From 429a7a1e553fc5f67ccbdde13458797a51964eef Mon Sep 17 00:00:00 2001
From: Gabriel Ebner <gebner@gebner.org>
Date: Fri, 18 Nov 2022 22:23:42 -0800
Subject: [PATCH] petalius: add to nebula

---
 nebula.nix   | 23 +++++++++++++++++++++++
 petalius.nix |  1 +
 2 files changed, 24 insertions(+)
 create mode 100644 nebula.nix

diff --git a/nebula.nix b/nebula.nix
new file mode 100644
index 0000000..76cef2b
--- /dev/null
+++ b/nebula.nix
@@ -0,0 +1,23 @@
+{ config, pkgs, ... }:
+
+let mastus = "37.252.120.145"; hostname = config.networking.hostName;
+in {
+  services.nebula.networks.gabriel = {
+    enable = true;
+    ca = "/etc/nebula/gabriel/ca.crt";
+    cert = "/etc/nebula/gabriel/${hostname}.crt";
+    key = "/etc/nebula/gabriel/${hostname}.key";
+
+    staticHostMap = {
+      "192.168.18.36" = [ "${mastus}:4242" ];
+    };
+    lighthouses = [
+      "192.168.18.36"
+    ];
+
+    firewall.outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
+    firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
+  };
+
+  networking.firewall.allowedUDPPorts = [ 4242 ];
+}
diff --git a/petalius.nix b/petalius.nix
index eaf7155..f6b1446 100644
--- a/petalius.nix
+++ b/petalius.nix
@@ -14,6 +14,7 @@
       ./huion.nix
       ./nvim05.nix
       ./nm-restart.nix
+      ./nebula.nix
     ];
 
   hardware.enableRedistributableFirmware = true;