Musicbox

2024-07-19 12:15:39 -05:00 · 2024-07-19 12:15:39 -05:00 · 803e78147a
parent 57cbceb82b
commit 803e78147a
2 changed files with 45 additions and 1 deletions
--- a/flake.nix
+++ b/flake.nix
@ -367,6 +367,41 @@
        ];
      };

+      musicbox = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = with nixosModules; [
+          {
+            _module.args = {
+              disks = ["/dev/sda"];
+              # swapSize = "8G";
+            };
+          }
+          outputs.diskoConfigurations.unencrypted
+          hardware.nixosModules.common-pc-laptop-ssd
+
+          music-production
+          common
+          graphical-workstation
+          wifi
+
+          # ./nixos/musicbox.nix
+
+          {
+            boot.loader.systemd-boot.enable = true;
+            boot.loader.efi.canTouchEfiVariables = true;
+            hardware.bluetooth.enable = true;
+            networking.networkmanager.enable = true;
+
+            home-manager.users.daniel = {
+              imports = with homeManagerModules; [
+                firefox-no-tabs
+                linux-desktop-environment-config
+              ];
+            };
+          }
+        ];
+      };
+
      rascal = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = with nixosModules; [
--- a/nixos/router.nix
+++ b/nixos/router.nix
@ -35,6 +35,12 @@
    dragon = {
      ip = "192.168.0.10";
    };
+    bald = {
+      ip = "192.168.0.11";
+      additionalHosts = [
+        "ourcraft.lyte.dev"
+      ];
+    };
    beefcake = {
      ip = "192.168.0.9";
      additionalHosts = [
@ -174,6 +180,7 @@ in {
            tcp dport { 80, 443 } accept comment "Allow HTTP/HTTPS to server (see nat prerouting)"
            udp dport { 80, 443 } accept comment "Allow QUIC to server (see nat prerouting)"
            tcp dport { 22 } accept comment "Allow SSH to server (see nat prerouting)"
+            tcp dport { 25565 } accept comment "Allow Minecraft server connections (see nat prerouting)"

            iifname "${lan}" accept comment "Allow local network to access the router"
            iifname "tailscale0" accept comment "Allow local network to access the router"
@ -213,7 +220,9 @@ in {
            iifname ${wan} tcp dport {22} dnat to ${hosts.beefcake.ip}
            iifname ${wan} tcp dport {80, 443} dnat to ${hosts.beefcake.ip}
            iifname ${wan} udp dport {80, 443} dnat to ${hosts.beefcake.ip}
-            iifname ${wan} tcp dport {25565, 26966} dnat to ${hosts.beefcake.ip}
+            iifname ${wan} tcp dport {26966} dnat to ${hosts.beefcake.ip}
+            iifname ${wan} tcp dport {25565} dnat to ${hosts.bald.ip}
+            iifname ${wan} udp dport {25565} dnat to ${hosts.bald.ip}
          }

          chain postrouting {