nki/nix-home
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity

Set up firezone

Browse source
This commit is contained in:
Natsu Kagami 2023-04-27 02:32:10 +02:00
parent 8d8052c5cc
commit 09b62faa4a
Signed by: nki
GPG key ID: 7306B3D3C3AD6E51
6 changed files with 157 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

20
nki-personal-do/configuration.nix
View file

@ -4,6 +4,7 @@
# Set up cloud
../modules/cloud/authentik
../modules/cloud/firezone
../modules/cloud/postgresql
../modules/cloud/traefik
../modules/cloud/bitwarden
@ -151,12 +152,29 @@
# Writefreely
cloud.writefreely.enable = true;
# Authentik (running under docker-compose T_T)
# Authentik
sops.secrets.authentik-env = { };
cloud.authentik.enable = true;
cloud.authentik.envFile = config.sops.secrets.authentik-env.path;
cloud.traefik.hosts.authentik = { host = "auth.dtth.ch"; port = config.cloud.authentik.port; };
# Firezone
sops.secrets.firezone-env = { };
cloud.firezone.enable = true;
cloud.firezone.envFile = config.sops.secrets.firezone-env.path;
cloud.traefik.hosts.firezone = {
host = "vpn.dtth.ch";
port = config.cloud.firezone.httpPort;
localHost = "127.0.0.1";
};
cloud.traefik.hosts.firezone-vpn = {
host = "vpn.dtth.ch";
port = config.cloud.firezone.wireguardPort;
entrypoints = [ "wireguard" ];
protocol = "udp";
};
# Outline
sops.secrets.minio-secret-key = { };
sops.secrets.authentik-oidc-client-secret = { owner = "outline"; };