Set up firezone
This commit is contained in:
parent
8d8052c5cc
commit
09b62faa4a
GPG key ID:
7306B3D3C3AD6E51
6 changed files with 157 additions and 10 deletions
|
|
@ -4,6 +4,7 @@
|
|||
|
||||
# Set up cloud
|
||||
../modules/cloud/authentik
|
||||
../modules/cloud/firezone
|
||||
../modules/cloud/postgresql
|
||||
../modules/cloud/traefik
|
||||
../modules/cloud/bitwarden
|
||||
|
|
@ -151,12 +152,29 @@
|
|||
# Writefreely
|
||||
cloud.writefreely.enable = true;
|
||||
|
||||
# Authentik (running under docker-compose T_T)
|
||||
# Authentik
|
||||
sops.secrets.authentik-env = { };
|
||||
cloud.authentik.enable = true;
|
||||
cloud.authentik.envFile = config.sops.secrets.authentik-env.path;
|
||||
cloud.traefik.hosts.authentik = { host = "auth.dtth.ch"; port = config.cloud.authentik.port; };
|
||||
|
||||
# Firezone
|
||||
sops.secrets.firezone-env = { };
|
||||
cloud.firezone.enable = true;
|
||||
cloud.firezone.envFile = config.sops.secrets.firezone-env.path;
|
||||
cloud.traefik.hosts.firezone = {
|
||||
host = "vpn.dtth.ch";
|
||||
port = config.cloud.firezone.httpPort;
|
||||
localHost = "127.0.0.1";
|
||||
};
|
||||
cloud.traefik.hosts.firezone-vpn = {
|
||||
host = "vpn.dtth.ch";
|
||||
port = config.cloud.firezone.wireguardPort;
|
||||
entrypoints = [ "wireguard" ];
|
||||
protocol = "udp";
|
||||
};
|
||||
|
||||
|
||||
# Outline
|
||||
sops.secrets.minio-secret-key = { };
|
||||
sops.secrets.authentik-oidc-client-secret = { owner = "outline"; };
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ outline:
|
|||
heisenbridge: ENC[AES256_GCM,data:rJY7gpcOY8nODR3KlYW1rEs54mKxr+AjNBeg1/2vTG0Gzpuvjgbnn5UVJS+P8uej/P4HfeFtlQSFZCEy8cXcwvwq97ppVliCGL4GMLRWaFmop35feC8t2ovh79cy/vKC7drASeGvWYNUmGRjboPuKA8W5LARa0HVDPGDLIEMVgJfYry/YKR3gsGmLzU7Mx1yLO6M/EFOJQJc84bSuu+CPSZcyUVF4SSNBiaDU5/NazlqaA9KWL6Xzu1MD2LEYdEFkRfitNgYj2m2gLd9voyGV4cfaCqJvYjJPwuZeZUoqCpDnom2JoV29q/Yq/gmyumPgOvriGxLsYBqV14MaCcE6KXE2uLicD+I/5or1AxepVDVjG9NoSgho1HpLvpRhMSCeXLk9+U+ykH3QA+0M+VVu9pswMMVQifnTtXZRM6pWxOnRVAzGf2tGDo4jy36S7pHaRn7SJcrljjWLfwHuNiu7E2uZhMrkcCjnjcBA9Xrb3drDQYVHya7XcoD4wOBHBDvVZwhYkNdkS3oYkom8A==,iv:fO1onfon3EdSNC/LjN1aWxpHBYq5aa0F/h0V6gl88ac=,tag:NL9p2nhIlEqgOdvUDM19Dg==,type:str]
|
||||
