secrets.hosts
This commit is contained in:
parent
aec0ac95d5
commit
a990c2ea3a
|
|
@ -70,7 +70,7 @@
|
||||||
wireguardPeerConfig = {
|
wireguardPeerConfig = {
|
||||||
PublicKey = "sigmaH/DKSU8KWyrPtucYmS2ewUvDvCNLxd/qYEo0n0=";
|
PublicKey = "sigmaH/DKSU8KWyrPtucYmS2ewUvDvCNLxd/qYEo0n0=";
|
||||||
PresharedKeyFile = config.age.secrets.wireguard-preshared-key-file.path;
|
PresharedKeyFile = config.age.secrets.wireguard-preshared-key-file.path;
|
||||||
AllowedIPs = ["${secrets.alpha.sigma-p2p-ip-address}/32"];
|
AllowedIPs = ["${secrets.hosts.alpha.sigma-p2p-ip-address}/32"];
|
||||||
RouteTable = "main";
|
RouteTable = "main";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
{secrets, ...}: {
|
{secrets, ...}: {
|
||||||
services.caddy.virtualHosts = secrets.sigma.caddy.virtualHosts;
|
services.caddy.virtualHosts = secrets.hosts.sigma.caddy.virtualHosts;
|
||||||
|
|
||||||
# Add caddy to the 'torrent' group to allow viewing downloads
|
# Add caddy to the 'torrent' group to allow viewing downloads
|
||||||
users.groups.torrent.members = ["caddy"];
|
users.groups.torrent.members = ["caddy"];
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,7 @@
|
||||||
config = {
|
config = {
|
||||||
download_location = "/srv/torrents/downloads/";
|
download_location = "/srv/torrents/downloads/";
|
||||||
# use the dedicated network interface and port
|
# use the dedicated network interface and port
|
||||||
listen_interface = secrets.sigma.sigma-p2p-ip-address;
|
listen_interface = secrets.hosts.sigma.sigma-p2p-ip-address;
|
||||||
outgoing_interface = "wg-sigma-p2p";
|
outgoing_interface = "wg-sigma-p2p";
|
||||||
random_port = false;
|
random_port = false;
|
||||||
listen_ports = [60881];
|
listen_ports = [60881];
|
||||||
|
|
|
||||||
|
|
@ -75,7 +75,7 @@
|
||||||
loginAccounts = {
|
loginAccounts = {
|
||||||
"casper@vkristensen.dk" = {
|
"casper@vkristensen.dk" = {
|
||||||
hashedPasswordFile = config.age.secrets.mail-hashed-password-file.path;
|
hashedPasswordFile = config.age.secrets.mail-hashed-password-file.path;
|
||||||
aliases = secrets.sigma.mail.aliases;
|
aliases = secrets.hosts.sigma.mail.aliases;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -109,7 +109,7 @@
|
||||||
};
|
};
|
||||||
networks."wg-sigma-p2p" = {
|
networks."wg-sigma-p2p" = {
|
||||||
name = "wg-sigma-p2p";
|
name = "wg-sigma-p2p";
|
||||||
address = ["${secrets.sigma.sigma-p2p-ip-address}/32"];
|
address = ["${secrets.hosts.sigma.sigma-p2p-ip-address}/32"];
|
||||||
routingPolicyRules = [
|
routingPolicyRules = [
|
||||||
{
|
{
|
||||||
# The deluge systemd service has
|
# The deluge systemd service has
|
||||||
|
|
@ -124,7 +124,7 @@
|
||||||
{
|
{
|
||||||
routingPolicyRuleConfig = {
|
routingPolicyRuleConfig = {
|
||||||
Priority = 1000;
|
Priority = 1000;
|
||||||
From = "${secrets.sigma.sigma-p2p-ip-address}/32";
|
From = "${secrets.hosts.sigma.sigma-p2p-ip-address}/32";
|
||||||
Table = "wg-sigma-p2p";
|
Table = "wg-sigma-p2p";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue