From 7f5956b2bee77a75611460b9266ef726d1f08249 Mon Sep 17 00:00:00 2001
From: Vincent Ambo <tazjin@tvl.su>
Date: Sat, 14 Sep 2024 23:12:08 +0300
Subject: feat(tazjin/koptevo): configure yggdrasil network

I'm looking to replace tailscale with this for some use-cases.

Change-Id: I00f765a403879ef048e635a6fedcfdde3f685159
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12482
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
---
 users/tazjin/nixos/koptevo/default.nix | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

(limited to 'users/tazjin/nixos')

diff --git a/users/tazjin/nixos/koptevo/default.nix b/users/tazjin/nixos/koptevo/default.nix
index 6203c3d93fc1..fe34fb21aaa0 100644
--- a/users/tazjin/nixos/koptevo/default.nix
+++ b/users/tazjin/nixos/koptevo/default.nix
@@ -62,7 +62,7 @@ in
     domain = "tazj.in";
     useDHCP = true;
     firewall.enable = true;
-    firewall.allowedTCPPorts = [ 22 80 443 8776 ];
+    firewall.allowedTCPPorts = [ 22 80 443 8776 9443 ];
 
     wireless.enable = true;
     wireless.networks."How do I computer fast?" = {
@@ -195,6 +195,30 @@ in
     wget
   ];
 
+  # configure Yggdrasil network
+  services.yggdrasil = {
+    enable = true;
+    persistentKeys = true;
+    openMulticastPort = true;
+
+    settings = {
+      Listen = [ "tls://[::]:0" ];
+      IfName = "ygg0";
+      Peers = [
+        "quic://ygg-msk-1.averyan.ru:8364"
+        "tls://ekb.itrus.su:7992"
+        "tls://s-mow-1.sergeysedoy97.ru:65534"
+      ];
+
+      MulticastInterfaces = [{
+        Regex = "enp.*";
+        Beacon = true;
+        Listen = true;
+        Port = 9443; # yggd
+      }];
+    };
+  };
+
   programs.mtr.enable = true;
   programs.mosh.enable = true;
   zramSwap.enable = true;
-- 
cgit 1.4.1