add factorio to chonk, update wireguard config

2023-04-01 16:48:43 +02:00 · 2023-04-01 16:48:43 +02:00 · 8a270f07ed
parent a6376572c1
commit 8a270f07ed
3 changed files with 59 additions and 25 deletions
--- a/hosts/chonk/configuration.nix
+++ b/hosts/chonk/configuration.nix
@ -32,8 +32,8 @@
  services.openssh.ports = [2222];

  networking.nat.enable = true;
-  networking.nat.internalIPs = ["10.10.42.0/24"];
-  networking.nat.externalInterface = "eno1";
+  networking.nat.internalIPs = ["10.10.42.0/24" "10.0.1.1"];
+  networking.nat.externalInterface = "br0";

  networking.firewall.enable = lib.mkForce true;
  networking.firewall.allowedTCPPorts = [80 443 2222];
--- a/hosts/chonk/factorio.nix
+++ b/hosts/chonk/factorio.nix
@ -1,17 +1,55 @@
 {
  self,
+  lib,
  config,
  pkgs,
-  fetchurl,
  ...
-}: let
-  #far-reach = pkgs.factorio-utils.modDrv rec {
-  #  src = fetchurl {
-  #    urls = [ "https://dl-mod.factorio.com/download/c48a8fbbe6941453173ae4e8a353976f3d757773/far-reach_1.1.2.zip?secure=0rFEz6-kw9j2JtrOUv3yEw,1677274141" ];
-  #    sha256 = "";
-  #  };
-  #};
-in {
+}:
+with pkgs; let
+  modDrv = pkgs.factorio-utils.modDrv {
+    allRecommendedMods = true;
+    allOptionalMods = false;
+  };
+
+  flib = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/EsrBq2XpR9bTp7b/download/flib_0.12.6.zip"
+      ];
+      sha256 = "Wf/w3Bh4jT5DDEp6GCVdg181DxEjiWe1iN3h5X7/oAw=";
+    };
+  };
+
+  electricalTrains = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/oHXWpoi7kD52Dzt/download/Realistic_Electric_Trains_Krastorio_2_1.0.0.zip"
+      ];
+      sha256 = "ujO5qRHzKgxX/vsYYvoBjh1UKukGD31FvjLQZzCqxlk=";
+    };
+  };
+
+  krastorio2Assets = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/czsmnaiis25TX8m/download/Krastorio2Assets_1.2.1.zip"
+      ];
+      sha256 = "1Y8I40I8EQLdLuiWDr+aty8p7PNh1pY6IPkRVz2pi5E=";
+    };
+  };
+
+  krastorio2 = modDrv {
+    src = fetchurl {
+      urls = [
+        "https://cloud.pub.solar/s/DepN4zWWjiEJpZt/download/Krastorio2_1.3.18.zip"
+      ];
+      sha256 = "wuMVVW7SbDdBxcUmJLT9MzpC9W1RRJaTs2cYylt6ilU=";
+    };
+
+    deps = [flib krastorio2Assets];
+  };
+in rec
+{
  services.factorio = {
    enable = true;
    package = pkgs.factorio-headless-experimental;
@ -19,6 +57,6 @@ in {
    game-name = "pub.solar Factorio";
    game-password = "pub.solar";
    admins = ["hensoko"];
-    #mods = [ far-reach ];
+    mods = [electricalTrains krastorio2];
  };
 }
--- a/hosts/chonk/wireguard.nix
+++ b/hosts/chonk/wireguard.nix
@ -11,25 +11,25 @@

  # Enable WireGuard
  networking.wireguard.interfaces = {
-    wg1 = {
-      # Determines the IP address and subnet of the client's end of the tunnel interface.
+    wg0 = {
      ips = ["10.0.1.6"];
-      listenPort = 51899; # to match firewall allowedUDPPorts (without this wg uses random port numbers)
+      listenPort = 51899;

-      # Path to the private key file.
-      #
-      # Note: The private key can also be included inline via the privateKey option,
-      # but this makes the private key world-readable; thus, using privateKeyFile is
-      # recommended.
      privateKeyFile = "/run/agenix/home_controller_wireguard";

      peers = [
+        {
+          # router
+          publicKey = "xqifcPfCgLNQ1M3w6zfoWVMkkz2lO5GZ/LlOECnPQFc=";
+          allowedIPs = ["10.0.1.1/32"];
+
+          persistentKeepalive = 25;
+        }
        {
          # giggles
          publicKey = "i5kiTSPGR2jrdHl+s/S6D0YWb+xkbPudczG2RWmWwCg=";
          allowedIPs = ["10.0.1.11/32"];

-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
          persistentKeepalive = 25;
        }
        {
@ -37,7 +37,6 @@
          publicKey = "VogQYYYNdXLhPKY9/P2WAn6gfEX9ojN3VD+DKx4gl0k=";
          allowedIPs = ["10.0.1.12/32"];

-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
          persistentKeepalive = 25;
        }
        {
@ -45,7 +44,6 @@
          publicKey = "7EUcSUckw/eLiWFHD+AzfcoKWstjr+cL70SupOJ6zC0=";
          allowedIPs = ["10.0.1.13/32"];

-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
          persistentKeepalive = 25;
        }
        {
@ -53,7 +51,6 @@
          publicKey = "FRNg+bJWPn4vAA2Fw8PXYsTpxdEKdVE+b7eTtl8ORxM=";
          allowedIPs = ["10.0.1.121/32"];

-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
          persistentKeepalive = 25;
        }
        {
@ -61,7 +58,6 @@
          publicKey = "sC0wWHE/tvNaVYX3QQTHQUmSTTjZMOjkQ5x/qy6qjTc=";
          allowedIPs = ["10.0.1.254/32"];

-          # Send keepalives every 25 seconds. Important to keep NAT tables alive.
          persistentKeepalive = 25;
        }
      ];