ptr.pet / ark
this repo has no description
4
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(dusk@devel.mobi): add netbird userspace module [skip ci]

dusk 53b4a94f f2f4317d

+104 -7
+1
secrets/develMobi.key.pub
··· 1 + ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILUIHFy8lBU8Iy5253Lglw0v67k9ozxjLWprjTjwTsrm dusk@devel.mobi
secrets/develMobiNetbirdClientKey.age

This is a binary file and will not be displayed.

+5
secrets/secrets.nix
··· 1 1 let 2 2 yusdacra = builtins.readFile ./yusdacra.key.pub; 3 3 wolumonde = builtins.readFile ./wolumonde.key.pub; 4 + develMobi = builtins.readFile ./develMobi.key.pub; 4 5 in 5 6 { 6 7 "bernbotToken.age".publicKeys = [ ··· 68 69 "netbirdClientKey.age".publicKeys = [ 69 70 yusdacra 70 71 wolumonde 72 + ]; 73 + "develMobiNetbirdClientKey.age".publicKeys = [ 74 + yusdacra 75 + develMobi 71 76 ]; 72 77 }
+26 -7
users/dusk@devel.mobi/default.nix
··· 1 1 { 2 + config, 2 3 pkgs, 3 4 lib, 4 5 tlib, ··· 22 23 "fzf" 23 24 "direnv" 24 25 "nushell" 26 + "netbird" 25 27 ] 26 28 # dev stuff 27 29 [ ··· 32 34 ]; 33 35 in 34 36 l.flatten [ 37 + inputs.agenix.homeManagerModules.default 35 38 ../../modules/persist/null.nix 36 39 (tlib.prefixStrings "${inputs.self}/users/modules/" modulesToEnable) 37 40 ]; 38 41 42 + age.identityPaths = ["${config.home.homeDirectory}/.ssh/id_ed25519"]; 39 43 home = { 40 44 homeDirectory = "/home/dusk"; 41 45 username = "dusk"; 42 46 stateVersion = "25.11"; 43 - # file.".ssh/authorized_keys".text = '' 44 - # ${signKeyText} 45 - # ''; 47 + # shell 48 + shell.enableShellIntegration = true; 49 + shellAliases = { 50 + ctl = "systemctl --user"; 51 + jtl = "journalctl --user"; 52 + jtlu = "journalctl --user --unit"; 53 + }; 54 + }; 55 + 56 + age.secrets.netbirdClientKey = { 57 + file = ../../secrets/develMobiNetbirdClientKey.age; 58 + mode = "600"; 59 + }; 60 + services.netbird = { 61 + enable = true; 62 + managementUrl = "https://bird.gaze.systems"; 63 + setupKeyFile = config.age.secrets.netbirdClientKey.path; 46 64 }; 47 65 48 66 programs = { 67 + bash = { 68 + enable = true; 69 + enableCompletion = true; 70 + }; 71 + tealdeer.enable = true; 49 72 git = { 50 73 userName = name; 51 74 userEmail = email; ··· 55 78 user.signingkey = signKeyText; 56 79 }; 57 80 }; 58 - }; 59 - 60 - services.podman = { 61 - enable = true; 62 81 }; 63 82 }
+72
users/modules/netbird/default.nix
··· 1 + {lib, config, pkgs, ...}: let 2 + l = lib; 3 + t = l.types; 4 + cfg = config.services.netbird; 5 + wrapped = pkgs.writers.writeBashBin "netbird" '' 6 + ${pkgs.netbird}/bin/netbird \ 7 + --daemon-addr "unix://netbird.sock" \ 8 + --config "${config.xdg.configHome}/netbird/config.json" $@ 9 + ''; 10 + proxychainsCfg = pkgs.writers.writeText "proxychains.conf" '' 11 + proxy_dns 12 + quiet_mode 13 + [ProxyList] 14 + socks5 127.0.0.1 1080 15 + ''; 16 + wrappedProxychains = pkgs.writers.writeBashBin "netbird-proxychains" '' 17 + ${pkgs.proxychains-ng}/bin/proxychains4 \ 18 + -f "${proxychainsCfg}" \ 19 + $@ 20 + ''; 21 + in { 22 + options = { 23 + services.netbird = { 24 + enable = l.mkEnableOption "netbird client"; 25 + managementUrl = l.mkOption { 26 + type = t.str; 27 + default = "https://api.netbird.cloud"; 28 + description = "NetBird management URL"; 29 + }; 30 + setupKeyFile = l.mkOption { 31 + type = t.str; 32 + description = "Path to the setup key file"; 33 + }; 34 + proxyScript = l.mkOption { 35 + type = t.package; 36 + description = "path to a script that uses proxychains to proxy traffic"; 37 + readOnly = true; 38 + }; 39 + }; 40 + }; 41 + config = l.mkIf cfg.enable { 42 + home.packages = [ wrapped wrappedProxychains ]; 43 + services.netbird.proxyScript = wrappedProxychains; 44 + systemd.user.services.netbird = { 45 + Unit = { 46 + Description = "NetBird Client"; 47 + After = [ "network.target" ]; 48 + }; 49 + 50 + Service = { 51 + ExecStart = "${pkgs.netbird}/bin/netbird up -F"; 52 + Restart = "on-failure"; 53 + RestartSec = "5s"; 54 + Environment = l.mapAttrsToList (k: v: "${k}=${toString v}") { 55 + PATH = "${pkgs.coreutils}/bin:$PATH"; 56 + NB_WG_KERNEL_DISABLE = "true"; 57 + NB_USE_NETSTACK_MODE = "true"; 58 + NB_ENABLE_NETSTACK_LOCAL_FORWARDING = "true"; 59 + NB_NETSTACK_SKIP_PROXY = "false"; 60 + NB_SOCKS5_LISTENER_PORT = 1080; 61 + NB_DISABLE_DNS = "false"; 62 + NB_SETUP_KEY_FILE = l.replaceString "\${XDG_RUNTIME_DIR}" "%t" cfg.setupKeyFile; 63 + NB_MANAGEMENT_URL = cfg.managementUrl; 64 + NB_CONFIG = "${config.xdg.configHome}/netbird/config.json"; 65 + NB_DAEMON_ADDR = "unix://%t/netbird.sock"; 66 + }; 67 + }; 68 + 69 + Install.WantedBy = [ "network.target" ]; 70 + }; 71 + }; 72 + }