.Host = "net.ataraxiadev.com:443";
+      AdminURL.Scheme = "https";
+      ManagementURL.Host = "net.ataraxiadev.com:443";
+      ManagementURL.Scheme = "https";
+      RosenpassEnabled = true;
+      RosenpassPermissive = true;
+    };
+  };

  persist.state = {
-    directories = [ "/var/lib/netbird" ];
+    directories = [ "/var/lib/netbird-priv" ];
    homeDirectories = [
      ".local/share/winbox"
      ".local/share/PrismLauncher"
--- a/machines/NixOS-VPS/services/tailscale.nix
+++ b/machines/NixOS-VPS/services/tailscale.nix
@ -3,9 +3,11 @@ let
  bridgeName = (import ../hardware/networks.nix).interfaces.main'.bridgeName;
  tailscalePort = config.services.tailscale.port;
  tailscaleIfname = config.services.tailscale.interfaceName;
+  netbirdPort = config.services.netbird.clients.priv.port;
+  netbirdIfname = config.services.netbird.clients.priv.interface;
 in {
-  networking.firewall.interfaces.${bridgeName}.allowedUDPPorts = [ tailscalePort ];
-  networking.firewall.trustedInterfaces = [ tailscaleIfname ];
+  networking.firewall.interfaces.${bridgeName}.allowedUDPPorts = [ tailscalePort netbirdPort ];
+  networking.firewall.trustedInterfaces = [ tailscaleIfname netbirdIfname ];

  systemd.network.networks."50-tailscale" = {
    matchConfig.Name = tailscaleIfname;
@ -19,7 +21,22 @@ in {
    useRoutingFeatures = "both";
  };

-  services.netbird.tunnels.wt0.port = 52674;
+  services.netbird.clients.priv = {
+    interface = "wt0";
+    port = 52674;
+    hardened = false;
+    ui.enable = false;
+    config = {
+      AdminURL.Host = "net.ataraxiadev.com:443";
+      AdminURL.Scheme = "https";
+      ManagementURL.Host = "net.ataraxiadev.com:443";
+      ManagementURL.Scheme = "https";
+      DisableAutoConnect = false;
+      RosenpassEnabled = true;
+      RosenpassPermissive = true;
+    };
+  };
+  users.users.${config.mainuser}.extraGroups = [ "netbird-priv" ];

-  persist.state.directories = [ "/var/lib/tailscale" "/var/lib/netbird-wt0" ];
+  persist.state.directories = [ "/var/lib/tailscale" "/var/lib/netbird-priv" ];
 }