patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

feat: ddclient container

Browse source
This commit is contained in:
Patrick Großmann 2024-01-13 19:23:51 +01:00
parent a996be8a7d
commit f1d8069dc6
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
15 changed files with 23 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
hosts/desktopnix/net.nix
View file

@ -12,4 +12,11 @@
}; };
}; };
}; };
networking.extraHosts = ''
192.168.178.2 lel.lol
192.168.178.2 pw.lel.lol
192.168.178.2 nc.lel.lol
192.168.178.2 adguardhome.lel.lol
192.168.178.2 git.lel.lol
'';
} }

1
hosts/elisabeth/default.nix
View file

@ -20,7 +20,6 @@
../../modules/hardware/zfs.nix ../../modules/hardware/zfs.nix
../../modules/services/acme.nix ../../modules/services/acme.nix
../../modules/services/ddclient.nix
./net.nix ./net.nix
./fs.nix ./fs.nix

2
hosts/elisabeth/fs.nix
View file

@ -55,11 +55,13 @@
datasets = { datasets = {
"safe/guests" = unmountable; "safe/guests" = unmountable;
}; };
mode = "raidz";
}; };
renaultft = mkZpool { renaultft = mkZpool {
datasets = { datasets = {
"safe/guests" = unmountable; "safe/guests" = unmountable;
}; };
mode = "raidz";
}; };
}; };
}; };

3
hosts/elisabeth/guests.nix
View file

@ -75,7 +75,7 @@ in {
''; '';
}; };
upstreams.nextcloud = { upstreams.nextcloud = {
servers."${ipOf "nextcloud"}:3000" = {}; servers."${ipOf "nextcloud"}:80" = {};
extraConfig = '' extraConfig = ''
zone nextcloud 64k ; zone nextcloud 64k ;
@ -166,6 +166,7 @@ in {
{} {}
// mkContainer "adguardhome" {} // mkContainer "adguardhome" {}
// mkContainer "vaultwarden" {} // mkContainer "vaultwarden" {}
// mkContainer "ddclient" {}
// mkContainer "nextcloud" { // mkContainer "nextcloud" {
enablePanzer = true; enablePanzer = true;
} }

2
hosts/elisabeth/secrets/adguardhome/host.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJrtGpaL39TCloyatv2MJ6H+IUwMBxwO/PdugyYwCPvN ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPR1b66yEQQSmvFPk4PZTtcyKCyYt4vuruByOoHhIjfu

1
hosts/elisabeth/secrets/ddclient/host.pub Normal file
View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICDzH6m99bGJIy+9Ffa5djFjYryuV6CFmGtY2zUxBiuu

2
hosts/elisabeth/secrets/gitea/host.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHGEV0vuqSAvT07Sl56Lo3o5U6EU5uSrfTFe5BF5QnX ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOWoGqHwkLVFXJwYcKs3CjQognvlZmROUIgkvvUgNalx

2
hosts/elisabeth/secrets/host.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA/1vC6GL2Xb9eIQaNKnSOQgN5bglns2Nh5dykkFqYMC ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE0dFbC8x6Ev1R/nFvG20fp2tapOQti0lK2iz4gsHDRr

2
hosts/elisabeth/secrets/nextcloud/host.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKlZoZI1rYOR8wLywWIjtLQLpnflXF7fHhYPZbgd0Gq1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGMAQzrtwi+J6+W21dBPpASsWnhzYkvscwYGycu57lUo

2
hosts/elisabeth/secrets/samba/host.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINnHM1ElW8cdCZaC4D3q5wS0P9/6A6VvZ7V49suxNWaV ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINfdZq6qJXMfwobfphbMj+63cjQXHkbJmsL28zZB08xX

2
hosts/elisabeth/secrets/vaultwarden/host.pub
View file

@ -1 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIHyOMSi8aRtXIEWoMuUfGQl2H6SGSdpl8VuxiEKD9F8 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGlzWJBIfmwzxnUuJI3kxTFBYRzI+duJ+QSWHvNAwZRv

4
modules/services/adguardhome.nix
View file

@ -11,7 +11,7 @@
bind_port = 3000; bind_port = 3000;
bind_host = "0.0.0.0"; bind_host = "0.0.0.0";
dns = { dns = {
bind_hosts = ["0.0.0.0"]; bind_hosts = [(lib.net.cidr.host config.secrets.secrets.global.net.ips.${config.node.name} config.secrets.secrets.global.net.privateSubnet)];
anonymize_client_ip = true; anonymize_client_ip = true;
upstream_dns = [ upstream_dns = [
"1.0.0.1" "1.0.0.1"
@ -34,7 +34,7 @@
users = [ users = [
{ {
name = "patrick"; name = "patrick";
password = "$2b$05$Dapc2LWUfebNOgIeBcaf2OVhW7uKmthmp9Ptykn96Iw1UE5pt2U72"; password = "$2y$10$cmdb7U/qbtUvrcFeKQvr6.BPrm/UwCiP.gBW2jG0Aq24hnzd2co4m";
} }
]; ];
filters = [ filters = [

1
modules/services/gitea.nix
View file

@ -7,6 +7,7 @@
in { in {
# Recommended by forgejo: https://forgejo.org/docs/latest/admin/recommendations/#git-over-ssh # Recommended by forgejo: https://forgejo.org/docs/latest/admin/recommendations/#git-over-ssh
services.openssh.settings.AcceptEnv = "GIT_PROTOCOL"; services.openssh.settings.AcceptEnv = "GIT_PROTOCOL";
networking.firewall.allowedTCPPorts = [3000 9922];
environment.persistence."/panzer".directories = [ environment.persistence."/panzer".directories = [
{ {

2
modules/services/vaultwarden.nix
View file

@ -46,6 +46,8 @@ in {
environmentFile = config.age.secrets.vaultwarden-env.path; environmentFile = config.age.secrets.vaultwarden-env.path;
}; };
networking.firewall.allowedTCPPorts = [3000];
# Replace uses of old name # Replace uses of old name
systemd.services.backup-vaultwarden.environment.DATA_FOLDER = lib.mkForce "/var/lib/vaultwarden"; systemd.services.backup-vaultwarden.environment.DATA_FOLDER = lib.mkForce "/var/lib/vaultwarden";
systemd.services.vaultwarden.serviceConfig = { systemd.services.vaultwarden.serviceConfig = {

BIN
secrets/secrets.nix.age
View file

Binary file not shown.