diff --git a/Vanguard.nix b/Vanguard.nix index 8e7fd334..86f243dd 100644 --- a/Vanguard.nix +++ b/Vanguard.nix @@ -24,6 +24,7 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII1tJFdbiyJApuVZFvo9E9kjlBwvXZeySqVuS2qGdxha tux@monarch" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINI1dWlS16Keil0MGPWmMsBzx8F9ylfz+fRwxUr8/tZ/ ion" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGAcvAQ8W71Bn8pdMYst1hoVCmVJ+0h4HBlJzu1C6dwy xenia@Northstar" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDI44C35I2x9tqzeZDmIpbzmGJWXfATn/Wp5KzVRdlCi root@debian" ]; }; home-manager.users.root = import ./home/Vanguard/root.nix; @@ -40,7 +41,7 @@ # Requirements for Star Citizen boot.kernel.sysctl."vm.max_map_count" = 16777216; - environment.systemPackages = with pkgs; [mesa lutris wine-wayland winetricks]; + environment.systemPackages = with pkgs; [mesa lutris wine-wayland mono winetricks]; # Extra hardware configuration hardware.openrazer = { diff --git a/services/traefik/default.nix b/services/traefik/default.nix index 984e7164..e570cd3f 100644 --- a/services/traefik/default.nix +++ b/services/traefik/default.nix @@ -14,6 +14,7 @@ }; https = {address = ":443";}; ssh = {address = ":2222";}; + traefik-internal = {address = ":8080";}; }; certificatesResolvers = { default = { @@ -33,6 +34,12 @@ middlewares = ["auth"]; tls = {certResolver = "default";}; }; + routers.api-internal = { + rule = "ClientIP(`192.168.0.0/16`)"; + entryPoints = ["traefik-internal"]; + service = "api@internal"; + middlewares = ["auth"]; + }; middlewares = { auth.basicAuth.users = ["xenia:$apr1$LB0wVd6I$BHVPIyh.F5Ewt9/7PqAtS."]; hsts.headers = { @@ -44,6 +51,6 @@ }; networking.firewall = { enable = true; - allowedTCPPorts = [80 443 2222]; + allowedTCPPorts = [80 443 2222 8080]; }; }