# See how this flake is used in ./usage.sh # on host: sudo sysctl -w net.ipv4.ip_forward=1 { description = "hbs2-container"; inputs = { extra-container.url = "github:erikarvstedt/extra-container"; nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; hbs2.url = "git+http://git.hbs2/BTThPdHKF8XnEq4m6wzbKHKA6geLFK4ydYhBXAqBdHSP?ref=totally-new-download&rev=a6e955aa611c3f9485976ce7eba33570a43f2eb7"; hbs2.inputs.nixpkgs.follows = "nixpkgs"; home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = { extra-container, nixpkgs, home-manager, ... }@inputs: extra-container.inputs.flake-utils.lib.eachSystem extra-container.lib.supportedSystems (system: { packages.default = extra-container.lib.buildContainers { # The system of the container host inherit system; # Only set this if the `system.stateVersion` of your container # host is < 22.05 # legacyInstallDirs = true; # Optional: Set nixpkgs. # If unset, the nixpkgs input of extra-container flake is used nixpkgs = inputs.nixpkgs; # Set this to disable `nix run` support # addRunner = false; config = { containers.hbs2-test = { extra = { addressPrefix = "10.250.0"; exposeLocalhost = true; firewallAllowHost = true; enableWAN = true; }; config = { pkgs, ... }: { imports = [ home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.users.hbs2 = { # import ./config/home.nix; home.stateVersion = "23.05"; xdg.configFile = { "hbs2-peer/default.key".text = '' # hbs2 credentials file # keep it private rmbTHUgv7NPkygrgEbPWTjQbVTx9uwWJ7sJVQRKK7ygM73q5Q7JVYhpwfytK kzoNq65jn1zDCUUMwLFzXeu4ETjG4bhYNM7FHU9xY4VdwEww156iJeoydJ2y j1u3RJEr8kosBH2DR8XMY6Mj8s ''; "hbs2-peer/config".text = '' ;; hbs2-peer config file listen "0.0.0.0:7351" listen-tcp "0.0.0.0:10351" known-peer "10.250.0.1:7354" ; edit path to a keyring file ; key "./key" key "./default.key" ''; }; }; home-manager.extraSpecialArgs = { # inherit inputs; }; } ]; # settings.trusted-users = [ "root" "hbs2" ]; nix = { package = pkgs.nixFlakes; extraOptions = '' experimental-features = nix-command flakes ''; #settings.trusted-users = [ "root" "dmz" ]; }; users.users.hbs2 = { isNormalUser = true; home = "/home/hbs2"; packages = with pkgs; []; }; systemd.services.hello = { wantedBy = [ "multi-user.target" ]; script = '' while true; do echo hello | ${pkgs.netcat}/bin/nc -lN 50 done ''; }; networking.firewall.enable = false; environment.systemPackages = with pkgs; [ inputs.hbs2.packages.${pkgs.system}.default screen tshark tmux gitFull iptables ]; environment.etc = { "tmux.conf".source = ./tmux.conf; }; # environment.xdg.data."hbs2/wtf" = { # text = "pwned"; # }; environment.etc."hbs2-peer/key" = { text = '' # hbs2 credentials file # keep it private rmbTHUgv7NPkygrgEbPWTjQbVTx9uwWJ7sJVQRKK7ygM73q5Q7JVYhpwfytK kzoNq65jn1zDCUUMwLFzXeu4ETjG4bhYNM7FHU9xY4VdwEww156iJeoydJ2y j1u3RJEr8kosBH2DR8XMY6Mj8s ''; }; environment.etc."hbs2-peer/config" = { text = '' listen "0.0.0.0:7351" listen-tcp "0.0.0.0:3003" rpc "127.0.0.1:13331" http-port 5001 key "./key" storage "/root/.local/share/hbs2" accept-block-announce * bootstrap-dns "bootstrap.hbs2.net" known-peer "10.250.0.1:7354" ; poll reflog 1 "2YNGdnDBnciF1Kgmx1EZTjKUp1h5pvYAjrHoApbArpeX" ''; }; }; }; }; }; }); }