sokai/mynixos-config
1
1
Fork 0
forked from mirrors_public/oddlama_nix-config
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: finish migration to new globals system for wireguard

Browse source
This commit is contained in:
oddlama 2025-09-13 23:23:28 +02:00
parent b885d1062b
commit a1623fb97c
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
29 changed files with 204 additions and 214 deletions
Download patch file Download diff file Expand all files Collapse all files

16
hosts/sire/guests/paperless.nix
View file

@ -14,15 +14,15 @@ in
microvm.mem = 1024 * 9;
microvm.vcpu = 8;
wireguard.proxy-sentinel = {
client.via = "sentinel";
firewallRuleForNode.sentinel.allowedTCPPorts = [ config.services.paperless.port ];
};
globals.wireguard.proxy-sentinel.hosts.${config.node.name}.firewallRuleForNode.sentinel.allowedTCPPorts =
[
config.services.paperless.port
];
wireguard.proxy-home = {
client.via = "ward";
firewallRuleForNode.ward-web-proxy.allowedTCPPorts = [ config.services.paperless.port ];
};
globals.wireguard.proxy-home.hosts.${config.node.name}.firewallRuleForNode.ward-web-proxy.allowedTCPPorts =
[
config.services.paperless.port
];
globals.services.paperless.domain = paperlessDomain;
# FIXME: also monitor from internal network