bryan/nixos
0
0
Fork 0
mirror of https://github.com/itme-brain/nixos.git synced 2026-05-08 14:50:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

init

Browse source
This commit is contained in:
Bryan Ramos 2026-04-15 20:58:07 -04:00
commit 864c69fe61
147 changed files with 11233 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

37
system/machines/server/modules/wstunnel/default.nix Normal file
View file

@ -0,0 +1,37 @@
{ pkgs, lib, config, ... }:
with lib;
let
cfg = config.modules.system.wstunnel;
in
{
options.modules.system.wstunnel = {
enable = mkEnableOption "wstunnel WebSocket transport for WireGuard";
listenPort = mkOption {
type = types.port;
default = 8080;
description = "Local port wstunnel server listens on (nginx proxies to this)";
};
wireguardPort = mkOption {
type = types.port;
default = 51820;
description = "Local WireGuard port to forward traffic to";
};
};
config = mkIf cfg.enable {
systemd.services.wstunnel = {
description = "wstunnel WebSocket server for WireGuard transport";
after = [ "network.target" "wireguard-wg0.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.wstunnel}/bin/wstunnel server ws://127.0.0.1:${toString cfg.listenPort} --restrict-to 127.0.0.1:${toString cfg.wireguardPort}";
Restart = "on-failure";
RestartSec = 5;
DynamicUser = true;
};
};
};
}