chore: switch smb to domain/remove wireguard

config/basic/default.nix

@@ -38,4 +38,5 @@
   ];
   age.identityPaths = [ "/state/etc/ssh/ssh_host_ed25519_key" ];
   boot.mode = lib.mkDefault "efi";
+  documentation.enable = lib.mkDefault false;
 }

config/services/samba.nix

@@ -39,19 +39,6 @@ in
       ##];
     };
   };
-  wireguard.samba-patrick.server = {
-    host = config.secrets.secrets.global.domains.web;
-    port = 51830;
-    reservedAddresses = [
-      "10.43.0.0/20"
-      "fd00:1765::/112"
-    ];
-    openFirewall = true;
-  };
-
-  networking.nftables.firewall.zones.untrusted.interfaces = [
-    "samba-patrick"
-  ];
 
   services.samba = {
     enable = true;

hosts/desktopnix/net.nix

@@ -26,7 +26,6 @@
     };
   };
   networking.nftables.firewall.zones.untrusted.interfaces = [ "lan01" ];
-  wireguard.samba-patrick.client.via = "elisabeth-samba";
   services.mullvad-vpn = {
     enable = true;
     package = pkgs.mullvad-vpn;
@@ -35,7 +34,7 @@
     "/etc/mullvad-vpn"
     {
       directory = "/var/lib/netbird-main";
-      owner = "netbird-main";
+      user = "netbird-main";
     }
   ];
   services.netbird = {

hosts/elisabeth/default.nix

@@ -27,5 +27,4 @@
     };
   };
   nixpkgs.hostPlatform = "x86_64-linux";
-  documentation.enable = false;
 }

hosts/patricknix/net.nix

@@ -14,7 +14,6 @@
     devoloog-sae19.rekeyFile = ./secrets/iwd/devoloog-sae19.age;
     devoloog-sae20.rekeyFile = ./secrets/iwd/devoloog-sae20.age;
   };
-  wireguard.samba-patrick.client.via = "elisabeth-samba";
   networking.nftables.firewall.zones.untrusted.interfaces = [
     "lan01"
     "lan02"

users/patrick/smb.nix

@@ -1,8 +1,8 @@
-{ config, nodes, ... }:
+{ config, ... }:
 {
   hm.home.smb =
     let
-      address = nodes.elisabeth-samba.config.wireguard.samba-patrick.ipv4;
+      address = "smb.${config.secrets.secrets.global.domains.web}";
       credentials = config.age.secrets.smb-creds.path;
     in
     [