A ruby script to generate the boilerplate for a dual-stack VyOS zone based firewall.
Zones:
- PRIVATE: contains the LAN and WAN modem admin interface
- PUBLIC: The Internet - contains the PPPoE interface
Oscar Carlsson oscarcarlsson
jirutka
/ rules-both.iptables
Created
September 18, 2012 12:42
Basic iptables template for ordinary servers (both IPv4 and IPv6)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############################################################################### | |
| # The MIT License | |
| # | |
| # Copyright 2012-2014 Jakub Jirutka <[email protected]>. | |
| # | |
| # Permission is hereby granted, free of charge, to any person obtaining a copy | |
| # of this software and associated documentation files (the "Software"), to deal | |
| # in the Software without restriction, including without limitation the rights | |
| # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| # copies of the Software, and to permit persons to whom the Software is |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import asyncio | |
| import websockets | |
| import json | |
| import pickle | |
| import sys | |
| import multiprocessing | |
| import random | |
| import time | |
| from collections import deque |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { config, pkgs, ... }: | |
| let | |
| # Import unstable channel. | |
| # sudo nix-channel --add http://nixos.org/channels/nixpkgs-unstable nixpkgs-unstable | |
| # sudo nix-channel --update nixpkgs-unstable | |
| unstable = import <nixpkgs-unstable> {}; | |
| in | |
| { |
git clone [email protected]:Robertof/nixos-docker-sd-image-builder.gitcd nixos-docker-sd-image-builder
- modify
/config/rpi4/default.nixto increase size of boot partition- this step is optional but I ran out of space in /boot pretty quickly with the default setting since I'm still learning and rebuilding a lot. Let's leave some room for trial & error.
sdImage.firmwareSize = 1024;
- modify
/config/sd-image.nix ./rpi3becomes./rpi4
jmatsushita
/ README
Last active
May 14, 2025 06:43
Setup nix, nix-darwin and home-manager from scratch on an M1 Macbook Pro
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| ### [2023-06-19] UPDATE: Just tried to use my instructions again on a fresh install and it failed in a number of places. | |
| ###. Not sure if I'll update this gist (though I realise it seems to still have some traffic), but here's a list of | |
| ###. things to watch out for: | |
| ### - Check out the `nix-darwin` instructions, as they have changed. | |
| ### - There's a home manager gotcha https://github.com/nix-community/home-manager/issues/4026 | |
| ### | |
| # I found some good resources but they seem to do a bit too much (maybe from a time when there were more bugs). | |
| # So here's a minimal Gist which worked for me as an install on a new M1 Pro. |