Mastodawn

Finally there 100% using #nixos for all my private devices ( except #grapheneos on my phone ); have a #docker image for my system and even an .iso generator for future systems. Never felt my system to be more stable!
Next up is to migrate all my servers also to #nixos
Would also love to extend this with a #wireguard managed nix config based mesh network set-up.
Also #gaming on nix via #steam with no issues.
Have a #gnome setup for touch screens and #i3 for my keyboard driven daily drivers.

Show thread

Wheeze_NL Mar 18

@timschupp gnome with i3 and touch sounds fun!

Show thread

Austin Mar 18

Nice! Currently doing server stuff as well.

Show thread

Brian McKenna Mar 18

@timschupp I use Robotnix to build a GrapheneOS for my phone

Show thread

Tim Schupp Mar 18

@puffnfresh ok that is very interesting gotta look into that.

Show thread

jabster28 Mar 18

nice!
re: wireguard, have you used tailscale? tailscale just wraps wireguard with some extra features like good native apps, holepunching, and relaying if you can't access a node directly.
you can also selfhost their control plane, though it's all encrypted anyways

only issue is it's not very declarative, you'd need to log in manually on each machine after first install unless you pre-generate the keys. id imagine plain wireguard would be similar tho

what would you want wireguard for?

Show thread

Tim Schupp Mar 18

@jabster28 yeah but headscale is quite limited (os tailscale server ). And I dont like the thought of a central control node.
This setup would be static / my nix config can know all nodes at all times so perfekt for wireguard in my op.

Actually in my #openchat project i've integrated #libp2p and it can do something similar to tail schale without central control ( bit that ainr far enough / stable enough yet ). Also cool thing to check in that space is edgevpn also libp2p based vpn.

Show thread

jabster28 Mar 18

@timschupp ohh verstehe, no centralisation and having all the nodes hardcoded sounds good especially with nix. i might try that sometime, actually. well when i have more time on my hands
what's libp2p

Show thread

Tim Schupp Mar 18

@jabster28 https://libp2p.io/ calls itself a modular p2p networking stack. Implement many networking protocols and data structures and logic on top. Addressing some routing and discovery things too. Have been playing with it for a while now; very cool what it can do. Implemented in several languages too ( though several implementations unfinished ).

libp2p - A modular network stack

Run your network applications free from runtime and address services, independently of their location.

libp2p

Show thread

Tim Schupp Mar 18

@jabster28 also actuall chrckout #netbird too that is 100% open source and has all cool features also #wireguard base; but also central control.

Show thread

tioan Mar 19

@timschupp @jabster28 And legacy IP only 😢

Show thread

Tim Schupp Mar 20

@tioan @jabster28
Haven't really tested #netbird yet but this sounds like at least IPv6 traffic should work: https://github.com/netbirdio/netbird/issues/577

Even if IPv6 subnets aren't supported yet:
https://github.com/netbirdio/netbird/issues/46

Tho somebody in that thread did say "unable to route IPv6 route through IPv4 addressable Peer" wich sounds bad if true.

Please correct me if thats wrong; if you know what actually works.
Am also curious cause thus far #netbird did seem like the best open source option available.

Support sending wireguard traffic over IPv6 · Issue #577 · netbirdio/netbird

Currently only IPv4 addresses are used in the peer discovery process and as wireguard endpoints. IPv6 support would enable clients that can't establish connection via NAT traversal but have IPv6 ad...

GitHub