kalipso
c78eb9cbc1
All checks were successful
Evaluate Hydra Jobs / eval-hydra-jobs (push) Successful in 5m49s
41 lines
773 B
Nix
41 lines
773 B
Nix
{ config, lib, pkgs, inputs, ... }:
|
|
|
|
with lib;
|
|
|
|
{
|
|
sops.defaultSopsFile = ./secrets.yaml;
|
|
sops.secrets.wg_private = {};
|
|
|
|
networking = {
|
|
hostName = mkDefault "vpn";
|
|
useDHCP = false;
|
|
nameservers = [ "1.1.1.1" ];
|
|
firewall = {
|
|
allowedUDPPorts = [ 51821 ];
|
|
allowedTCPPorts = [ 80 ];
|
|
};
|
|
};
|
|
|
|
imports = [
|
|
../modules/malobeo_user.nix
|
|
../modules/sshd.nix
|
|
../modules/minimal_tools.nix
|
|
];
|
|
|
|
services.malobeo.vpn = {
|
|
enable = true;
|
|
name = "vpn";
|
|
privateKeyFile = config.sops.secrets.wg_private.path;
|
|
};
|
|
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts."docs.malobeo.org" = {
|
|
locations."/".proxyPass = "http://10.100.0.101";
|
|
};
|
|
};
|
|
|
|
system.stateVersion = "22.11"; # Did you read the comment?
|
|
}
|
|
|