Created
June 22, 2019 22:30
-
-
Save dysinger/18ba44a254cc7683fda79a4e35751826 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let | |
| privateZeroTierInterfaces = [ "ztbso1b6n3" ]; # ZT NET INTERFACE | |
| in { | |
| system.stateVersion = "19.03"; | |
| services.openssh.enable = true; | |
| services.openssh.openFirewall = false; # SSH ONLY ON VPN | |
| services.openssh.passwordAuthentication = false; | |
| networking.firewall.enable = true; | |
| networking.firewall.trustedInterfaces = privateZeroTierInterfaces; # TRUST VPN ONLY | |
| services.avahi.enable = true; | |
| services.avahi.interfaces = privateZeroTierInterfaces; # ONLY BROADCAST ON VPN | |
| services.avahi.ipv6 = true; | |
| services.avahi.publish.enable = true; | |
| services.avahi.publish.userServices = true; | |
| services.avahi.publish.addresses = true; | |
| services.avahi.publish.domain = true; | |
| services.avahi.nssmdns = true; | |
| services.avahi.publish.workstation = true; # ADDED TO DESKTOP MACHINES | |
| services.zerotierone.enable = true; | |
| services.zerotierone.joinNetworks = [ "13ac5a1e71ebebce" ]; # ZT NETWORK ID | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment