Compare commits
No commits in common. "75ea05b3ece9eab5caee558665642c89f6313a57" and "c3ce52026eab09b872d134d909850f43f3fe4bb9" have entirely different histories.
75ea05b3ec
...
c3ce52026e
5 changed files with 13 additions and 36 deletions
14
flake.lock
generated
14
flake.lock
generated
|
@ -120,11 +120,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713145326,
|
"lastModified": 1713013257,
|
||||||
"narHash": "sha256-m7+IWM6mkWOg22EC5kRUFCycXsXLSU7hWmHdmBfmC3s=",
|
"narHash": "sha256-ZEfGB3YCBVggvk0BQIqVY7J8XF/9jxQ68fCca6nib+8=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "53a2c32bc66f5ae41a28d7a9a49d321172af621e",
|
"rev": "90055d5e616bd943795d38808c94dbf0dd35abe8",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -165,11 +165,11 @@
|
||||||
},
|
},
|
||||||
"secrets": {
|
"secrets": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1713224959,
|
"lastModified": 1712706448,
|
||||||
"narHash": "sha256-WnZVnnu1L/PyODRrjwU/K4xcJx4HlCX72Dm3KBzgSA0=",
|
"narHash": "sha256-ekO1azljI9rKc5u+cRp+33Xe8VVxvDxxseXFvtypHI8=",
|
||||||
"ref": "refs/heads/master",
|
"ref": "refs/heads/master",
|
||||||
"rev": "17e318fd2ae0272999e89a43279298517b9444b4",
|
"rev": "fe08a4769ba195e2ee515967d33a520c8692420c",
|
||||||
"revCount": 17,
|
"revCount": 16,
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "ssh://git@git.caspervk.net/caspervk/nixos-secrets.git"
|
"url": "ssh://git@git.caspervk.net/caspervk/nixos-secrets.git"
|
||||||
},
|
},
|
||||||
|
|
|
@ -1,11 +0,0 @@
|
||||||
{...}: {
|
|
||||||
security.acme.certs."caspervk.net" = {
|
|
||||||
domain = "*.caspervk.net";
|
|
||||||
reloadServices = [
|
|
||||||
"caddy.service"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
users.groups.acme.members = [
|
|
||||||
"caddy"
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,3 +0,0 @@
|
||||||
{secrets, ...}: {
|
|
||||||
services.caddy.virtualHosts = secrets.sigma.caddy.virtualHosts;
|
|
||||||
}
|
|
|
@ -3,11 +3,9 @@
|
||||||
../../overlays
|
../../overlays
|
||||||
../../modules/base
|
../../modules/base
|
||||||
../../modules/server
|
../../modules/server
|
||||||
./acme.nix
|
|
||||||
#./borg.nix TODO!
|
|
||||||
./caddy.nix
|
|
||||||
./gitea.nix
|
|
||||||
./hardware.nix
|
./hardware.nix
|
||||||
|
#./borg.nix
|
||||||
|
./gitea.nix
|
||||||
./network.nix
|
./network.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -132,23 +132,16 @@
|
||||||
allowedUDPPorts = lib.mkForce [];
|
allowedUDPPorts = lib.mkForce [];
|
||||||
allowedTCPPortRanges = lib.mkForce [];
|
allowedTCPPortRanges = lib.mkForce [];
|
||||||
allowedUDPPortRanges = lib.mkForce [];
|
allowedUDPPortRanges = lib.mkForce [];
|
||||||
|
|
||||||
interfaces = {
|
interfaces = {
|
||||||
"enp5s0" = {
|
"enp5s0" = {
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [22];
|
||||||
22 # SSH
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
"wg-sigma-public" = {
|
"wg-sigma-public" = {
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [22];
|
||||||
22 # SSH
|
|
||||||
80 # Caddy
|
|
||||||
443 # Caddy
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
"wg-sigma-p2p" = {
|
"wg-sigma-p2p" = {
|
||||||
allowedTCPPorts = [
|
allowedTCPPorts = [1337];
|
||||||
1337 # random testing (TODO)
|
|
||||||
];
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Add table
Reference in a new issue