diff --git a/system/server/samba.nix b/system/server/samba.nix index 29f5a89..2c0da8a 100644 --- a/system/server/samba.nix +++ b/system/server/samba.nix @@ -1,16 +1,14 @@ -{ +{outputs, ...}: { services = { samba = { enable = true; securityType = "user"; openFirewall = true; - extraConfig = let - ips = import ../modules/ips.nix; - in '' + extraConfig = '' workgroup = WORKGROUP server string = JimSMB security = user - hosts allow = ${ips.localSpan}. 127.0.0.1 localhost + hosts allow = ${outputs.ips.localSpan}. 127.0.0.1 localhost hosts deny = 0.0.0.0/0 guest account = nobody map to guest = bad user diff --git a/system/server/wireguard.nix b/system/server/wireguard.nix index 670490c..f7ebfd5 100644 --- a/system/server/wireguard.nix +++ b/system/server/wireguard.nix @@ -1,12 +1,10 @@ -{outputs, ...}: let - ips = import ../modules/ips.nix; -in { +{outputs, ...}: { # Enable NAT networking = { nat = { enable = true; - externalInterface = "${ips.netInt}"; - internalInterfaces = [ "${ips.wgInt}" ]; + externalInterface = "${outputs.ips.netInt}"; + internalInterfaces = [ "${outputs.ips.wgInt}" ]; }; firewall.allowedUDPPorts = [ 51820 ]; }; @@ -14,22 +12,22 @@ in { networking.wireguard = { enable = true; interfaces = { - "${ips.wgInt}" = { - ips = [ "${ips.wgSpan}.1/24" ]; + "${outputs.ips.wgInt}" = { + ips = [ "${outputs.ips.wgSpan}.1/24" ]; listenPort = 51820; privateKey = outputs.secrets.wgServerPriv; peers = [ { # Jimbo Pixel 9 publicKey = outputs.secrets.wgPixel9Pub; - allowedIPs = [ "${ips.wgSpan}.2/32" ]; + allowedIPs = [ "${outputs.ips.wgSpan}.2/32" ]; } { # Oracle VM publicKey = outputs.secrets.wgOraclePub; - allowedIPs = [ "${ips.wgSpan}.3/32" ]; + allowedIPs = [ "${outputs.ips.wgSpan}.3/32" ]; } { # General Nix publicKey = outputs.secrets.wgClientPub; - allowedIPs = [ "${ips.wgSpan}.16/28" ]; + allowedIPs = [ "${outputs.ips.wgSpan}.16/28" ]; } ]; };