matrix-discord-bridge: ENC[AES256_GCM,data:/rlSjD6inKfak7HKKghH5ays5RjKmb9czGsoIOYHyTZC4A5EMucCbfn8DL1gkYXgvRHJ+QglGX/BGo5ebaxSj6nF60+aW87UG31KggOt5kkMuWsPsjvrufoc5IlNfWnXIWmqf8cdC01hmHEp7biUpI8CcfEZiD9OkOxbZcRfYqW+ttnzplFniRBjGPVZfL5g4DBbuJen5MuOrrMDo5CT+78n,iv:r9VBbDCAAElisCaDehrB6PhJHsaaHjdrk3103lmBT7o=,tag:WoNMMfyMifsL56yWq3MUOg==,type:str]
|
||||
authentik-env: ENC[AES256_GCM,data:CjxTaqIcpBX7ea9L3tgJDELr8HBPJdxXsrOfhsiH4cXwCEzktsNKHjF7l95ZFgI5O08q4Vlbln5Dg4xPEx33nwUesEbQrT5d+n+2YaAxmm/WInrYzF+jB7HYTXASb3rY9PWgd2C3v+YPBkJetHlTUc/k19Q7lOQRNw==,iv:cG8Bi2eCsS+v94tSJBsqp+bjVLzXZvvwX1QVVSYExL8=,tag:VmbfcxCcfi3IpKjg3f8QPw==,type:str]
|
||||
firezone-env: ENC[AES256_GCM,data:D83cSNjwtoZ8wVXTHoqclHGFfydhwKyna7q1LMhHGS2nieF2Yg9vWDSDqrlKy7NklKNqgQ9rzZwdAmnSrFDiO7y4Le1N5vsLcPrL7JmIjS6yyh5tpMw4jjZkwEvwtSx+9hI6ec5beE9vOGceO0hCmN8zr0Tt6Wr8gUGrvMACF8mkFSatbowZi4RGvCEOjnPue66LQXGbVcAZX8jP7/UuIiqujiVsOI0xa1VwbpeAtQ9Pu+9JuMycpR7OcnXv2ImRZYGYYL1Fd/peXYIrwZiASYb4Yx3TsC88I4br+dVATicsP/k0O8FZCRL53CIogt44thAy8a/Gba1k9By92agLUlnJ0EUBB17JoQ/Ad8MQuR/F4s39ANAqztMig9oRfQBuNXb0HrBHBAGfgXLCzTw3wK/jiGwpQF5EMapT7jsZJFEFRIQLgI/uXaiuDtqd1evUljmtRwF35+8iqx1Jid+fM/kJ+aqx2B244L/8kEeRxqewY2eL0K7Tr+2LP0YQVsNFmvN6eY7DiA4m4jYBDlzUsBSRBIfj8oEvQML/STmmf4YqB8bPVQEEtKFwdRooDPqdozTGpaZlkEjAemUvI+xxe/8ZDq44uPswN154389gDRWO3fGPKmeRHx9HkMH8/6kMHiUnYnooqGnQ3SQdp+4v,iv:N0XBePOw2DYzN/GSBlza+sa3KwAZOrjavB++zrmqMAg=,tag:z0BA512TIgIxtQ4z40Zatg==,type:str]
|
||||
sops:
|
||||
kms: []
|
||||
gcp_kms: []
|
||||
|
|
@ -47,8 +48,8 @@ sops:
|
|||
by9kZFlTRVdCZFkxYTVVb0RIRk8zUlkKCqMw9oL9RaYBV5Hhy3o8Nm5xmGrPH8Sd
|
||||
hv36sxRFFNZT/DCKaHaSRbT3mfpBZSTXJt1dgl4nZe6whH54t/1KmA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2023-04-26T19:50:09Z"
|
||||
mac: ENC[AES256_GCM,data:QSS+gJoTtSwaB/seeo4QHEjdmzQ+qdYwmDtKWKV44KZnudHQuNYTlklKBC7gzLncOIaoPgQ04ZSlL/J4RSI4gLLrNuf+DkxX8OSIOv44U8ynBP/yWObgCPz8XjS38Jl9ovhLAPXYb6GK3DGl4q01ghXSpvfVsjCpz8W7SAVkVSA=,iv:Po0fPtu+gznmPalCm77RG3WloTKtRIEHLAec5lTYvaE=,tag:ulfUHDy1UAmj6d/R4kO42A==,type:str]
|
||||
lastmodified: "2023-04-26T22:43:56Z"
|
||||
mac: ENC[AES256_GCM,data:dWWck84crzDOwD8SlMjWarWn1ObcV4m7HJiS3+rpKdvjl4jYS5Nq5CXHwIY3YCsq63nelqLEjo8koas1wlEq4JsSYNpM1jVX5tjQia8wPjue6F5RNJdamfuQcctNEfqS4Wxo9HaxgpWrdRzpvTHzWfUjVn1UGGTnGArx8YeMQQ8=,iv:7CVQ01GQOPoqSkTi/o8XksOctGMpUJN06SxJy/nk88U=,tag:xDQoA8gQVt1mUFIj0k1aig==,type:str]
|
||||
pgp: []
|
||||
unencrypted_suffix: _unencrypted
|
||||
version: 3.7.3
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue