From 8a270f07ed5f08a27cf7a99275825ec36c2ccbfb Mon Sep 17 00:00:00 2001
From: Hendrik Sokolowski <hensoko@gssws.de>
Date: Sat, 1 Apr 2023 16:48:43 +0200
Subject: [PATCH] add factorio to chonk, update wireguard config

---
 hosts/chonk/configuration.nix |  4 +--
 hosts/chonk/factorio.nix      | 58 +++++++++++++++++++++++++++++------
 hosts/chonk/wireguard.nix     | 22 ++++++-------
 3 files changed, 59 insertions(+), 25 deletions(-)

diff --git a/hosts/chonk/configuration.nix b/hosts/chonk/configuration.nix
index 905ee36e..113854e4 100644
--- a/hosts/chonk/configuration.nix
+++ b/hosts/chonk/configuration.nix
@@ -32,8 +32,8 @@
   services.openssh.ports = [2222];
 
   networking.nat.enable = true;
-  networking.nat.internalIPs = ["10.10.42.0/24"];
-  networking.nat.externalInterface = "eno1";
+  networking.nat.internalIPs = ["10.10.42.0/24" "10.0.1.1"];
+  networking.nat.externalInterface = "br0";
 
   networking.firewall.enable = lib.mkForce true;
   networking.firewall.allowedTCPPorts = [80 443 2222];
diff --git a/hosts/chonk/factorio.nix b/hosts/chonk/factorio.nix
index 535275d4..71b054fa 100644
--- a/hosts/chonk/factorio.nix
+++ b/hosts/chonk/factorio.nix
@@ -1,17 +1,55 @@
 {
   self,
+  lib,
   config,
   pkgs,
-  fetchurl,
   ...
-}: let
-  #far-reach = pkgs.factorio-utils.modDrv rec {
-  #  src = fetchurl {
-  #    urls = [ "https://dl-mod.factorio.com/download/c48a8fbbe6941453173ae4e8a353976f3d757773/far-reach_1.1.2.zip?secure=0rFEz6-kw9j2JtrOUv3yEw,1677274141" ];
-  #    sha256 = "";
-  #  };
-  #};
-in {
+}:
+with pkgs; let
+  modDrv = pkgs.factorio-utils.modDrv {
+    allRecommendedMods = true;
+    allOptionalMods = false;
+  };
+
+  flib = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/EsrBq2XpR9bTp7b/download/flib_0.12.6.zip"
+      ];
+      sha256 = "Wf/w3Bh4jT5DDEp6GCVdg181DxEjiWe1iN3h5X7/oAw=";
+    };
+  };
+
+  electricalTrains = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/oHXWpoi7kD52Dzt/download/Realistic_Electric_Trains_Krastorio_2_1.0.0.zip"
+      ];
+      sha256 = "ujO5qRHzKgxX/vsYYvoBjh1UKukGD31FvjLQZzCqxlk=";
+    };
+  };
+
+  krastorio2Assets = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/czsmnaiis25TX8m/download/Krastorio2Assets_1.2.1.zip"
+      ];
+      sha256 = "1Y8I40I8EQLdLuiWDr+aty8p7PNh1pY6IPkRVz2pi5E=";
+    };
+  };
+
+  krastorio2 = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/DepN4zWWjiEJpZt/download/Krastorio2_1.3.18.zip"
+      ];
+      sha256 = "wuMVVW7SbDdBxcUmJLT9MzpC9W1RRJaTs2cYylt6ilU=";
+    };
+
+    deps = [flib krastorio2Assets];
+  };
+in rec
+{
   services.factorio = {
     enable = true;
     package = pkgs.factorio-headless-experimental;
@@ -19,6 +57,6 @@ in {
     game-name = "pub.solar Factorio";
     game-password = "pub.solar";
     admins = ["hensoko"];
-    #mods = [ far-reach ];
+    mods = [electricalTrains krastorio2];
   };
 }
diff --git a/hosts/chonk/wireguard.nix b/hosts/chonk/wireguard.nix
index 82609e5d..96952ca2 100644
--- a/hosts/chonk/wireguard.nix
+++ b/hosts/chonk/wireguard.nix
@@ -11,25 +11,25 @@
 
   # Enable WireGuard
   networking.wireguard.interfaces = {
-    wg1 = {
-      # Determines the IP address and subnet of the client's end of the tunnel interface.
+    wg0 = {
       ips = ["10.0.1.6"];
-      listenPort = 51899; # to match firewall allowedUDPPorts (without this wg uses random port numbers)
+      listenPort = 51899;
 
-      # Path to the private key file.
-      #
-      # Note: The private key can also be included inline via the privateKey option,
-      # but this makes the private key world-readable; thus, using privateKeyFile is
-      # recommended.
       privateKeyFile = "/run/agenix/home_controller_wireguard";
 
       peers = [
+        {
+          # router
+          publicKey = "xqifcPfCgLNQ1M3w6zfoWVMkkz2lO5GZ/LlOECnPQFc=";
+          allowedIPs = ["10.0.1.1/32"];
+
+          persistentKeepalive = 25;
+        }
         {
           # giggles
           publicKey = "i5kiTSPGR2jrdHl+s/S6D0YWb+xkbPudczG2RWmWwCg=";
           allowedIPs = ["10.0.1.11/32"];
 
-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
           persistentKeepalive = 25;
         }
         {
@@ -37,7 +37,6 @@
           publicKey = "VogQYYYNdXLhPKY9/P2WAn6gfEX9ojN3VD+DKx4gl0k=";
           allowedIPs = ["10.0.1.12/32"];
 
-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
           persistentKeepalive = 25;
         }
         {
@@ -45,7 +44,6 @@
           publicKey = "7EUcSUckw/eLiWFHD+AzfcoKWstjr+cL70SupOJ6zC0=";
           allowedIPs = ["10.0.1.13/32"];
 
-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
           persistentKeepalive = 25;
         }
         {
@@ -53,7 +51,6 @@
           publicKey = "FRNg+bJWPn4vAA2Fw8PXYsTpxdEKdVE+b7eTtl8ORxM=";
           allowedIPs = ["10.0.1.121/32"];
 
-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
           persistentKeepalive = 25;
         }
         {
@@ -61,7 +58,6 @@
           publicKey = "sC0wWHE/tvNaVYX3QQTHQUmSTTjZMOjkQ5x/qy6qjTc=";
           allowedIPs = ["10.0.1.254/32"];
 
-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
           persistentKeepalive = 25;
         }
       ];