fujin/nixarr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated docs

Browse Source
This commit is contained in:
rasmus-kirk
2024-03-14 16:23:29 +01:00
parent d0704303bc
commit 444114c30b
8 changed files with 67 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/img/logo-1.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 57 KiB

docs/img/logo-1.webp
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 10 KiB

docs/wiki/examples/example-2/index.md
+1 -1
View File
@@ -1,5 +1,5 @@
---
title: Example Configuration where Port Forwarding is not an Option
title: Example Configuration Where Port Forwarding Is Not an Option
---
An example where port forwarding is not an option. This is useful if,
docs/wiki/index.md
+2 -1
View File
@@ -9,8 +9,9 @@ This is an index of existing articles:
- **[Njalla](/wiki/ddns/njalla)**
- **Examples**
- **[Basic Example](/wiki/examples/example-1)**
- **[Example Configuration where Port Forwading is not an Option](/wiki/examples/example-2)**
- **[Example Configuration Where Port Forwarding Is Not an Option](/wiki/examples/example-2)**
- **[Exposing Services Safely](/wiki/expose)**
- **[Running Services Not Covered by Nixarr Through a VPN](/wiki/vpn)**
For learning how to setup the "*Arrs", once running, refer to the [servarr
wiki](https://wiki.servarr.com/)
docs/wiki/vpn/index.md
+54
View File
@@ -0,0 +1,54 @@
---
title: Running Services Not Covered by Nixarr Through a VPN
---
Nixarr reexports its VPN-submodule, meaning you can run your own services
using it. As an example, let's say you want to run a Monero node
through a VPN, then you could use the following configuration:
```nix {.numberLines}
# Open vpnports, must also be opened by VPN-provider
vpnnamespaces.wg = {
openVPNPorts = [
{ port = xmrP2PPort; protocol = "both"; }
{ port = xmrRpcPort; protocol = "both"; }
];
};
# Force moneronode to VPN
systemd.services.monero.vpnconfinement = {
enable = true;
vpnnamespace = "wg"; # This must be "wg", that's what nixarr uses
};
services.monero = {
enable = true;
# Run as public node
extraConfig = ''
p2p-bind-ip=0.0.0.0
p2p-bind-port=${builtins.toString xmrP2PPort}
rpc-restricted-bind-ip=0.0.0.0
rpc-restricted-bind-port=${builtins.toString xmrRpcPort}
# Disable UPnP port mapping
no-igd=1
# Public-node
public-node=1
# ZMQ configuration
no-zmq=1
# Block known-malicious nodes from a DNSBL
enable-dns-blocklist=1
'';
};
```
**Note:** that the submodule supports more namespaces than just one, but Nixarr
uses the name `wg`, so you should use that too.
Services running over the VPN will have address `192.168.15.1` instead of
`127.0.0.1`. For more options and information on the VPN-submodule, check out
[the repo](https://github.com/Maroka-chan/VPN-Confinement)