diff --git a/CHANGELOG.md b/CHANGELOG.md index dea2b58..0299b2b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,19 +1,21 @@ # Changelog -## Unreleased +## 2025-05-28 Added: - Plex service - Autobrr service -- Sandboxed Jellyseerr module and added expose option +- Sandboxed Jellyseerr module and added expose option (fully resolves #22) +- accessibleFrom option to VPN-submodule (see #51) Updated: - If `nixarr.enable` is not enabled other services will automatically now be disabled, instead of throwing an assertion error. Fixed: -- Cross-seed now uses the nixpkgs package -- Default Transmission umask set to "002" (664/775) +- Airvpn DNS bug (Fixed #51) +- Cross-seed now uses the nixpkgs package (fixed #51) +- Default Transmission umask set to "002", meaning 664/775 permissions (fixed #56) ## 2025-03-17 diff --git a/nixarr/default.nix b/nixarr/default.nix index 02fc66d..940f712 100644 --- a/nixarr/default.nix +++ b/nixarr/default.nix @@ -220,6 +220,24 @@ in { description = "The path to the wireguard configuration file."; }; + accessibleFrom = mkOption { + type = with types; listOf port; + default = []; + description = '' + What IP's the VPN submodule should be accessible from. By default + the following are included: + + - "192.168.1.0/24" + - "192.168.0.0/24" + - "127.0.0.1" + + Otherwise, you would not be able to services over your local + network. You might have to use this option to extend your list + with your local IP range by passing it with this option. + ''; + example = [ "192.168.2.0/24" ]; + }; + vpnTestService = { enable = mkEnableOption '' the vpn test service. Useful for testing DNS leaks or if the VPN @@ -292,9 +310,9 @@ in { }; accessibleFrom = [ "192.168.1.0/24" - "10.0.0.0/8" + "192.168.0.0/24" "127.0.0.1" - ]; + ] ++ cfg.vpn.accessibleFrom ; wireguardConfigFile = cfg.vpn.wgConf; };