forked from mirrors_public/oddlama_nix-config
feat: add firezone gateway and allow trafic
This commit is contained in:
oddlama
parent
3725789765
commit
c4891afe7d
10 changed files with 54 additions and 2 deletions
|
|
@ -7,6 +7,9 @@
|
|||
}:
|
||||
let
|
||||
firezoneDomain = "firezone.${globals.domains.me}";
|
||||
# FIXME: dont hardcode, filter global service domains by internal state
|
||||
# FIXME: new entry here? make new adguardhome entry too.
|
||||
# FIXME: new entry here? make new firezone gateway on ward entry too.
|
||||
homeDomains = [
|
||||
globals.services.grafana.domain
|
||||
globals.services.immich.domain
|
||||
|
|
@ -91,8 +94,6 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
# FIXME: dont hardcode, filter global service domains by internal state
|
||||
# FIXME: new entry here? make new adguardhome entry too.
|
||||
resources =
|
||||
lib.genAttrs homeDomains (domain: {
|
||||
type = "dns";
|
||||
|
|
@ -152,6 +153,8 @@ in
|
|||
openFirewall = true;
|
||||
};
|
||||
|
||||
systemd.services.firezone-relay.environment.HEALTH_CHECK_ADDR = "127.0.0.1:17999";
|
||||
|
||||
services.nginx = {
|
||||
upstreams.firezone = {
|
||||
servers."127.0.0.1:${toString config.services.firezone.server.web.port}" = { };
|
||||
|
|
|
|||
Binary file not shown.
Loading…
Add table
Add a link
Reference in a new issue