Add ssh keys for VPS, add fallback internal traefik route
This commit is contained in:
parent
d83dd577bc
commit
46cf3b2a13
|
@ -24,6 +24,7 @@
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII1tJFdbiyJApuVZFvo9E9kjlBwvXZeySqVuS2qGdxha tux@monarch"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINI1dWlS16Keil0MGPWmMsBzx8F9ylfz+fRwxUr8/tZ/ ion"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAcvAQ8W71Bn8pdMYst1hoVCmVJ+0h4HBlJzu1C6dwy xenia@Northstar"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDI44C35I2x9tqzeZDmIpbzmGJWXfATn/Wp5KzVRdlCi root@debian"
|
||||
];
|
||||
};
|
||||
home-manager.users.root = import ./home/Vanguard/root.nix;
|
||||
|
@ -40,7 +41,7 @@
|
|||
|
||||
# Requirements for Star Citizen
|
||||
boot.kernel.sysctl."vm.max_map_count" = 16777216;
|
||||
environment.systemPackages = with pkgs; [mesa lutris wine-wayland winetricks];
|
||||
environment.systemPackages = with pkgs; [mesa lutris wine-wayland mono winetricks];
|
||||
|
||||
# Extra hardware configuration
|
||||
hardware.openrazer = {
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
};
|
||||
https = {address = ":443";};
|
||||
ssh = {address = ":2222";};
|
||||
traefik-internal = {address = ":8080";};
|
||||
};
|
||||
certificatesResolvers = {
|
||||
default = {
|
||||
|
@ -33,6 +34,12 @@
|
|||
middlewares = ["auth"];
|
||||
tls = {certResolver = "default";};
|
||||
};
|
||||
routers.api-internal = {
|
||||
rule = "ClientIP(`192.168.0.0/16`)";
|
||||
entryPoints = ["traefik-internal"];
|
||||
service = "api@internal";
|
||||
middlewares = ["auth"];
|
||||
};
|
||||
middlewares = {
|
||||
auth.basicAuth.users = ["xenia:$apr1$LB0wVd6I$BHVPIyh.F5Ewt9/7PqAtS."];
|
||||
hsts.headers = {
|
||||
|
@ -44,6 +51,6 @@
|
|||
};
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [80 443 2222];
|
||||
allowedTCPPorts = [80 443 2222 8080];
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue