From 58c7b0ab241e7e3436199f7aba191df7570cfc62 Mon Sep 17 00:00:00 2001
From: Grigory Shipunov <blame@oxapentane.com>
Date: Mon, 30 Jan 2023 23:46:21 +0100
Subject: [PATCH] quality-of-life improvemets

---
 hosts/cirrus/wireguard-server.nix | 1 +
 microvms/music/upload-user.nix    | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/hosts/cirrus/wireguard-server.nix b/hosts/cirrus/wireguard-server.nix
index a869294..5b17782 100644
--- a/hosts/cirrus/wireguard-server.nix
+++ b/hosts/cirrus/wireguard-server.nix
@@ -13,6 +13,7 @@
     # port-forward ssh to the music machine
     extraCommands = ''
       iptables -t nat -I PREROUTING -p tcp --dport 2020 -j DNAT --to-destination 10.34.45.101:22
+      iptables -t nat -A POSTROUTING -j MASQUERADE
     '';
     extraStopCommands = ''
       iptables -t nat -D PREROUTING -p tcp --dport 2020 -j DNAT --to-destination 10.34.45.101:22 || true
diff --git a/microvms/music/upload-user.nix b/microvms/music/upload-user.nix
index 5b44ef5..c78b570 100644
--- a/microvms/music/upload-user.nix
+++ b/microvms/music/upload-user.nix
@@ -1,6 +1,10 @@
 { config, ... }: {
+  security.sudo.wheelNeedsPassword = false;
+
   users.users.caretaker = {
     isNormalUser = true;
+    home = "/home/caretaker";
+    createHome = true;
     extraGroups = [
       "wheel"
       "navidrome"