{ config, pkgs, ... }: let mastus = "37.252.120.145"; hostname = config.networking.hostName; in { services.nebula.networks.gabriel = { enable = true; ca = "/etc/nebula/gabriel/ca.crt"; cert = "/etc/nebula/gabriel/${hostname}.crt"; key = "/etc/nebula/gabriel/${hostname}.key"; listen.host = "[::]"; listen.port = 0; # dynamic ip staticHostMap = { "192.168.18.36" = [ "${mastus}:4242" ]; }; lighthouses = [ "192.168.18.36" ]; firewall.outbound = [ { port = "any"; proto = "any"; host = "any"; } ]; firewall.inbound = [ { port = "any"; proto = "any"; host = "any"; } ]; }; networking.firewall.allowedUDPPorts = [ 4242 ]; }